Old web2py Blog

Some of the information here may be outdated, please check the book instead

[edit]

Example.

in models/db.py

db.define_table('image',SQLField('file','upload'),SQLField('filename'))

in controllers/db.py

def test():
    form=SQLFORM(db.image,fields=['file'])
    if request.vars.file!=None:
        form.vars.filename=strip_path_and_sanitize(request.vars.file.filename)
    if form.accepts(request.vars,session):
        response.flash='file uploaded'
    return dict(form=form)

def download():
    return response.stream(open(os.path.join(request.folder,'uploads',request.args[0]),'rb'))

you can link the file as

/app/controller/download/{{=image.file}}/{{=image.filename}}

You need your own strippathand_sanitize function

AlterEgo

old web2py blog

Useful Links