diff --git a/VERSION b/VERSION
index 2a8e5ef0..fbbe1d31 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 2.00.0 (2012-07-29 21:55:47) dev
+Version 2.00.0 (2012-07-30 16:25:32) dev
diff --git a/gluon/sqlhtml.py b/gluon/sqlhtml.py
index f77e35e5..1ecf43fd 100644
--- a/gluon/sqlhtml.py
+++ b/gluon/sqlhtml.py
@@ -1229,6 +1229,7 @@ class SQLFORM(FORM):
                 continue  # do not update if password was not changed
             elif field.type == 'upload':
                 f = self.vars[fieldname]
+                f = f or self.table[fieldname].default or f
                 fd = '%s__delete' % fieldname
                 if f == '' or f is None:
                     if self.vars.get(fd, False) or not self.record:
@@ -1240,9 +1241,8 @@ class SQLFORM(FORM):
                 elif hasattr(f, 'file'):
                     (source_file, original_filename) = (f.file, f.filename)
                 elif isinstance(f, (str, unicode)):
-                    ### do not know why this happens, it should not
-                    (source_file, original_filename) = \
-                        (cStringIO.StringIO(f), 'file.txt')
+                    # warning: possible IOError exception
+                    (source_file, original_filename) = (open(f, 'rb'), f)
                 newfilename = field.store(source_file, original_filename, 
                                           field.uploadfolder)
                 # this line is for backward compatibility only