Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Image File Upload to ColdFusion Server

Posted on 2013-01-11
5
Medium Priority
?
453 Views
Last Modified: 2013-01-13
Hi,
I have a page that will upload images using something similar to this :

<cfif isDefined("fileUpload")>
  <cffile action="upload"
     fileField="fileUpload"
     destination="C:\docs">
     <p>Thankyou, your file has been uploaded.</p>
</cfif>
<form enctype="multipart/form-data" method="post">
<input type="file" name="fileUpload" /><br />
<input type=text name="marketComment">
<input type="submit" value="Upload File" />
</form>

Open in new window


I do have a few other associated fields that are validated in this process. In this example I used a required field "marketComment".

If I need to redisplay the page because of an error (say the text field contained invalid characters),  I can redisplay the contents of the text field, but I don't seem to be able to redisplay the "chosen file" to upload.  The form field (form.fileUpload) only contains the location of the uploaded file on the CF server.

Is there a way to do this?  Or is this a Web security issue?

Thanks,
hefterr
0
Comment
Question by:hefterr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 14

Expert Comment

by:RickEpnet
ID: 38768114
Validate you form before it is submitted. I would use cfform instead of just a plain form.

Here is an example of a validation cfform.

<cfform action="unitedit.cfm" method="post" name="editatm" preloader="no">
<cfinput type="text" name="Account" message="Account Number is Required" required="yes" style="width: 100px;"maxlength="50">
<cfinput type="text" name="UNIT_ID" message="Unit ID is Required" required="yes" style="width: 100px;" maxlength="50">  
</cfform>
0
 
LVL 1

Author Comment

by:hefterr
ID: 38769265
Hi RickEpnet,
I was still wondering about my original question.  My boss doesn't like the popup edit messages.  We format our own.

hefterr
0
 
LVL 14

Assisted Solution

by:RickEpnet
RickEpnet earned 400 total points
ID: 38769445
I know of no way of doing that sorry. You can still format your own with JavaScript.
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 1600 total points
ID: 38770997
Rick is right. It's not possible. Browser's aren't allowed to "automatically" populate file fields. It would be extremely scary if they could because it would mean any web site could programatically upload files off your computer without your knowledge. So in a plain html page, files can only be attached by the user. It can't be done via code. Not without a special control like flash, activeX, etc..

Obviously not ideal. You could use ajax to submit and process the form, thus avoiding the issue because it wouldn't require leaving the page.

If that's not an option, you could upload the file anyway and save the fileName and path in session variables. Then kick the user back to the form with an error message. But instead of displaying a "file" input, display a label with the name of the saved file. Once everything is validated, just grab the saved file info from the session variables. Just be sure to clear out the variables once the submission is successful.
0
 
LVL 1

Author Closing Comment

by:hefterr
ID: 38771929
Thanks for the alternative ideas.
0

Featured Post

Application Discovery Service in AWS

In the era of the cloud, customers migrating away from their existing on-premise infrastructure. This requires lots of planning, strategies, and effort to identify their existing resources and determine how best to migrate.  Datacenter migrations happen in four phases -

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PROBLEM:  How to open a cfwindow or run a function on double click of a cfgrid row. One of my clients wanted to be able to double click on a row item to get more detailed information about a transaction and to be able to modify the line items i…
This is an updated version of a post made on my blog over 3 years ago. It is unfortunately, still very relevant as we continue to see both SQLi (SQL injection) and XSS (cross site scripting) attacks hitting some of the most recognizable website and …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question