flask 之 secure_filename
阿新 • • 發佈:2020-08-26
from flask import Flask, redirect, request, render_template, url_for, send_from_directory from werkzeug.utils import secure_filename import os app = Flask(__name__) '''配置檔案路徑, 防止惡意讀取你檔案的''' app.config['UPLOAD_FOLDER'] = 'C:/Users/Administrator/Desktop/flask/uploads/' ''' 設定上傳檔案大小 ''' app.config['MAX_CONTENT_LENGTH'] = 1024 * 1024 ''' 檔案上傳 三要素 - 表單提交是POST 的請求 - 表單 寫入引數 enctype='multipart/form-data' 當上傳內容非文字(MP3。MP4。。。)時候,如圖片。需要將表單的設定成enctype編碼格式 - 使用上傳屬性 file ''' ''' filename 獲得上傳檔名,secure_filename函式獲得安全檔名,防止客戶端偽造檔案 ''' @app.route('/upload_file') def index(): return render_template('upload_file.html') ''' 普通檔案上傳 ''' # @app.route('/upload_file', methods=['GET', 'POST']) # def upload_file(): # if request.method == 'POST': # f = request.files.get('myfile') # # f.save(secure_filename(f.filename)) # # return Response('檔案上傳成功') ''' 儲存安全路徑上傳 ''' # @app.route('/upload_file', methods=['GET', 'POST'])# def upload_file(): # if request.method == 'POST': # f = request.files.get('myfile') # # '''這個是檔名稱''' # filename = secure_filename(f.filename) # # '''將資料夾和檔名連線在一起''' # f.save(os.path.join(app.config['UPLOAD_FOLDER'] + filename)) # # # return Response('檔案上傳成功') ''' 展示你上傳的圖片。。 ''' @app.route('/upload_file', methods=['GET', 'POST']) def upload_file(): if request.method == 'POST': f = request.files.get('myfile') '''這個是檔名稱''' filename = secure_filename(f.filename) '''將資料夾和檔名連線在一起''' f.save(os.path.join(app.config['UPLOAD_FOLDER'] + filename)) return redirect(url_for('show_image', filename=filename)) @app.route('/show_image/<filename>') def show_image(filename): '''send_from_directory 這是 介面返回真實的檔案,就是幫你找到你的所需要的檔案''' return send_from_directory(app.config['UPLOAD_FOLDER'],filename) if __name__ == '__main__': app.run(debug=True)
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>UPLOAD FILE</title> </head> <body> <form action="" method="post" enctype="multipart/form-data"> <input type="file" name="myfile"> <button type="submit">上傳</button> </form> </body> </html>