Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

XHR Request with FormData is POSTing an empty array

Posted on 2013-12-30
5
Medium Priority
?
1,507 Views
Last Modified: 2013-12-30
I am working on my own version of this.

Everything works, except the POSTed values are empty. var_dump on the PHP side shows an empty array. What's wrong?

function readfiles(files)
{
    console.log('Reading Files...');
    console.log(files);
    console.log("There are " + files.length + " elements to this array.");

    var formData = new FormData();
    formData.append('file', files[0]);
    console.log(formData);

    console.log("Posting XHR request...");
    // now post a new XHR request
    var xhr = new XMLHttpRequest();
    xhr.open('POST', '/devnull.php',false);

    console.log("sending data...");
    console.log(formData);
    xhr.send(formData);
}

$(document).ready(function(e) {
    $("#holder").on('dragenter',function(e) {
        e.preventDefault();         
        $(this).addClass('hover');
    });
    $("#holder").on('dragleave',function(e) {
        e.preventDefault();         
        $(this).removeClass('hover');
    });
    $("#holder").on('dragover',function(e) {
        e.preventDefault();         
        if(!($("#holder").hasClass('hover')))
            $("#holder").addClass('hover');
    });
    $("#holder").on('drop',function(e) {
        e.preventDefault();
        console.log(e.originalEvent.dataTransfer.files);
        $(this).removeClass('hover');
        readfiles(e.originalEvent.dataTransfer.files)           
        return false;
    });
});

Open in new window


Firebug tells me that there is an element in the array:

FileList { 0=File, length=1, item=item(), more...}

Open in new window


But after we append it to the FormData object, I get this:

FormData { append=append()}

Open in new window


And the final var_dump on the PHP side says this:

<pre>array(0) {
}
</pre>

Open in new window

0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 39747188
Michael:  I can't give a detailed answer without some additional study, but I can give a theoretical answer.  As a matter of security it should not be possible for any script to prepopulate the value of inputs of type=FILE.  If that could be done, a JavaScript routine could "steal" client data without permission or notice to the client.

Have you tried a PHP var_dump($_FILES)?

If you want to post the rest of the script, I'll install a copy and see if I can get any more insight.
0
 
LVL 32

Author Closing Comment

by:DrDamnit
ID: 39747198
I AM SUCH AN IDIOT.

I have been battling with this for 2 hours.

$_FILES was the answer.

You sir, have kept me from jumping out the window.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39747205
I am proud to share idiot-space with you, the best of colleagues!  Let's come in off the ledge and have a glass of, say, 2007 Stags Leap Merlot.

Thanks for the points, ~Ray
0
 
LVL 32

Author Comment

by:DrDamnit
ID: 39747210
John:

To your prepopulation / security question: that was previously true; however, HTML5 has file system object (file reader). You can't go hog wild and maliciously search a user's hard drive, but with their interaction you can gail access to a jailed / sandboxed area.

Im my script above, I am volunteering a file, so the filereader can get it, pre-populate form data, and submit it. It's drag and drop.

it was working the whole time, but I was looking at $_POST instead of $_FILES because I have been coding for 12 hours straight, which turns your brains to mush.

There are number of security issues that have been taken into consideration in regards to the filesystem API in HTML5. As usual, OReilly has a book on it.

Highlights are here:
http://my.safaribooksonline.com/book/web-development/html/9781449311384/introduction/i_sect11_d1e378
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39747252
The Merlot...
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question