uploadcolumn 0.3.0

data/.gitignore

@@ -0,0 +1,3 @@
+doc
+spec/public
+spec/db

data/CHANGELOG

@@ -0,0 +1,123 @@
+0.3
+
+Note: The 0.3 branch is a complete rewrite of everything, with a similar (but not identical) API, don't expect it to work drop-in.
+
+[TODO] You can now set a default image if the column is blank
+
+[TODO] Integrated mocking support, to make testing your UploadColumns easier.
+
+[NEW] Complete rewrite, maintaining most of the legacy API
+
+[NEW] Framework for custom manipulators, for clean and easy extension.
+
+[NEW] Manipulate images with ImageScience instead of RMagick if you want
+
+[NEW] Support for animated GIFs in the RMagick manipulator
+
+[NEW] Fully tested with RSpec
+
+[NEW] Following the law of Demeter better by adding _public_path, _thumb, _thumb_public_path etc... magic methods.
+
+[DEPRECATED] UploadedFile#url is deprecated in favour of UploadedFile#public_path and will be removed in the next major release
+
+[CHANGED] Store dir and temp dir procs now take two piped variables, the UploadedFile object and the ActiveRecord
+
+[CHANGED] the :root_path option is now called :root_dir
+
+[CHANGED] web_root must now be set with a leading slash if an absolute URL is desired and no trailing slash.
+
+[CHANGED] UploadedFile#filename_base is removed in favor of #basename
+
+[CHANGED] UploadedFile#filename_extension is removed in favor of #extension
+
+[CHANGED] UploadedFile#mime_type is removed in favor of #content_type
+
+[CHANGED] _store_dir and _tmp_dir callbacks now take the file object as an argument, which means that the methods always MUST take an argument, even if you don't need it.
+
+[CHANGED] The _after_assigns callback has changed name to _after_upload and take the UploadedFile as param.
+
+[REMOVED] Support for the exif columns, as in 0.2.X has been removed temporarily. It might be readded later.
+
+[REMOVED] The old_files option as in 0.2.X has been removed. All old files are now stored. This option will be reintroduced in later versions of 0.3.X
+
+[REMOVED] The :force_format option for image_columns as in 0.2.X has been removed and will be reintroduced later.
+
+[REMOVED] The remote_upload_form helper has been removed, for encouraging bad JS practice. It will not be readded. If you need remote uploads, uploading with Flash is much cooler, and can be done in an unobtrusive way. Check out Swiff.js for hints.
+
+[REMOVED] The 'image' helper has been removed, since its functionality is not really useful in any app (hopefully most apps) that uses named routes.
+
+============================
+
+0.2.1
+
+* Added :force_format option to image_column
+
+* Various Rails 1.2.1 compatibility fixes (mainly in test)
+
+* Added :permissions option to upload_column.
+
+* You can now assign normal Ruby File objects to upload and image columns
+
+* upload_form_tag and remote_upload_form_tag now accept a block, just like Rails' form_tag
+
+* You can now pass :none to image_column versions so nothing will be done to your image.
+
+* FIXED #8109 Parallell uploads no longer wipe each other out
+
+* WARNING: Compatibility with Rails < 1.2.1 dropped
+
+============================
+
+0.2
+
+* A freaking huge refactoring of the code, basically ALL of the methods for accessing paths have changed, except for path itself. This was overdue and I apologize if it breaks anything, but I felt that the gain in consistency was worth it. It now works like this:
+
+    path                --the current path of the file (including the filename)
+    relative_path       --the current path of the file relative to the root_path option
+    
+    dir                 --the directory where the file is currently stored
+    relative_dir        --like dir but relative to root_path
+    
+    store_dir           --The directory where files are permanently stored
+    relative_store_dir  --the same but relative to root_dir
+    
+    tmp_dir             --The directory where tempfiles are stored
+    relative_tmp_dir    --you can work this out yourself
+    
+As you can see, this is now actually consistent, with all the relative paths relative to the same directory (err... wow?) and a consistent naming convention.
+
+* In related news: you can now pass a Proc to the :store_dir and :tmp_dir options. The default options are now also procs, instead of being some kind of arcane super-exception like before. The procs will be passed to arguments, first the current model instance and the name of the upload column as the second.
+
+* The :accumulate option was removed from :old_files. I really liked it, but it doesn't make sense with th new Proc-based system (it would wipe out data without thinking, thus potentially getting rid of files you want to keep). Use :keep instead or implement some kind of versioning. The new default is :delete. So beware, if you need to keep those files, make sure to change it!
+
+* You can now specify individual versions that should be cropped in image_columns, simply add a 'c' before the string that specifies the size, so you can do:
+
+    image_column :picture, :versions => { :thumb => "100x100", :banner => "c400x200" }
+    
+Where thumb will be no larger than 100x100 (but might be smaller) and banner will be cropped to 400x200 exactly!
+
+* Furthermore you can pass a Proc instead of a string to an image_column version:
+
+    image_column :picture, :versions => { :thumb => "100x100", :solarized => proc{|img| img.solarize} }
+
+The Proc will be passed an RMagick object, just like process!
+
+* render_image now uses send_file if no block is given for faster performance.
+
+* FIXED #6955 store_dir callback called when the file is assigned
+
+* FIXED #7697 Editing with old-files :delete / :replace erases the original file
+
+* FIXED #7686 Problem uploading files with spaces in name
+
+============================
+
+1.1.2 (unreleased)
+
+* new :validates_integrity option replaces the old validates_integrity_of. The latter was more elegant, but posed a security risk, since files would be stored on the server in a remotely accessible location without having been validated. I tried to fix the bug, but couldn't make it work, so I opted for the less elegant, but safe solution instead.
+
+* readded the :file_exec option, it's now possible to set this manually again. I cut it originally, because I felt that it was unneccessary and that there were too many options already, I readded it mainly to make it possible to test the validation better.
+
+* assign, save, delete_temporary_files, delete, filename= and dir= are now all private, I see no reason why they should be public, and since they aren't really useful out of context I think it makes for a cleaner API to make them private, if you still need to use them, you can use .send(:save), etc.. instead.
+
+* Added magic columns, see the readme for detaills.

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2006 Sebastian Kanthak, Jonas Nicklas 
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,206 @@
+= UploadColumn Gem
+
+UploadColumn is a gem for the Ruby on Rails framework that enables easy
+uploading of files, especially images. Most other versions of this code are
+packaged for use as a Rails plugin, but this fork of the
+original code (see  http://github.com/jnicklas/uploadcolumn) is designed to be used
+as a gem.  Other than that, it's just the same code you've been using to
+upload your files for many, many years.
+
+== Installation
+
+First, install the gem:
+
+ sudo gem install uploadcolumn
+
+Next, require it in your Rails application:
+
+ config.gem 'uploadcolumn', :lib => 'upload_column'
+
+== Usage
+
+Suppose you have a list of users, and you would like to associate a picture to each of them. You could upload the image to a database, or you could use upload_column for simple storage to the file system.
+
+Assuming you have a User model with a column called 'picture' that is of type String, you could simply add the upload_column instruction to your User model:
+
+    class User < ActiveRecord::Base
+      upload_column :picture
+    end
+
+That's it! You can start uploading files. Of course, +upload_column+ has a lot of different options you can use to customize your uploads.
+
+Uploading files is no fun without a user interface, so get going and make one:
+
+add an upload_column_field to your form, maybe like this:
+
+    <p><label for="user_picture">Picture</label><br/>
+    <%= upload_column_field 'user', 'picture'  %></p>
+
+You should use upload_column_field instead of Rails' file_field, since it will work even when the form is redisplayed, like when a validation fails. Unfortunately file_field doesn't work in that case.
+
+Now that's excellent, but most likely it will fail, because instead of sending the file, it just sends a string. No worries though, if we just set the form's encoding to multipart it will all work out, UploadColumn even comes with some nice helpers to avoid that nasty multipart syntax. This could look something like this:
+
+    <%= upload_form_tag( :action => 'create' ) %>
+
+And that's it! Your uploads are up and running (hopefully) and you should now be able to add pictures to your users. The madness doesn't stop there of course!
+
+== Storage Path
+
+You won't always want to store the pictures in the directory that upload_column selects for you, but that's not a problem, because changing that directory is trivial. You can pass a <tt>:store_dir</tt> key to the upload_column declaration, this will override the default mechanism and always use that directory as the basis.
+
+    upload_column :picture, :store_dir => "pictures"
+
+might be sensible in our case. Note that this way, all files will be stored in the same directory.
+
+If you need more refined control over the storage path (maybe you need to store it by the id of an association?) then you can use a proc instead. Our proc might look like this:
+
+    upload_column :picture, :store_dir => proc{|record, file| "images/#{record.category.name}/#{record.id}/#{file.extension}"}
+
+The proc will be passed two parameters, the first is the current instance of your model class, the second is the name of the attribute that is being uploaded to (in our case +attr+ would be <tt>:picture</tt>).
+
+You can change the <tt>:tmp_dir</tt> in the same way.
+
+== Filename
+
+By default, UploadColumn will keep the name of the original file, however this might be inconvenient in some cases. You can pass a :filename directive to your upload_column declaration:
+
+    upload_column :picture, :filename => "donkey.png"
+
+In which case all files will be named +donkey.png+. This is not desirable if the file in question is a jpeg file of course. Usually it is more sensible to pass a Proc to :filename.
+
+    upload_column :picture, :filename => proc{|record, file| "avatar#{record.id}.#{file.extension}"}
+
+The Proc will be passed two parameters, the current instance, and the file itself.
+
+== Manipulators
+
+UploadColumn allows you to use manipulators on your file, that in some way transform your file, or perform any kind
+of operations on it. There are currently two manipulators bundled, the RMagick manipulator and the ImageScience
+manipulator, but writing your own is very easy. There are further instructions on the website.
+
+== Manipulating Images with RMagick
+
+Say you would want (for whatever reason) to have a funky solarize effect on your users' images. Manipulating images with upload_column can be done either at runtime or after the image is saved, let's look at some possibilities:
+
+    class User < ActiveRecord::Base
+      upload_column :picture, :manipulator => UploadColumn::Manipulators::RMagick
+
+      def picture_after_assign
+
+        picture.process! do |img|
+          img.solarize
+        end
+
+      end
+    end
+
+You can also use the :process instruction, which will automatically apply the manipulation when a new image is uploaded. If you wanted to resize your image to a maximum of 800 by 600 pixels for example, you could do:
+
+    class User < ActiveRecord::Base
+      upload_column :picture, :process => '800x600', :manipulator => UploadColumn::Manipulators::RMagick
+    end
+
+the previous example with solarize could be written shorter as:
+
+    class User < ActiveRecord::Base
+      upload_column :picture, :process => proc{|img| img.solarize }, :manipulator => UploadColumn::Manipulators::RMagick
+    end
+
+Or maybe we want different versions of our image, then we could simply specify:
+
+    class User < ActiveRecord::Base
+      upload_column :picture, :versions => [ :solarized, :sepiatoned ], :manipulator => UploadColumn::Manipulators::RMagick
+
+      def picture_after_assign
+        picture.solarized.process! do |img|
+          img.solarize
+        end
+        picture.sepiatoned.process! do |img|
+          img.sepiatone
+        end
+      end
+    end
+
+you can also use a Hash for versions and pass a dimension or a proc to it, so you can do:
+
+    class User < ActiveRecord::Base
+      upload_column :picture, :versions => { :thumb => "c100x100", :large => "200x300", :sepiatoned => proc{ |img| img.sepiatone } }, :manipulator => UploadColumn::Manipulators::RMagick
+    end
+
+Note the 'c' in front of the dimensions for the thumb image, this will crop the image to the exact dimensions. All of this is a bit wordy though, and it also doesn't take check, that the files really are images. Sepiatoning the latest GreenDay song somehow doesn't sound too good. For that reason UploadColumn comes with the image_column function:
+
+    class User < ActiveRecord::Base
+      image_column :picture, :versions => { :thumb => "c100x100", :large => "200x300", :sepiatoned => proc{ |img| img.sepiatone } }
+    end
+
+This also puts your images in public/images instead of public, which is neat!
+
+== Runtime rendering
+
+You can manipulate images at runtime (it's a huge performance hit though!). In your controller add an action and use UploadColumnRenderHelper.render_image.
+
+    def sepiatone
+      @user = User.find(parms[:id])
+      render_image @user.picture do |img|
+        img.sepiatone
+      end
+    end
+
+And that's it!
+
+In your view, you can use UploadColumnHelper.image to easily create an image tag for your action:
+
+    <%= image :action => "sepiatone", :id => 5 %>
+
+== Views
+
+If your uploaded file is an image you would most likely want to display it in your view, if it's another kind of file you'll want to link to it. Both of these are easy using UploadColumn::BaseUploadedFile.url.
+
+    <%= link_to "Guitar Tablature", @song.tab.url %>
+
+    <%= image_tag @user.picture.url %>
+
+== Magic Columns
+
+UploadColumn allows you to add 'magic' columns to your model, which will be automatically filled with the appropriate data. Just add the column, for example via migrations:
+
+    add_column :users, :picture_content_type
+
+And if our model looks like this:
+
+    class User < ActiveRecord::Base
+      upload_column :picture
+    end
+
+The column <tt>picture_content_type</tt> will now automatically be filled with the file's content-type (or at least with UploadColumn's best guess ;).
+
+You can use any method method on UploadColumn::UploadedFile that takes no argument, so you can use for example, size, url, store_dir and so on.
+
+You can also do <tt>picture_exif_date_time</tt> or <tt>picture_exif_model</tt>, etc. This works only, of course, if the uploaded file is a JPEG image, since that is the only filetype that has exif data. This requires the EXIFR library, which you can get by installing the gem via <tt>gem install exifr</tt>.
+
+== Validations
+
+UploadColumn comes with its own validation method, validates_integrity_of. This method will ensure that only files with an extension from a whitelist will be uploaded. This prevents a hacker from uploading executable files (such as .rb, .pl or .cgi for example) or it can be used to restrict what kind of file are allowed to be uploaded, for example only images. You can customize the whitelist with the :extensions parameter to upload column.
+
+If you want to only allow the upload of XHTML and XML files, so you can manipulate them with XSLT you could do:
+
+    upload_column :xml, :extensions => %w(xml html htm), :manipulator => MyXSLTProcessor
+
+	validate_integrity_of :xml
+
+You can also use some of Rails' validations with UploadColumn.
+
+validates_presence_of and validates_size_of have been verified to work.
+
+    validates_size_of :image, :maximum => 200000, :message => "is too big, must be smaller than 200kB!"
+
+Remember to change the error message, the default one sounds a bit stupid with UploadColumn.
+
+validates_uniqueness_of does NOT work, this is because validates_uniqueness_of will send(:your_upload_column) instead of asking for the instance variable, thus it will get an UploadedFile object, which it can't really compare to other values in the database, this is rather difficult to work around without messing with Rails internals (if you manage, please let me know!). Meanwhile you could do
+
+    validates_each :your_upload_column do |record, attr, value|
+      record.errors.add attr, 'already exists!' if YourModel.find( :first, :conditions => ["#{attr.to_s} = ?", value ] )
+    end
+
+It's not elegant I know, but it should work.
+

data/Rakefile

@@ -0,0 +1,90 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+require 'spec/rake/spectask'
+
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "uploadcolumn"
+    gemspec.summary = "Enables easy uploading of files, especially images."
+    gemspec.description = "UploadColumn is a gem/plugin for the Ruby on Rails framework that enables easy uploading of files, especially images."
+    gemspec.email = "dave.hrycyszyn@headlondon.com"
+    gemspec.homepage = "http://github.com/futurechimp/uploadcolumn"
+    gemspec.authors = ["Dave Hrycyszyn", "Jonas Nicklas", "Sebastian Kanthak"]
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler not available. Install it with: gem install jeweler"
+end
+
+
+
+file_list = FileList['spec/*_spec.rb']
+
+namespace :spec do
+  desc "Run all examples with RCov"
+  Spec::Rake::SpecTask.new('rcov') do |t|
+    t.spec_files = file_list
+    t.rcov = true
+    t.rcov_dir = "doc/coverage"
+    t.rcov_opts = ['--exclude', 'spec']
+  end
+
+  desc "Generate an html report"
+  Spec::Rake::SpecTask.new('report') do |t|
+    t.spec_files = file_list
+    t.rcov = true
+    t.rcov_dir = "doc/coverage"
+    t.rcov_opts = ['--exclude', 'spec']
+    t.spec_opts = ["--format", "html:doc/reports/specs.html"]
+    t.fail_on_error = false
+  end
+
+  desc "heckle all"
+  task :heckle => [ 'spec:heckle:uploaded_file', 'spec:heckle:sanitized_file' ]
+
+  namespace :heckle do
+    desc "Heckle UploadedFile"
+    Spec::Rake::SpecTask.new('uploaded_file') do |t|
+      t.spec_files = [ File.join(File.dirname(__FILE__), *%w[spec uploaded_file_spec.rb]) ]
+      t.spec_opts = ["--heckle", "UploadColumn::UploadedFile"]
+    end
+
+    desc "Heckle SanitizedFile"
+    Spec::Rake::SpecTask.new('sanitized_file') do |t|
+      t.spec_files = [ File.join(File.dirname(__FILE__), *%w[spec uploaded_file_spec.rb]) ]
+      t.spec_opts = ["--heckle", "UploadColumn::SanitizedFile"]
+    end
+  end
+
+end
+
+
+desc 'Default: run unit tests.'
+task :default => 'spec:rcov'
+
+namespace "doc" do
+
+  desc 'Generate documentation for the UploadColumn plugin.'
+  Rake::RDocTask.new(:normal) do |rdoc|
+    rdoc.rdoc_dir = 'doc/rdoc'
+    rdoc.title    = 'UploadColumn'
+    rdoc.options << '--line-numbers' << '--inline-source'
+    rdoc.rdoc_files.include('README')
+    rdoc.rdoc_files.include('lib/**/*.rb')
+  end
+
+  desc 'Generate documentation for the UploadColumn plugin using the allison template.'
+  Rake::RDocTask.new(:allison) do |rdoc|
+    rdoc.rdoc_dir = 'doc/rdoc'
+    rdoc.title    = 'UploadColumn'
+    rdoc.options << '--line-numbers' << '--inline-source'
+    rdoc.rdoc_files.include('README')
+    rdoc.rdoc_files.include('lib/**/*.rb')
+    rdoc.main = "README" # page to start on
+    rdoc.template = "~/Projects/allison2/allison/allison.rb"
+  end
+end
+

data/VERSION

@@ -0,0 +1 @@
+0.3.0

data/init.rb

@@ -0,0 +1,15 @@
+# plugin init file for rails
+# this file will be picked up by rails automatically and
+# add the upload_column extensions to rails
+
+#require File.join(File.dirname(__FILE__), 'lib', 'upload_column')
+require File.join(File.dirname(__FILE__), 'lib', 'upload_column', 'rails', 'upload_column_helper')
+require File.join(File.dirname(__FILE__), 'lib', 'upload_column', 'rails', 'action_controller_extension')
+require File.join(File.dirname(__FILE__), 'lib', 'upload_column', 'rails', 'asset_tag_extension')
+
+Mime::Type.register "image/png", :png
+Mime::Type.register "image/jpeg", :jpg
+Mime::Type.register "image/gif", :gif
+
+UploadColumn::Root = RAILS_ROOT
+

data/lib/upload_column/active_record_extension.rb

@@ -0,0 +1,154 @@
+require 'fileutils'
+require 'tempfile'
+    
+module UploadColumn
+  
+  Column = Struct.new(:name, :options)
+  
+  module ActiveRecordExtension
+  
+    def self.append_features(base) #:nodoc:
+      super
+      base.extend(ClassMethods)
+      base.after_save :save_uploaded_files
+    end
+  
+    private
+  
+    def save_uploaded_files
+      @files.each { |k, v| v.send(:save) if v and v.tempfile? } if @files
+    end
+  
+    def get_upload_column(name)
+      options = options_for_column(name) #TODO: Spec this!
+      @files ||= {}
+      return nil if @files[name].is_a?(UploadColumn::IntegrityError)
+      @files[name] ||= if self[name] then UploadColumn::UploadedFile.retrieve(self[name], self, name, options) else nil end
+    end
+  
+    def set_upload_column(name, file)
+      options = options_for_column(name)
+      @files ||= {}
+      if file.nil?
+        @files[name], self[name] = nil
+      else
+        begin
+          if uploaded_file = UploadColumn::UploadedFile.upload(file, self, name, options)
+            self[name] = uploaded_file.actual_filename
+            @files[name] = uploaded_file
+          end
+        rescue IntegrityError => e
+          @files[name] = e
+        end
+      end
+    end
+  
+    def get_upload_column_temp(name)
+      @files[name].temp_value if @files and @files[name].respond_to?(:temp_value)
+    end
+  
+    def set_upload_column_temp(name, path)
+      options = options_for_column(name)
+      @files ||= {}
+      return if path.nil? or path.empty?
+      unless @files[name] and @files[name].new_file?
+        @files[name] = UploadColumn::UploadedFile.retrieve_temp(path, self, name, options)
+        self[name] = @files[name].actual_filename
+      end
+    end
+  
+    def options_for_column(name)
+      return self.class.reflect_on_upload_columns[name].options.reverse_merge(UploadColumn.configuration)
+    end
+  
+    # weave in the magic column methods
+    include UploadColumn::MagicColumns
+
+    module ClassMethods
+    
+      # handle the +attr+ attribute as an "upload-column" field, generating additional methods as explained
+      # in the README. You should pass the attribute's name as a symbol, like this:
+      #
+      #   upload_column :picture
+      #
+      # +upload_column+ can manipulate file with the following options:
+      # [+versions+] Creates different versions of the file, can be an Array or a Hash, in the latter case the values of the Hash will be passed to the manipulator
+      # [+manipulator+] Takes a module that must have a method called process! that takes a single argument. Use this in conjucntion with :versions and :process
+      # [+process+] This instrucion is passed to the manipulators process! method.
+      #
+      # you can customize file storage with the following:
+      # [+store_dir+] Determines where the file will be stored permanently, you can pass a String or a Proc that takes the current instance and the attribute name as parameters, see the +README+ for detaills.
+      # [+tmp_dir+] Determines where the file will be stored temporarily before it is stored to its final location, you can pass a String or a Proc that takes the current instance and the attribute name as parameters, see the +README+ for detaills.
+      # [+old_files+] Determines what happens when a file becomes outdated. It can be set to one of <tt>:keep</tt>, <tt>:delete</tt> and <tt>:replace</tt>. If set to <tt>:keep</tt> UploadColumn will always keep old files, and if set to :delete it will always delete them. If it's set to :replace, the file will be replaced when a new one is uploaded, but will be kept when the associated object is deleted. Default to :delete.
+      # [+permissions+] Specify the Unix permissions to be used with UploadColumn. Defaults to 0644. Remember that permissions are usually counted in octal and that in Ruby octal numbers start with a zero, so 0644 != 644.
+      # [+root_dir+] The root path where image will be stored, it will be prepended to store_dir and tmp_dir
+      # 
+      # it also accepts the following, less common options:
+      # [+web_root+] Prepended to all addresses returned by UploadColumn::UploadedFile.url
+      # [+extensions+] A white list of files that can be used together with validates_integrity_of to secure your uploads against malicious files.
+      # [+fix_file_extensions+] Try to fix the file's extension based on its mime-type, note that this does not give you any security, to make sure that no dangerous files are uploaded, use +validates_integrity_of+. This defaults to true.
+      # [+get_content_type_from_file_exec+] If this is set to true, UploadColumn::SanitizedFile will use a *nix exec to try to figure out the content type of the uploaded file.
+      def upload_column(name, options = {})
+        @upload_columns ||= {}
+        @upload_columns[name] = Column.new(name, options)
+      
+        define_method( name ) { get_upload_column(name) }
+        define_method( "#{name}=" ) { |file| set_upload_column(name, file) }
+        
+        define_submethod( name, "temp" ) { get_upload_column_temp(name) }      
+        define_submethod( name, "temp=" ) { |path| set_upload_column_temp(name, path) }
+
+        define_submethod( name, "public_path" ) { get_upload_column(name).public_path rescue nil }
+        define_submethod( name, "path" ) { get_upload_column(name).path rescue nil }
+      
+        if options[:versions]
+          options[:versions].each do |k, v|
+            define_submethod( name, k ) { get_upload_column(name).send(k) rescue nil }
+            define_submethod( name, k, "public_path" ) { get_upload_column(name).send(k).public_path rescue nil }
+            define_submethod( name, k, "path" ) { get_upload_column(name).send(k).path rescue nil }
+          end
+        end
+      end
+    
+      def image_column(name, options={})
+        upload_column(name, options.reverse_merge(UploadColumn.image_column_configuration))
+      end
+    
+      # Validates whether the images extension is in the array passed to :extensions.
+      # By default this is the UploadColumn.extensions array
+      # 
+      # Use this to prevent upload of files which could potentially damage your system,
+      # such as executables or script files (.rb, .php, etc...).
+      def validates_integrity_of(*attr_names)
+        configuration = { :message => "is not of a valid file type." }
+        configuration.update(attr_names.pop) if attr_names.last.is_a?(Hash)
+      
+        attr_names.each { |name| self.reflect_on_upload_columns[name].options[:validate_integrity] = true }
+      
+        validates_each(attr_names, configuration) do |record, attr, value|
+          value = record.instance_variable_get('@files')[attr]
+          record.errors.add(attr, value.message) if value.is_a?(IntegrityError)
+        end
+      end
+    
+      # returns a hash of all UploadColumns defined on the model and their options.
+      def reflect_on_upload_columns
+        @upload_columns || {}
+      end
+    
+      private
+      
+      def define_submethod(name, *subs, &b)
+        define_method([name, subs].join('_'), &b)
+      end
+    
+      # This is mostly for testing
+      def reset_upload_columns
+        @upload_columns = {}
+      end
+
+    end
+  
+  end
+
+end

data/lib/upload_column/configuration.rb

@@ -0,0 +1,49 @@
+module UploadColumn
+  
+  mattr_accessor :configuration, :image_column_configuration, :extensions, :image_extensions
+  
+  self.extensions = %w(asf ai avi doc dvi dwg eps gif gz jpg jpeg mov mp3 mpeg odf pac pdf png ppt psd swf swx tar tar.gz torrent txt wmv wav xls zip)
+  self.image_extensions = %w(jpg jpeg gif png)
+  
+  DEFAULT_CONFIGURATION = {
+    :tmp_dir => 'tmp',
+    :store_dir => proc{ |r, f| f.attribute.to_s },
+    :root_dir => File.join(RAILS_ROOT, 'public'),
+    :get_content_type_from_file_exec => true,
+    :fix_file_extensions => false,
+    :process => nil,
+    :permissions => 0644,
+    :extensions => self.extensions,
+    :web_root => '',
+    :manipulator => nil,
+    :versions => nil,
+    :validate_integrity => false
+  }
+  
+  self.configuration = UploadColumn::DEFAULT_CONFIGURATION.clone
+  self.image_column_configuration = {
+    :manipulator => UploadColumn::Manipulators::RMagick,
+    :root_dir => File.join(RAILS_ROOT, 'public', 'images'),
+    :web_root => '/images',
+    :extensions => self.image_extensions
+  }.freeze
+  
+  def self.configure
+    yield ConfigurationProxy.new
+  end
+  
+  def self.reset_configuration
+    self.configuration = UploadColumn::DEFAULT_CONFIGURATION.clone
+  end
+  
+  class ConfigurationProxy  
+    def method_missing(method, value)
+      if name = (method.to_s.match(/^(.*?)=$/) || [])[1]
+        UploadColumn.configuration[name.to_sym] = value
+      else
+        super
+      end
+    end
+  end
+  
+end