Django2.0手册:文件上传

Django处理文件上传时, 文件最终会位于:attr:request.FILES <django.http.HttpRequest.FILES> (想了解更多关于“request“ 对象的信息请阅读 request and response objects 1) 。本文档主要介绍文件是如何存储在硬盘和内存中的,以及如何定制默认行为。

Warning

如果接收不受信任的用户的上传会有安全隐患, 请阅读 :ref:`user-uploaded-content-security`获取详情.

简单文件上传¶

考虑使用一个简单的表单,表单中包含一个:class:`~django.forms.FileField`字段:

forms.py
from django import forms

class UploadFileForm(forms.Form):
    title = forms.CharField(max_length=50)
    file = forms.FileField()

处理这个表单的视图将通过:attr:request.FILES <django.http.HttpRequest.FILES>`获取到文件数据, attr:`request.FILES <django.http.HttpRequest.FILES>`是包含了表单中每个 :class:`~django.forms.FileField (还有 ImageField, 以及其他:class:~django.forms.FileField 的子类)键值的字典 。所以 `数据可以通过`request.FILES[‘file’]“获取到。

请注意只有在请求是通过 POST 提交且提交的 <form> 表单有 enctype="multipart/form-data" 属性的时候,request.FILES 才会包含文件数据,否则的话, request.FILES 是空的。

绝大多数的情况下,你只需要像 binding-uploaded-files`中所述将文件数据从“request` 传入给 表单,示例如下:

views.py
from django.http import HttpResponseRedirect
from django.shortcuts import render
from .forms import UploadFileForm

# Imaginary function to handle an uploaded file.
from somewhere import handle_uploaded_file

def upload_file(request):
    if request.method == 'POST':
        form = UploadFileForm(request.POST, request.FILES)
        if form.is_valid():
            handle_uploaded_file(request.FILES['file'])
            return HttpResponseRedirect('/success/url/')
    else:
        form = UploadFileForm()
    return render(request, 'upload.html', {'form': form})

注意我们必须将 request.FILES 传入到表单的
构造方法中,只有这样文件数据才能绑定到表单中。

我们通常可能像这样处理上传文件:

def handle_uploaded_file(f):
    with open('some/file/name.txt', 'wb+') as destination:
        for chunk in f.chunks():
            destination.write(chunk)

使用 UploadedFile.chunks() 而不是 read() 是为了确保即使是大文件又不会将我们系统的内存占满。

There are a few other methods and attributes available on UploadedFile
objects; see UploadedFile for a complete reference.

通过模型来处理上传的文件¶

If you’re saving a file on a Model with a
FileField, using a ModelForm
makes this process much easier. The file object will be saved to the location
specified by the upload_to argument of the
corresponding FileField when calling
form.save():

from django.http import HttpResponseRedirect
from django.shortcuts import render
from .forms import ModelFormWithFileField

def upload_file(request):
    if request.method == 'POST':
        form = ModelFormWithFileField(request.POST, request.FILES)
        if form.is_valid():
            # file is saved
            form.save()
            return HttpResponseRedirect('/success/url/')
    else:
        form = ModelFormWithFileField()
    return render(request, 'upload.html', {'form': form})

If you are constructing an object manually, you can simply assign the file
object from request.FILES to the file
field in the model:

from django.http import HttpResponseRedirect
from django.shortcuts import render
from .forms import UploadFileForm
from .models import ModelWithFileField

def upload_file(request):
    if request.method == 'POST':
        form = UploadFileForm(request.POST, request.FILES)
        if form.is_valid():
            instance = ModelWithFileField(file_field=request.FILES['file'])
            instance.save()
            return HttpResponseRedirect('/success/url/')
    else:
        form = UploadFileForm()
    return render(request, 'upload.html', {'form': form})

Uploading multiple files¶

If you want to upload multiple files using one form field, set the multiple
HTML attribute of field’s widget:

forms.py
from django import forms

class FileFieldForm(forms.Form):
    file_field = forms.FileField(widget=forms.ClearableFileInput(attrs={'multiple': True}))

Then override the post method of your
FormView subclass to handle multiple file
uploads:

views.py
from django.views.generic.edit import FormView
from .forms import FileFieldForm

class FileFieldView(FormView):
    form_class = FileFieldForm
    template_name = 'upload.html'  # Replace with your template.
    success_url = '...'  # Replace with your URL or reverse().

    def post(self, request, *args, **kwargs):
        form_class = self.get_form_class()
        form = self.get_form(form_class)
        files = request.FILES.getlist('file_field')
        if form.is_valid():
            for f in files:
                ...  # Do something with each file.
            return self.form_valid(form)
        else:
            return self.form_invalid(form)

Upload Handlers¶

When a user uploads a file, Django passes off the file data to an upload
handler
— a small class that handles file data as it gets uploaded. Upload
handlers are initially defined in the FILE_UPLOAD_HANDLERS setting,
which defaults to:

["django.core.files.uploadhandler.MemoryFileUploadHandler",
 "django.core.files.uploadhandler.TemporaryFileUploadHandler"]

Together MemoryFileUploadHandler and
TemporaryFileUploadHandler provide Django’s default file upload
behavior of reading small files into memory and large ones onto disk.

You can write custom handlers that customize how Django handles files. You
could, for example, use custom handlers to enforce user-level quotas, compress
data on the fly, render progress bars, and even send data to another storage
location directly without storing it locally. See Writing custom upload handlers
for details on how you can customize or completely replace upload behavior.

Where uploaded data is stored¶

Before you save uploaded files, the data needs to be stored somewhere.

By default, if an uploaded file is smaller than 2.5 megabytes, Django will hold
the entire contents of the upload in memory. This means that saving the file
involves only a read from memory and a write to disk and thus is very fast.

However, if an uploaded file is too large, Django will write the uploaded file
to a temporary file stored in your system’s temporary directory. On a Unix-like
platform this means you can expect Django to generate a file called something
like /tmp/tmpzfp6I6.upload. If an upload is large enough, you can watch this
file grow in size as Django streams the data onto disk.

These specifics — 2.5 megabytes; /tmp; etc. — are simply “reasonable
defaults” which can be customized as described in the next section.

Changing upload handler behavior¶

There are a few settings which control Django’s file upload behavior. See
File Upload Settings for details.

Modifying upload handlers on the fly¶

Sometimes particular views require different upload behavior. In these cases,
you can override upload handlers on a per-request basis by modifying
request.upload_handlers. By default, this list will contain the upload
handlers given by FILE_UPLOAD_HANDLERS, but you can modify the list
as you would any other list.

For instance, suppose you’ve written a ProgressBarUploadHandler that
provides feedback on upload progress to some sort of AJAX widget. You’d add this
handler to your upload handlers like this:

request.upload_handlers.insert(0, ProgressBarUploadHandler(request))

You’d probably want to use list.insert() in this case (instead of
append()) because a progress bar handler would need to run before any
other handlers. Remember, the upload handlers are processed in order.

If you want to replace the upload handlers completely, you can just assign a new
list:

request.upload_handlers = [ProgressBarUploadHandler(request)]

Note

You can only modify upload handlers before accessing
request.POST or request.FILES — it doesn’t make sense to
change upload handlers after upload handling has already
started. If you try to modify request.upload_handlers after
reading from request.POST or request.FILES Django will
throw an error.

Thus, you should always modify uploading handlers as early in your view as
possible.

Also, request.POST is accessed by
CsrfViewMiddleware which is enabled by
default. This means you will need to use
csrf_exempt() on your view to allow you
to change the upload handlers. You will then need to use
csrf_protect() on the function that
actually processes the request. Note that this means that the handlers may
start receiving the file upload before the CSRF checks have been done.
Example code:

from django.views.decorators.csrf import csrf_exempt, csrf_protect

@csrf_exempt
def upload_file_view(request):
    request.upload_handlers.insert(0, ProgressBarUploadHandler(request))
    return _upload_file_view(request)

@csrf_protect
def _upload_file_view(request):
    ... # Process request