MoinMoin-Restrict Upload File"s Length

Posted on Thu 11 March 2010 in 我用(IT)

1. 解决方法

# AttachFile.py line 572
        # restrict upload file length
        #add by LiYan @2010/03/11
        limit = 1024*1024*300
        file_size = bytes
        if file_size>=limit:
            # get attached file name
                attach_dir = getAttachDir(request, pagename)
                fpath = os.path.join(attach_dir, target).encode(config.charset)
                os.remove(fpath)
                return _(u"reach file limit(300M)! your file size= %d" % file_size)

2. 分析过程

  1. Find the hack place

    • Since the upload job is performed by an Action named AttachFile, this file locate on my drive: 

      • python的根目录(注)/MoinMoin/action/AttachFile.py

  2. 打开AttachFile.py, 定位上传的地方: 

    • def _do_upload(pagename, request):
  3. find the upload function: 
    • target, bytes = add_attachment(request, pagename, target, file_upload.stream, overwrite=overwrite)

      target是文件名
      bytes是文件大小
  4. 都在add_attachment了:
    • 是直接把文件流存到本地了
  5. 所以,解决方法就是如果文件超过指定大小了,就删掉
  6. OK

3. 调试

  1. 看看file_upload.stream里面能不能获得文件大小 
    • AttachFile.py 568
          return _(", ".join(dir(file_upload.stream)))
  2. file_upload.content_length 是0

注:

这么一篇纯技术的文字竟然被提示里面有敏感词,我很惊诧。拿出程序员的执着,我定位到了被博客巴士认为是敏感词的地方,竟然是python文件名的全路径名称,我无语了。

博客大巴这辆车如果继续创造性的这么指定交通规则,我会申请下车的。

EA moinmoin 敏感词