Development environment: WinXP, ruby 1.8.5, rails 1.2.3
Hey guys,
I’m implementing a file upload feature to my application.
new.rhtml:
<% form_tag( { :action => ‘create’ }, :multipart => true ) do |f| %>
<%= render :partial => ‘form’, :object => f %>
<%= submit_tag “Create” %>
<% end %>
in _form partial:
Profile image
<%= file_column_field 'foobaar', "profile_image" %>
in my Foobar model:
file_column :profile_image, :magick => {
:versions => { “tiny” => “50x50”,
“thumb” => “200x150”, “medium” => “640x480>” }
}
validates_file_format_of :profile_image, :in => [“gif”, “png”, “jpg”]
validates_filesize_of :profile_image, :in =>
15.kilobytes…200.kilobytes
validates_image_size :profile_image, :min => “200x150”
in my controller:
def create
@foobar = Foobar.new(params[:foobar])
@foobar.user_id = current_user.id
if @foobar.save
flash[:notice] = ‘Profile was successfully created.’
redirect_to :action => ‘list’
else
render :action => ‘new’
end
end
Ok so here is the problem. Everything seems to be going well until I
discovered that File Column is uploading the image to a “tmp” folder
before verifying the
content. Is this correct?
I wanted to test any vulnerabilities this may have on the app and
decided to upload a 400Mb zip file. This pretty much killed my app and
cpu and memory usage just maxed out and stayed there. I had to stop and
shut down the browser to get functionality back.
Is this a known issue with File Column or am I doing something wrong
here? Thanks in advance for any input you may be able to give me.