I would store the code input in a CharField and then create a separate function that accesses the model and if the code does not contain any harmful methods it is then written to a file.
This takes care of creating the file (as a blank CharField will simply be outputted to an empty file) and allows for delegation to a security checker. Your setup would then look something like the following:
Model:
class MyModel(models.Model):
name = models.CharField(max_length=255)
code = models.CharField(MAX_FILE_LENGTH)
View:
def Submit_Code(request):
#Create MyModel using POST data
process_input_file(NEWLY_CREATED_MODEL_NAME)
return HttpResponse("Upload Successful")
def process_input_file(modelName):
#assuming unique name. Use "id=" instead if needed.
mm = MyModel.objects.get(name=modelName)
if passes_security_checks(mm.code):
f = open(mm.name, "r")
f.write(mm.code)
f.close()
Edit
New view:
def Submit_Code(request):
mm = MyModel()
mm.name = request.POST.get('name')
f = open(mm.name,"r")
f.write(request.POST.get('code')
f.close()
#then associate the newly created file with the FileField however you want
#passing through authentication/checking if need be.
return HttpResponse("Upload Successful")