我正在使用 python 在 google app engine 上构建一个 webapp,我有以下代码允许用户上传图像,但是如果有人上传不是图像的东西,代码就会崩溃,因为我正在尝试创建图像 url在数据之外,它当然不接受任何不是图像文件的东西。基本上我想知道是否有一种简单的方法来防止上传非图像文件的文件。
class RecordPage(BlogHandler):
def get(self, keyid, title):
record = individual_record_cache(keyid)
upload_url = blobstore.create_upload_url('/upload/%s' % (keyid))
photos = []
for blobRef in record.blobRefs:
photos.append(images.get_serving_url(blobRef, size=None, crop=False, secure_url=None))
global visits
user = users.get_current_user()
logout = users.create_logout_url(self.request.uri)
self.render("recordpermalink.html", user=user, logout=logout, record=record, visits=visits, photos=photos, upload_url=upload_url, keyid=keyid)
class UploadHandler(blobstore_handlers.BlobstoreUploadHandler):
def post(self, record_id):
upload_files = self.get_uploads('file')
blob_info = upload_files[0]
blobRef = blob_info.key()
record = Record.get_by_id(int(record_id))
record.blobRefs.append(blobRef)
record.put()
individual_record_cache(record_id, True)
record_cache(True)
profile_record_cache(True)
self.redirect('/record/%s/%s' % (record_id, record.title))
最佳答案
如果您安装了上传处理程序,则无法阻止上传 blob,因为您的处理程序仅在 blob 已存在于 blob 存储区中后才会被调用。但是,您可以检查 blob 并将其删除。
上传 blob 后,您可以使用
ImageService检查它是否是图像:Image image = ImagesServiceFactory.makeImageFromBlob(blobKey); try { image.getFormat(); } catch (IllegalArgumentException e) { // wrong image data - blob uploaded was not an image -> delete it }
关于python - 如何防止上传非图片,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12549752/