Solved

Making restriction of "file size" and "file format" when upload file?

Posted on 2006-07-05
23
1,272 Views
Last Modified: 2013-12-24
Hello,
I want put some restriction for user when he upload file to server, on "file size" and "file format", how can do it?
Thanks
0
Comment
Question by:MOSTAGHASSI
  • 10
  • 8
  • 5
23 Comments
 
LVL 13

Expert Comment

by:usachrisk1983
ID: 17045145
You can use the "ACCEPT=" attribute of CFFILE to specify the mime types.

The size of the file can only be controlled globally (not on a per form basis), and is in the CFADMIN under setting: "Maximum size of post data (MB)".  Keep in mind that this controls the form post, and not just the file, so if you have 20 fields at 10byte each (200 bytes) and a 1mb attachment, and you set the max to 10mb, it may fail.
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17046304
As for the file size, you will need to check "cffile.FileSize" after the file is already uploaded (measured in bytes).  So for example, if you dont want anything over 1MB, you could handle this with a CFIF like below:

<cfif cffile.FileSize GT 1048576>
    ... error ...
</cfif>

Personally, I like to use a series of <cfif ... > <cfthrow> </cfif> blocks in conjunction with a larger scale CFTRY / CFCATCH model to handle any other problems that may arise.  Dont forget to delete the file back off the server (if it exists) before displaying your error messages.
0
 
LVL 13

Expert Comment

by:usachrisk1983
ID: 17046335
Keep in mind that by the time CFFILE has gotten a hold of the FileSize, it's because the file has already been uploaded to your server.  The word "upload" is misleading, since all CF is doing is moving it from a temporary place on your server to the place that you want it "uploaded" to.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:MOSTAGHASSI
ID: 17050512
I have tested accept like this code but i could upload a text file,

<cfinput type="file" name="uploadFile" label="License File: " required="no" accept="image/jpg">

what is the problem?
0
 
LVL 13

Expert Comment

by:usachrisk1983
ID: 17050798
You are using the ACCEPT attribute for CFINPUT, which I don't think exists, this is a CFFILE attribute.
0
 

Author Comment

by:MOSTAGHASSI
ID: 17052965
please let me know that where must i put this ACCEPT attribute ?
0
 
LVL 13

Expert Comment

by:usachrisk1983
ID: 17053010
It should be in the CFFILE tag that you're using to UPLOAD.
0
 

Author Comment

by:MOSTAGHASSI
ID: 17053046
the code of cffile is:

 <cfif form.uploadFile neq ''>
 <cffile action="upload" filefield="form.uploadFile" destination="#variables.uploadFolder#" nameconflict="makeunique">
</cfif>

do i must like this accept="image/jpg"   ?
0
 
LVL 13

Expert Comment

by:usachrisk1983
ID: 17053058
That's it :)
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17053141
MOSTAGHASSI,

You should be writing up your cfinput to use a regular expression to limit file types to jpg/jpeg file types.  Like so ...

<cfinput type="file" name="uploadFile" label="License File: " required="no" message="File must be a JPG" pattern="(\w|\W)+\.(jpg|jpeg)" validate="regular_expression">

Then on your CFFILE, for JPGs to work with all browsers, set you accept like so:

ACCEPT="image/jpg, image/jpeg, image/pjpeg"

As a personal preference I always like to handle things like this on both the front, and back end.  Its good to have the CFINPUT create your javascript so to let the user know of the JPG requirement before the page is passed.  However, as all developers know, not everybody has javascript enabled, so this is where you want your CFFILE's ACCEPT to catch anything that got through.
0
 

Author Comment

by:MOSTAGHASSI
ID: 17056601
js_vaughan, thanks
Your code works good please let me know regarding file size,my mean is this that you complete your code  what must be error part? if i want  10 kb  it must be 10240 for byte?
0
 
LVL 10

Accepted Solution

by:
js_vaughan earned 500 total points
ID: 17056751
How you handle the size is really dependent on how you handle errors.  Here is a simple example just using CFIF's:

<cfset CurrentFile = "#cffile.ServerDirectory#\#cffile.ServerFileName#.#cffile.ServerFileExt#">

<cfif cffile.FileSize GT 10240>
    <cffile action="delete" file="#CurrentFile#">
    <cfabort showerror="File too large. Photos cannot be greater than 10 kb.">
</cfif>

<cfif cffile.ClientFileExt NEQ "gif" AND cffile.ClientFileExt NEQ "jpg" AND cffile.ClientFileExt NEQ "jpeg">
    <cffile action="delete" file="#CurrentFile#">
    <cfabort showerror="File is wrong type. You can only upload GIF and JPG file types.">
</cfif>

<cfif NOT FileExists(CurrentFile)>
    <cfabort showerror="Unknown Error Occured.">
</cfif>

If you are comfortable using CFTRY with CFTHROW and CFCATCH blocks, there's nothing you can't handle.


Here are some links you might find helpful:

Uploading Files
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/managef4.htm

CFFILE
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/tags-p27.htm

CFTRY / CFCATCH / CFTHROW
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/tags-c18.htm
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17056761
0
 

Author Comment

by:MOSTAGHASSI
ID: 17058592
I added this part of your code for size handling to my actionpage(this page email my form to my address and send thank you message to user) ,it act but the error is standard error of coldfusion ,is it possible that in this case we send a message in a box for user?


 <cfset variables.uploadFolder = "c:\websites\myserver\tablighat">
 <cfif form.uploadFile neq ''>
 <cffile action="upload" filefield="form.uploadFile" destination="#variables.uploadFolder#" nameconflict="makeunique" ACCEPT="image/jpg, image/jpeg, image/pjpeg">
</cfif>
---your code----
   <cfset CurrentFile = "#cffile.ServerDirectory#\#cffile.ServerFileName#.#cffile.ServerFileExt#">
<cfif cffile.FileSize GT 10240>
    <cffile action="delete" file="#CurrentFile#">
    <cfabort showerror="File too large. Photos cannot be greater than 10 kb.">
</cfif>
---your code----
 <cfmail from="someone@yoursite.com" to="info@myserver.com" subject="I love Experts Exchange">
   This is the file:
   Name:#familyname#
    <cfif form.uploadFile neq ''>
   <cfmailparam file="#ExpandPath(File.ServerFile)#">
   </cfif>
   
 </cfmail>

      thanks for your contact!
        
0
 

Author Comment

by:MOSTAGHASSI
ID: 17058660
another thing,when i added your code in state that don't fill an image i receive also this error while before when the box of image was empty i didn't get this error:
Element SERVERDIRECTORY is undefined in CFFILE.
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17061940
First, lets fix your SERVERDIRECTORY problem.  My code needs to be inside your origional <CFIF> block like so :

<cfif form.uploadFile neq ''>
    <cffile action="upload" filefield="form.uploadFile" destination="#variables.uploadFolder#" nameconflict="makeunique" ACCEPT="image/jpg, image/jpeg, image/pjpeg">
    <--- my code --->
    <cfset CurrentFile = "#cffile.ServerDirectory#\#cffile.ServerFileName#.#cffile.ServerFileExt#">
    <cfif cffile.FileSize GT 10240>
        <cffile action="delete" file="#CurrentFile#">
        <cfabort showerror="File too large. Photos cannot be greater than 10 kb.">
    </cfif>
    <--- END OF my code --->
</cfif>


As for how the error is displayed, this is all up to you.  What I personally do is this...
1) Replace <cfabort> with <cfset SESSION.message = "File too large. Photos cannot be greater than 10 kb.">
2) While still inside the <CFIF>, add a <CFINCLUDE> to go back to your origional upload page
3) On the origional page, add this where you want the error to display:  <cfif isDefined("SESSION.message")> ... your error message ... </cfif>
4) Make sure to destroy SESSION.message inside the <cfif> block

If you dont want to go through all that, you can always just replace the <cfabort> with a simple message and a text link to go back to the origional upload page.


Laslty, keep in mind that the ACCEPT attribute of the CFFILE tag will throw a standard coldfusion error message if the file is not the correct type.  The only way to handle this is using <CFTRY> / <CFCATCH>.  If you DO NOT want to go that route, then you will have to do this:

1) Remove the accept attribute from cffile
2) Use this : <cfif cffile.ClientFileExt NEQ "gif" AND cffile.ClientFileExt NEQ "jpg" AND cffile.ClientFileExt NEQ "jpeg">
3) Use the above <CFIF> exactly as you would with the file size, and just change your message to let them know that the file type was bad (instead of their file size)
0
 

Author Comment

by:MOSTAGHASSI
ID: 17065232
Hi js_vaughan
I realy thanks for your help ,now error has removed but regarding sending message for user instead of coldfusion error is it possible that you write the code for these steps:

As for how the error is displayed, this is all up to you.  What I personally do is this...
1) Replace <cfabort> with <cfset SESSION.message = "File too large. Photos cannot be greater than 10 kb.">
2) While still inside the <CFIF>, add a <CFINCLUDE> to go back to your origional upload page
3) On the origional page, add this where you want the error to display:  <cfif isDefined("SESSION.message")> ... your error message ... </cfif>
4) Make sure to destroy SESSION.message inside the <cfif> block

If you dont want to go through all that, you can always just replace the <cfabort> with a simple message and a text link to go back to the origional upload page.

e.g i don't know to destroy SESSION.message inside the <cfif> block and ...

I have increased point to 500
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17066631
This code assumes the file uploaded came from index.cfm.  So wherever you see index.cfm, just replace it with the proper page.

<cfif cffile.FileSize GT 10240>
    <cffile action="delete" file="#CurrentFile#">
    <cfset SESSION.message = "File too large. Photos cannot be greater than 10 kb.">
    <cflocation = "index.cfm">
</cfif>

On index.cfm, put this where you want your error message to be displayed ...

<cfif isDefined("SESSION.message")>
    Attention : <cfoutput>#SESSION.message#</cfoutput>
    <cfset temp = structDelete(SESSION,"message")>
</cfif>

Of course, use whatever HTML / CSS you want to use to make the error message stand out.
0
 

Author Comment

by:MOSTAGHASSI
ID: 17067765
I have put the codes as you have explained,my upload file comes from my form AdsForm1.cfm  ,instead of index i put this file, for these conditions i get error:

1-When i don't upload file,the error is :
Invalid CFML construct found on line 214 at column 17.

this refer to this line: <cflocation = "AdsForm1.cfm">

2-when i upload a file also get this error like above
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17068999
Sorry about that.  I don't know where my mind was on that one. =)

Here is the correct code:

<cflocation url="AdsForm1.cfm" addtoken="no">
0
 

Author Comment

by:MOSTAGHASSI
ID: 17070735
No problem,Now ,i don't have error and for normal condition is ok,but i don't have message if e.g file size is more than 10k i redirect to  AdsForm1.cfm but the message is not on the page.

The code that i have put on AdsForm1.cfm is:

 <cfif isDefined("SESSION.message")>
    Attention : <cfoutput>#SESSION.message#</cfoutput>
    <cfset temp = structDelete(SESSION,"message")>
</cfif>  
 
0
 

Author Comment

by:MOSTAGHASSI
ID: 17075422
Hi js_vaughan
 Thanks for your help,thanks also for usachrisk1983 .

If you had time ,please send a comment regarding my last comment.

Many Thanks -mostaghassi
0
 
LVL 10

Expert Comment

by:js_vaughan
ID: 17077976
mostaghassi,

You have probably just not set up your application.cfm to enable session management.

If you do not already have a file on your server called application.cfm, create one with this code:

<cfapplication name="yourApp"
               applicationTimeout="#CreateTimeSpan(2,0,0,0)#"
               sessionManagement="yes"
               sessionTimeout="#CreateTimeSpan(0,0,15,0)#">

If you already have an application.cfm, make sure to set sessionManagement to "yes" and set the sessionTimeout as shown above. (Days, Hours, Minutes, Seconds)


For more information on application.cfm : http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/appfram5.htm

For more information on CFAPPLICATION : http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/tags-pa3.htm#wp1097308
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
php.ini on ipage hosting 12 58
Problem to Eclipse 16 125
Webserver access problem 5 74
spamming  on Hosted svrs? 6 91
This is a guide to setting up a new WHM/cPanel Server to be used for web hosting accounts. It is intended for web hosting company administrators and dedicated server owners. For under $99 per month (considering normal rate of Big Data Cetnters like …
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

823 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question