Permalink
Browse files

Add validations for filesize and content-type.

  • Loading branch information...
1 parent c863a2c commit 40abe1763b80abd179a635dd8f4cc2638358f486 @mcfiredrill committed Aug 1, 2011
Showing with 7 additions and 2 deletions.
  1. +2 −0 app/models/leaf.rb
  2. +2 −1 fortconfig.rb
  3. +2 −0 fortconfig_defaults.rb
  4. +1 −1 script/rails
View
2 app/models/leaf.rb
@@ -12,6 +12,8 @@ class Leaf < ActiveRecord::Base
:path => "/:style/:filename"
validate :validates_photo_or_post
+ validates_attachment_content_type :photo, :content_type => VALID_ATTACHMENT_TYPES
+ validates_attachment_size :photo, :less_than => MAX_UPLOAD_SIZE, :message => "File too big! :{"
def validates_photo_or_post
errors.add(:leaf, "must have text or a picture, why would you want to make a
View
3 fortconfig.rb
@@ -16,7 +16,8 @@
#LEAFS_PER_BRANCH = 10 #replies per thread shown
#limitations
-#MAX_UPLOAD_SIZE = 5000 #max upload size in KB for images
+#MAX_UPLOAD_SIZE = 5.megabytes #max upload size in KB for images
+#VALID_ATTACHMENT_TYPES = ['image/jpg', 'image/png', 'image/gif', 'image/pjpeg', 'image/tiff', 'image/x-png', 'image/bmp', 'image/svg-xml'] #valid image MIME types, all others will be rejected
#misc
#SMILEY_ASSIST = true #boolean, turns smiley assistant on or off
View
2 fortconfig_defaults.rb
@@ -2,3 +2,5 @@
eval "BRANCHES_PER_PAGE = 10" unless defined? BRANCHES_PER_PAGE
eval "SHOWTITLETXT=true" unless defined? SHOWTITLETXT
eval "SMILEY_ASSIST=true" unless defined? SMILEY_ASSIST
+eval "MAX_UPLOAD_SIZE = 5.megabytes" unless defined? MAX_UPLOAD_SIZE
+eval "VALID_ATTACHMENT_TYPES = ['image/jpg', 'image/png', 'image/gif', 'image/pjpeg', 'image/tiff', 'image/x-png', 'image/bmp', 'image/svg-xml']" unless defined? VALID_ATTACHMENT_TYPES
View
2 script/rails
@@ -1,4 +1,4 @@
-#!/usr/bin/env ruby18
+#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
APP_PATH = File.expand_path('../../config/application', __FILE__)

0 comments on commit 40abe17

Please sign in to comment.