I'm looking for a method to upload files and images that works across any of the admin screens. None of the built-in solutions are suitable for one reason for another.
For example, the SimpleImageField does not work on the AJAX pop-up forms. I am also having trouble replacing an image once updated, and there does not seem to be a way to remove an image once uploaded. However, it *does* honour the paths and other parameters passed into it, so as a developer I have full control over where images get uploaded.
The iframe version of the ImageField does work on AJAX pop-up forms, since it is essentially independent of that form (it's a form in itself). It does not seem to honour the upload folder settings, so everything gets dumped into assets/Uploads. It also has a browsing feature that I cannot see how to disable - I don't want users to be able to wonder all over the assets area attaching whatever they like.
So - is there something in between? An iframe-based image/file upload field, that allows files to be removed or replaced, but does not allow any kind of server-based browsing (and no back-door into this for users who play around with AJAX), and for which the upload folders are honoured so images are uploaded to a predetermined folder?
PS And I guess to top it all, if two users upload images with the same name, then the second one would get renamed. Images would only be replaced if updated in the context of the original master object they were attached to.
If there are any developers notes on how the iframe upload field works, then they would be immensely helpful. So far as I can tell, the image upload for the iframe happens outside the context of the master DataObject, hence it not picking up the destination upload path. I think ideally the upload should be directed at the current form handler, then the objects can be applied and security checked. AJAX always scares the hell out of me from a security aspect, since so much happens behind the scenes with no way to know just how "open" those update services are.