From 6ed47f99573d2b5ef0ec827d213db0e0a3a2a526 Mon Sep 17 00:00:00 2001 From: Alek Ratzloff Date: Wed, 4 May 2022 21:14:00 -0700 Subject: [PATCH] Add max image upload size limit Signed-off-by: Alek Ratzloff --- board/models.py | 20 +++++++++++--------- board/static/board/style.css | 8 +++++--- board/templates/board/board_detail.html | 2 ++ board/templates/board/post_detail.html | 2 ++ board/views.py | 5 +++++ threadchat/settings.py | 2 ++ 6 files changed, 27 insertions(+), 12 deletions(-) diff --git a/board/models.py b/board/models.py index 8c18d93..db58cd5 100644 --- a/board/models.py +++ b/board/models.py @@ -3,6 +3,7 @@ from pathlib import Path from django.db import models from django.db.models import signals from django.conf import settings +from django.core.exceptions import ValidationError from django.core.files.base import ContentFile from django.dispatch import receiver from django.urls import reverse @@ -22,10 +23,7 @@ def image_upload(instance, filename): if ext not in (".jpg", ".png", ".gif"): raise Exception("File type invalid") - if instance.op: - return f"{instance.board.url}/{instance.op.id}/{now_sec}{ext}" - else: - return f"{instance.board.url}/{now_sec}{ext}" + return f"{instance.board.url}/{now_sec}{ext}" def thumbs_upload(instance, filename): @@ -33,10 +31,7 @@ def thumbs_upload(instance, filename): now = timezone.now() now_sec = now.strftime("%s.%f") ext = Path(filename).suffix.lower() - if instance.op: - return f"{instance.board.url}/{instance.op.id}/{now_sec}{ext}" - else: - return f"{instance.board.url}/{now_sec}t{ext}" + return f"{instance.board.url}/{now_sec}t{ext}" class Board(models.Model): @@ -91,7 +86,7 @@ class Post(models.Model): def save(self, *args, **kwargs): if self.image: - self.original_image_name = self.image.name + self.original_image_name = Path(self.image.name).parts[-1] self.__make_thumbnail() super(Post, self).save(*args, **kwargs) @@ -134,6 +129,13 @@ class Post(models.Model): + f"#p{self.id}" ) + def clean(self): + if self.image and self.image.size > settings.MAX_UPLOAD_SIZE: + raise ValidationError( + "Image supplied is too large. Maximum image size is %(max)s", + params={"max": settings.MAX_UPLOAD_SIZE}, + ) + @receiver(signals.post_save, sender=Post) def post_created(sender, instance, created, **kwargs): diff --git a/board/static/board/style.css b/board/static/board/style.css index 5e30e70..67477f5 100644 --- a/board/static/board/style.css +++ b/board/static/board/style.css @@ -14,6 +14,11 @@ hr { clear: both; } +/* Create thread/post form */ +.post_form_image_specs { + font-size: small; +} + /* Posts */ /*.post_body { }*/ .post_image_info { @@ -26,14 +31,11 @@ hr { padding-right: 5px; } -/* -Not sure if I like the in-line style or each post gets its own row style .post_content:after { content: ""; display: table; clear: both; } -*/ .post_id { cursor: pointer; diff --git a/board/templates/board/board_detail.html b/board/templates/board/board_detail.html index b2be430..bf56a8d 100644 --- a/board/templates/board/board_detail.html +++ b/board/templates/board/board_detail.html @@ -1,4 +1,5 @@ {% extends "board/base.html" %} +{% load post_body %} {% block title %} {% with title=board.url %} @@ -28,6 +29,7 @@ {% csrf_token %} {{ form.as_table }} +
 Max image size: {{ max_upload_size|measure_bytes }}
 
diff --git a/board/templates/board/post_detail.html b/board/templates/board/post_detail.html index 848bc16..93c4310 100644 --- a/board/templates/board/post_detail.html +++ b/board/templates/board/post_detail.html @@ -1,4 +1,5 @@ {% extends "board/base.html" %} +{% load post_body %} {% block title %} {% with title=board.url %} @@ -24,6 +25,7 @@ {% csrf_token %} {{ form.as_table }} +
 Max image size: {{ max_upload_size|measure_bytes }}
 
diff --git a/board/views.py b/board/views.py index 63c485f..e3c5243 100644 --- a/board/views.py +++ b/board/views.py @@ -1,3 +1,4 @@ +from django.conf import settings from django.http import Http404, HttpResponseRedirect from django.shortcuts import render, get_object_or_404 from django.views.generic import DetailView @@ -46,6 +47,7 @@ class BoardView(CreateView): end = start + PER_PAGE kwargs["threads"] = board.threads.order_by("-last_bump")[start:end] kwargs["page"] = page + kwargs["max_upload_size"] = settings.MAX_UPLOAD_SIZE return super(BoardView, self).get_context_data(**kwargs) @@ -73,11 +75,14 @@ class PostView(CreateView): kwargs["board"] = get_object_or_404(Board, url=board_url) post_id = self.kwargs["id"] kwargs["post"] = get_object_or_404(Post, id=post_id) + kwargs["max_upload_size"] = settings.MAX_UPLOAD_SIZE + return super(PostView, self).get_context_data(**kwargs) def form_valid(self, form): board_url = self.kwargs["url"] board = get_object_or_404(Board, url=board_url) + post_id = self.kwargs["id"] post = get_object_or_404(Post, id=post_id) diff --git a/threadchat/settings.py b/threadchat/settings.py index feb5dee..70417ef 100644 --- a/threadchat/settings.py +++ b/threadchat/settings.py @@ -132,3 +132,5 @@ MEDIA_ROOT = "media/" MEDIA_URL = "media/" THUMB_SIZE = (200, 200) + +MAX_UPLOAD_SIZE = 25 * 1024**2