i'm building django app users upload csv file. each row in csv file added db (after validating data). file can discarded.
from django documentation, i'm using save file.
def handle_uploaded_file(f): open('some/file/name.txt', 'wb+') destination: chunk in f.chunks(): destination.write(chunk) there's lot of warnings on django site handling user uploaded files question is, should these files saved? guess doesn't matter, want sure.
at moment plan create variable called uploads_url in settings file. uploaded files stored in there.
indeed not matter put these files, if discard them after. important thing put them in place not accessible webserver. example if static files and/or app code stored in /var/www directory, not put uploaded files there.
there existing django settings called media_root , media_url used default place store uploaded files. media_root path files stored, media_url url path http client may use retrieve uploaded files (so in case not needed).
what need careful content of csv files. going store them in db , re-use them later, should validate content before storing it. example, if storing string later display on site, want make sure doesn't contain javascript...
Comments
Post a Comment