Re: [Erw-devel] fset (again) - usability recommendations/ feature requests

[erw-devel]

On Mon, 2005-04-11 at 00:25 -0400, address@hidden wrote:
> I'm further playing with ERW and fset seems to be the only 'flawed' component 
> as far
> as building a production system.
> 

I realise that some people need that, but what if a user uploads a file
named "fuck.html" and then a secretary downloads it and saves it without
looking carefully?

The point of not having original file names was exactly to avoid
situations of this kind.

The second problem is that we should filter filenames in a way that
guarantees that they will be usable in any operating system. If I put a
\ in a filename is not a problem in UN*X, but it is a problem in
Windoze. Since the access is through a web interface, we should be sure
to never serve a filename that is not saveable.

> The two things that are getting in the way:
> - Original filename is not stored. I looked through the two files you 
> recommended and came up 
>   with a hackish way to store a filename - it seems it would be better if the 
> system incorporated
>   that concept into the model from the beginning - i.e. somefset_thefile 
> would have one extra field
>   named 'sourcename' or 'name' or whatever (generated in the SQL), that gets 
> populated when a file gets uploaded.
> - Can't find anyway to display the filename in the 
> ["somefset_thefile"]["display"]["field"] area. Only showing mimetypes
>   and filesizes isn't enough!

The idea is that users should have an explicit "Title" or "Name" field
associated to each file that is used to name the file. The filename in
general is not very descriptive.

Displaying the filename needs a bit more hacking because ERW must know
that there is another virtual field.

I'll look into this in the next days. Stay tuned.
-- 
Ciao,

                                        seba