How to save URL to a Django ImageField - python-3.x

I have Django model with Image field, but sometimes I don't need to actually upload file and store path to it, but I need to store only path. Especially url. I mean, I have web client, that receives both foreign urls like sun1-17.userapi.com and url of my own server, so sometimes I don't need to download but need to store url. Is it possible, to store url in ImageField, or I need to make CharField and save files via python? If its impossible, how do I save file in python3, having one, sent me via multipart?

The URL field in the ImageField is ReadOnly, so you cannot write it. You should probably use in addition a URLField (better than a CharField) to save the URLs.
You can allow null values on both and use only the appropriate one according to your scenario.

class FilePathField(path='', match=None, recursive=False, > allow_files=True, allow_folders=False, max_length=100, **options)
A CharField whose choices are limited to the filenames in a certain directory on the filesystem.
Has some special arguments, of which the first is required:
FilePathField.path
Required. The absolute filesystem path to a directory from which this FilePathField should get its choices. Example: "/home/images".
For more info visit the doc https://docs.djangoproject.com/en/3.0/ref/models/fields/#django.db.models.FilePathField

Related

How to make an express js temporary route/path for image?

I have created an API with express to submit a user form with an image with multer. Now I want to make the URL of the image temporary for a certain amount of time so that no user can see the image after that particular time and one URL is fixed for one user only but if he wants to see it again he has to request a new URL.
https://localhost:3000/api/image?=sometempURL1
for another user, the same image should have another unique URL like
https://localhost:3000/api/image?=sometempURL2orSomething
just don't want to reveal the actual file path/name
One way to do this is to use routes with parameters: /path/:id
The id would be the path to the file hashed using a hashing method.
You would have 2 locations for the files, one temporary and one permanently. When you get a file, you store it in both locations. You can save the location to the permanent one. For you temporary route, you can return to use the hashed path of the file in temporary location.
Now how is this temporary location? You can use Cronjob to schedule it's deletion.
So you provide to the user /path/to/file.jpg under this format: b017bcade5394d0076ad808e94482576 and the route would look like: /file/b017bcade5394d0076ad808e94482576 and you can get the file using this hashed value, but at some point (depending on the time you set on cronjob) the file will be deleted from the temporary location, so the link will become invalid

How can I add a comment to a LabVIEW file using Python 3

I am trying to create a unique id and attach it to a LabVIEW file so that later I can read back that id and know I am looking at exactly the same file. I must be able to generate the id and read it back programmatically. The information must be hidden from the user accessing the file and persist across operating systems and storage mediums.
I was thinking of just adding it into the file 'comment' section, but it appears the Windows no longer supports file comments.
Any ideas?
I would suggest using the Set Tag method on the VI (with persistence) and saving multiple copies of the VI using the Save Instrument method, where each copy would then have its own unique value of the tag. Note that the method is defined as a scripting method, so you would probably need to enable scripting in the LV options to access it.
I don't think there's any API for enumerating tags, so there would be no way to find the value unless you know what the tag is called. Obviously, it's encoded somewhere in the VI file itself, and presumably it would be possible to extract a list of tags if you know the structure of the file, but that's not knowledge I would expect most students to have.
I'm not sure if you can call the set tag method from Python using an external connection to VI server, but certainly the LV code for this should be pretty simple - basically a for loop with ID generation, a couple of method calls and saving a CSV file so you can keep track of which ID belongs to which student. If you use existing IDs, you don't even need to generate and save the IDs.

Why downloadable file name contain hash

Uploaded filename in Catalog-->Downloads section are like this:
Chrysanthemum.jpg.bafd8619f8e86bba3b8c90063b2910d2
in this example Chrysanthemum.jpg is filename and What's usage this: .bafd8619f8e86bba3b8c90063b2910d2 ?
Without knowing anything about Opencart I would say that it's an easy way to make sure that if you upload two images with the same name but different content they won't replace each other. If it's indeed a hash of the content thats appended then that would also ensure that if you upload the same image twice it will still only be stored once.

How to get the filename for an attachment if there already is another one with the same filename, instead of getting a random name?

In cases when two attachments with the same filename are attached to a Notes Document, the second file is renamed internally to something like ATTXXXX. Even if the first filename is deleted and document re-saved, the internal filename remains cryptic.
There doesn't seem to be any way to retrieve the original Filename through back-end functions. I have looked high and low in LS but also in the C++ API, and could find nothing. It seems to be a trick that can only be done in the front-end. I am not sure where the information in the file icon graphic is stored, and whether it is accessible. In simple cases it would be possible to do a rename, I suppose (i.e. there is a single attachment and a single file icon graphic).
Could anybody confirm that this is, indeed a limitation of Notes or is there a cool way to solve this?
This is causing me some headaches whilst processing a large number of documents. My customer has trouble believing that there are some things that can only be done in the front end.
You should be able to get the original filename, even with duplicates.
It is not when the file is attached that the name is changed, it is when you detatch it.
You are probably using the .Name property, try the .Source property of the EmbeddedObject, that should return the original filename.
From the help:
If the NotesEmbeddedObject is an embedded object or object link, this property returns the internal name that Notes uses to refer to the source document.
If the NotesEmbeddedObject is a file attachment, this property returns the file name of the original file.
Syntax
To get: source$ = notesEmbeddedObject.Source
It's in the CD records for the rich text -- you will see it if you use NotesPeek to examine the contents of the rich text item. But I don't think it's accessible through the NotesRichText navigator class, so I'm pretty sure you would have to go the C API and parse through the CD records. Or, the MIDAS Rich Text API can probably get it, but that's third party software. I.e., not free.

What security issues we acquire if we publish a form that lets you upload any type of file into our database?

I am trying to assess our security risk if we allow to have a form in our public website that lets the user upload any type of file and get it stored in the database.
I am worried about the following:
Robots uploading information
A huge increment of the size of the database
The form is an resume upload so HR people will be downloading those files in a jpeg or doc or pdf format but actually getting a virus.
You can use captchas for dealing with robots
Set a reasonable file size limit for each upload
You can do multiple checking for your file upload control.
1) Checking the extension of file (.wmv, .exe, .doc). This can be implemented by Regex expression.
2) Actually check the file header or definition type (ex: gif, word, image, etc, xls). Sometimes file extension is not sufficient.
3) Limit the file size. (Ex: 20mb)
4) Never accept the filename provided by the user. Always rename the file to some GUID according to your specifications. This way hacker wont be able to predict the actual name of the file which is stored on the server.
5) Store all the files out of web virtual directory. Preferably store in separate File Server.
6) Also implement the Captcha for File upload.
In general, if you really mean to allow any kind of file to be uploaded, I'd recommend:
A minimal type check using mime magic numbers that the extension of the file corresponds to the given one (though this doesn't solve much if you are not going to limit the kinds of files that can be uploaded).
Better yet, have an antivirus (free clamav for example) check the file after uploading.
On storage, I always prefer to use the filesystem for what it was created: storing files. I would not recommend storing files in the database (suposing a relational database). You can store the metadata of the file on the database and a pointer to the file on the file system.
Generate a unique id for the file and you can use a 2-level directory structure to store the data: E.g: Id=123456 => /path/to/store/12/34/123456.data
Said that, this can vary depending on what you want to store and how do you want to manage it. It's not the same to service a document repository, a image gallery or a simple "shared directory"

Resources