Solved

XHR Request with FormData is POSTing an empty array

Posted on 2013-12-30
5
1,053 Views
Last Modified: 2013-12-30
I am working on my own version of this.

Everything works, except the POSTed values are empty. var_dump on the PHP side shows an empty array. What's wrong?

function readfiles(files)
{
    console.log('Reading Files...');
    console.log(files);
    console.log("There are " + files.length + " elements to this array.");

    var formData = new FormData();
    formData.append('file', files[0]);
    console.log(formData);

    console.log("Posting XHR request...");
    // now post a new XHR request
    var xhr = new XMLHttpRequest();
    xhr.open('POST', '/devnull.php',false);

    console.log("sending data...");
    console.log(formData);
    xhr.send(formData);
}

$(document).ready(function(e) {
    $("#holder").on('dragenter',function(e) {
        e.preventDefault();         
        $(this).addClass('hover');
    });
    $("#holder").on('dragleave',function(e) {
        e.preventDefault();         
        $(this).removeClass('hover');
    });
    $("#holder").on('dragover',function(e) {
        e.preventDefault();         
        if(!($("#holder").hasClass('hover')))
            $("#holder").addClass('hover');
    });
    $("#holder").on('drop',function(e) {
        e.preventDefault();
        console.log(e.originalEvent.dataTransfer.files);
        $(this).removeClass('hover');
        readfiles(e.originalEvent.dataTransfer.files)           
        return false;
    });
});

Open in new window


Firebug tells me that there is an element in the array:

FileList { 0=File, length=1, item=item(), more...}

Open in new window


But after we append it to the FormData object, I get this:

FormData { append=append()}

Open in new window


And the final var_dump on the PHP side says this:

<pre>array(0) {
}
</pre>

Open in new window

0
Comment
Question by:DrDamnit
  • 3
  • 2
5 Comments
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
Comment Utility
Michael:  I can't give a detailed answer without some additional study, but I can give a theoretical answer.  As a matter of security it should not be possible for any script to prepopulate the value of inputs of type=FILE.  If that could be done, a JavaScript routine could "steal" client data without permission or notice to the client.

Have you tried a PHP var_dump($_FILES)?

If you want to post the rest of the script, I'll install a copy and see if I can get any more insight.
0
 
LVL 32

Author Closing Comment

by:DrDamnit
Comment Utility
I AM SUCH AN IDIOT.

I have been battling with this for 2 hours.

$_FILES was the answer.

You sir, have kept me from jumping out the window.
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
I am proud to share idiot-space with you, the best of colleagues!  Let's come in off the ledge and have a glass of, say, 2007 Stags Leap Merlot.

Thanks for the points, ~Ray
0
 
LVL 32

Author Comment

by:DrDamnit
Comment Utility
John:

To your prepopulation / security question: that was previously true; however, HTML5 has file system object (file reader). You can't go hog wild and maliciously search a user's hard drive, but with their interaction you can gail access to a jailed / sandboxed area.

Im my script above, I am volunteering a file, so the filereader can get it, pre-populate form data, and submit it. It's drag and drop.

it was working the whole time, but I was looking at $_POST instead of $_FILES because I have been coding for 12 hours straight, which turns your brains to mush.

There are number of security issues that have been taken into consideration in regards to the filesystem API in HTML5. As usual, OReilly has a book on it.

Highlights are here:
http://my.safaribooksonline.com/book/web-development/html/9781449311384/introduction/i_sect11_d1e378
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
The Merlot...
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Introduction Knockoutjs (Knockout) is a JavaScript framework (Model View ViewModel or MVVM framework).   The main ideology behind Knockout is to control from JavaScript how a page looks whilst creating an engaging user experience in the least …
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now