Solved

XHR Request with FormData is POSTing an empty array

Posted on 2013-12-30
5
1,210 Views
Last Modified: 2013-12-30
I am working on my own version of this.

Everything works, except the POSTed values are empty. var_dump on the PHP side shows an empty array. What's wrong?

function readfiles(files)
{
    console.log('Reading Files...');
    console.log(files);
    console.log("There are " + files.length + " elements to this array.");

    var formData = new FormData();
    formData.append('file', files[0]);
    console.log(formData);

    console.log("Posting XHR request...");
    // now post a new XHR request
    var xhr = new XMLHttpRequest();
    xhr.open('POST', '/devnull.php',false);

    console.log("sending data...");
    console.log(formData);
    xhr.send(formData);
}

$(document).ready(function(e) {
    $("#holder").on('dragenter',function(e) {
        e.preventDefault();         
        $(this).addClass('hover');
    });
    $("#holder").on('dragleave',function(e) {
        e.preventDefault();         
        $(this).removeClass('hover');
    });
    $("#holder").on('dragover',function(e) {
        e.preventDefault();         
        if(!($("#holder").hasClass('hover')))
            $("#holder").addClass('hover');
    });
    $("#holder").on('drop',function(e) {
        e.preventDefault();
        console.log(e.originalEvent.dataTransfer.files);
        $(this).removeClass('hover');
        readfiles(e.originalEvent.dataTransfer.files)           
        return false;
    });
});

Open in new window


Firebug tells me that there is an element in the array:

FileList { 0=File, length=1, item=item(), more...}

Open in new window


But after we append it to the FormData object, I get this:

FormData { append=append()}

Open in new window


And the final var_dump on the PHP side says this:

<pre>array(0) {
}
</pre>

Open in new window

0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 39747188
Michael:  I can't give a detailed answer without some additional study, but I can give a theoretical answer.  As a matter of security it should not be possible for any script to prepopulate the value of inputs of type=FILE.  If that could be done, a JavaScript routine could "steal" client data without permission or notice to the client.

Have you tried a PHP var_dump($_FILES)?

If you want to post the rest of the script, I'll install a copy and see if I can get any more insight.
0
 
LVL 32

Author Closing Comment

by:DrDamnit
ID: 39747198
I AM SUCH AN IDIOT.

I have been battling with this for 2 hours.

$_FILES was the answer.

You sir, have kept me from jumping out the window.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39747205
I am proud to share idiot-space with you, the best of colleagues!  Let's come in off the ledge and have a glass of, say, 2007 Stags Leap Merlot.

Thanks for the points, ~Ray
0
 
LVL 32

Author Comment

by:DrDamnit
ID: 39747210
John:

To your prepopulation / security question: that was previously true; however, HTML5 has file system object (file reader). You can't go hog wild and maliciously search a user's hard drive, but with their interaction you can gail access to a jailed / sandboxed area.

Im my script above, I am volunteering a file, so the filereader can get it, pre-populate form data, and submit it. It's drag and drop.

it was working the whole time, but I was looking at $_POST instead of $_FILES because I have been coding for 12 hours straight, which turns your brains to mush.

There are number of security issues that have been taken into consideration in regards to the filesystem API in HTML5. As usual, OReilly has a book on it.

Highlights are here:
http://my.safaribooksonline.com/book/web-development/html/9781449311384/introduction/i_sect11_d1e378
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39747252
The Merlot...
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How to build a simple, quick and effective accordion menu using just 15 lines of jQuery and 2 css classes
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question