mirror of
https://expo.survex.com/repositories/troggle/.git
synced 2024-11-25 16:51:54 +00:00
sanitize filenames
This commit is contained in:
parent
33a485d207
commit
70dd61b2ba
@ -44,6 +44,11 @@ except:
|
||||
pass
|
||||
|
||||
|
||||
def sanitize_name(name):
|
||||
"""Filenames sould not caontain these characters as then the system barf when it tries to use them in URLs
|
||||
"""
|
||||
return name.replace("#","-").replace("?","=").replace("&","+").replace(":","^")
|
||||
|
||||
def get_process_memory():
|
||||
usage = resource.getrusage(resource.RUSAGE_SELF)
|
||||
return usage[2] / 1024.0
|
||||
|
@ -12,7 +12,7 @@ from troggle.core.models.caves import GetCaveLookup
|
||||
from troggle.core.models.logbooks import LogbookEntry, writelogbook, PersonLogEntry
|
||||
from troggle.core.models.survex import DrawingFile
|
||||
from troggle.core.models.troggle import DataIssue, Expedition, PersonExpedition
|
||||
from troggle.core.utils import alphabet_suffix, current_expo
|
||||
from troggle.core.utils import alphabet_suffix, current_expo, sanitize_name
|
||||
from troggle.parsers.people import GetPersonExpeditionNameLookup, known_foreigner
|
||||
|
||||
# from databaseReset import reinit_db # don't do this. databaseRest runs code *at import time*
|
||||
@ -399,7 +399,7 @@ def logbookedit(request, year=None, slug=None):
|
||||
"textrows": rows,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
@login_required_if_public
|
||||
def expofilerename(request, filepath):
|
||||
"""Rename any single file in /expofiles/ - eventually.
|
||||
@ -434,7 +434,7 @@ def expofilerename(request, filepath):
|
||||
print(message)
|
||||
return render(request, "errors/generic.html", {"message": message})
|
||||
else:
|
||||
renameto = request.POST["renameto"]
|
||||
renameto = sanitize_name(request.POST["renameto"])
|
||||
|
||||
if (folder / renameto).is_file() or (folder / renameto).is_dir():
|
||||
rename_bad = renameto
|
||||
@ -521,7 +521,7 @@ def photoupload(request, folder=None):
|
||||
if "photographer" in request.POST:
|
||||
formd = TextForm(request.POST)
|
||||
if formd.is_valid():
|
||||
newphotographer = request.POST["photographer"]
|
||||
newphotographer = sanitize_name(request.POST["photographer"])
|
||||
try:
|
||||
(yearpath / newphotographer).mkdir(exist_ok=True)
|
||||
except:
|
||||
@ -537,7 +537,7 @@ def photoupload(request, folder=None):
|
||||
# NO CHECK that the files being uploaded are image files
|
||||
fs = FileSystemStorage(dirpath)
|
||||
|
||||
renameto = request.POST["renameto"]
|
||||
renameto = sanitize_name(request.POST["renameto"])
|
||||
|
||||
actual_saved = []
|
||||
if multiple:
|
||||
|
@ -14,6 +14,8 @@ from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import render
|
||||
|
||||
import settings
|
||||
from troggle.core.utils import current_expo, sanitize_name
|
||||
|
||||
from troggle.core.models.caves import Cave
|
||||
from troggle.core.models.logbooks import LogbookEntry # , PersonLogEntry
|
||||
from troggle.core.models.survex import SurvexBlock, SurvexFile, SurvexPersonRole
|
||||
|
Loading…
Reference in New Issue
Block a user