No.
On Thursday, March 29, 2012 5:54:59 PM UTC-7, Francisco Gama wrote: > > Let me put it this way: > Can I determine the hash of an uploaded file during the upload process > (when the form is submitted) and before it is actually stored on the > filesystem? > > I believe that all my questions collapse to that. > > Thank you. > > On Mar 30, 2012, at 1:43 AM, Derek wrote: > > From the documentation: http://web2py.com/books/default/chapter/29/7 > A SQLFORM object also deals automatically with "upload" fields by saving > uploaded files in the "uploads" folder (after having them renamed safely to > avoid conflicts and prevent directory traversal attacks) and stores their > names (their new names) into the appropriate field in the database. After > the form has been processed, the new filename is available in > form.vars.fieldname (i.e., it replaces the cgi.FieldStorage object in > request.vars.fieldname), so you can easily reference the new name right > after upload. > > On Thursday, March 29, 2012 5:20:52 PM UTC-7, Francisco Gama wrote: >> >> I need to create a form that submits files and at the same time, stores >> the user who did it, the name of the file, its hash, the time. Other things >> like his IP address, his web client would be interesting as well. >> >> I see two ways: >> 1) some sort of method tracing (a decorator maybe) that informs me what >> calls have been done to some controller >> 2) include in the uploading form, insertions to the database that also >> keep track of what has been done (the solution I'm trying) >> >> >> While I want to keep files metadata stored on the database, I want them >> to be stored on the file system. So how can I create a form that uploads >> the file and stores all this metadata on the database (including getting >> the filename, its hash,...)? >> >> >> >> >> On Mar 30, 2012, at 12:11 AM, Derek wrote: >> >> Are you getting any error messages? What do you mean by "this is not yet >> working". >> >> On Thursday, March 29, 2012 8:10:38 AM UTC-7, blackthorne wrote: >>> >>> Hello, >>> >>> I am working on a "secure" documentation system that should support file >>> uploads but also to give the ability to trace user actions like >>> download/upload of files. This should be integrated in the portal itself so >>> that the administrator doesn't need to parse web log files and trace users >>> and IP's. Example: >>> >>> user Malkovich submitted a file: report.docx with hash: 102310239123123 >>> at 2012.03.27 10:12:45 (GMT) >>> user BigFatCat downloaded the file: report.docx (id: 1201010121) >>> at 2012.03.27 12:11:05 (GMT) >>> ... >>> >>> So, I just said what I have and I want, so now let me tell have I done >>> about this: >>> >>> in the model: >>> >>> ... >>> db.define_table('attachment', >>> Field('name', requires=IS_NOT_EMPTY()), >>> Field('filename'), >>> Field('description'), >>> Field('doc_type', >>> requires=IS_IN_SET(['text','report','image','other']), default='other'), >>> Field('hash', 'string'), >>> Field('file','upload'), >>> format='%(name)s') >>> >>> db.define_table('logs', >>> Field('message','string', requires=IS_NOT_EMPTY()), >>> Field('full_description','text'), >>> Field('action', 'string', >>> requires=IS_IN_SET(['create','remove','download','upload', >>> 'edit','other']),default='download'), >>> Field('attachments', 'list:reference attachment', notnull=False), >>> Field('user', 'list:reference auth_user'), >>> Field('happened_on','datetime', default=datetime.datetime.now())) >>> ... >>> >>> in the controller: >>> >>> def hash(file): >>> return hashlib.md5(open(file).read()).hexdigest() >>> >>> @auth.requires_login() >>> def insert_file(): >>> form = SQLFORM(db.attachment, upload=URL('download'), >>> fields=['name', 'description', 'file']) >>> if request.vars.file!=None: >>> form.vars.filename = request.vars.file.filename # not sure about >>> this one... >>> form.vars.hash = hash(file) >>> if form.process().accepted: >>> db.logs.insert(message='file submitted', >>> full_description=forn.vars.hash, action='upload', attachments='', user= >>> auth.user.id, happened_on=request.now) >>> response.flash = 'form accepted' >>> elif form.errors: >>> response.flash = 'something went wrong, try harder' >>> record = db.attachment(request.args(0)) or redirect(URL('index')) >>> return dict(form=form) >>> ... >>> >>> This is not yet working but don't think I am on the right track? Tips? >>> >>> Thank you >>> >> >> >
