Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

verify the file type before uploading it to my server! 1

Status
Not open for further replies.
feshangi

feshangi

MIS
Nov 24, 2004
265
US
Is it possible to check for file extension/type (and maybe file size) before uploading it to my server? I found couple JS file extension checker on the web and they would prompt for the unexpected extension but still it would submit the form! (note that my pages are written in coldfusion which doesn't make any difference to run a JS code as I am running many of them all the time.)

I'm really afraid of blocking unwanted files after uploading them to my server. I don't want people upload a 200GB file to my server and then tell them "oops, your file is greater than 2MB ...".

Or maybe is there a way to tell my server to timeout if the file is over 2MB?

I really appreciate if I can get some feedback regarding my problem.

Thanks,

Mike
 
Sort by date Sort by votes
Checking for a file extension is easy enough, but you should also do a check on the server-side since JavaScript can be easily disabled.

Code: 
<html>
<head>
<script>
function validate(f){
  if(/\.exe$/.test(f.myFile.value)){
    alert('Not allowed to upload exe files!');
    return false;
  }else{
    return true;
  }  
}
</script>
</head>
<body>
<form onsubmit="return validate(this)">
<input type="file" name="myFile">

As for checking file size, JavaScript alone can't do this (unless it's an image you're uploading - there's a trick for that). You'll need to use something like an ActiveX component, but the user will have to agree to install it on their system - which may make them uncomfortable. The best way is to display instructions to the user that files greater than a certain size will not be accepted, then do a check on the server.

Adam
while(ignorance){perpetuate(violence,fear,hatred);life=life-1};
 
Upvote 0 Downvote
Thanks Adam for the quick reply.

I'll try this JS code later today. Hopefully it doesn't submit the form after prompting for the incorrect extension like the other two that I tried.

As far as ActiveX goes I don't want to use it due to plug-in installation on client.

Thanks,

Mike
 
Upvote 0 Downvote
It is possible to set a maximum size, at least in PHP:
PHP.net said:
The MAX_FILE_SIZE hidden field (measured in bytes) must precede the file input field, and its value is the maximum filesize accepted. This is an advisory to the browser, PHP also checks it. Fooling this setting on the browser side is quite easy, so never rely on files with a greater size being blocked by this feature. The PHP settings for maximum-size, however, cannot be fooled. This form element should always be used as it saves users the trouble of waiting for a big file being transferred only to find that it was too big and the transfer failed.
Click to expand...
See
--Chessbot

"Violence is the last refuge of the incompetent." -- Asimov, Foundation
 
Upvote 0 Downvote
Thanks Chessbot for the very cool article.

Maybe I should integrate that within my ColdFusion page as a template.

Mike
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jomat
  • Locked
  • Question
JS to show the timer in html under title instead of in the status bar
Replies
2
Views
1K
xwb
xwb
Kennelbloke
  • Locked
  • Question
Can't Get Markers to show on Map
Replies
0
Views
1K
Kennelbloke
Kennelbloke
JScannell
  • Locked
  • Question
Google Chrome doesn't load my javascript files
Replies
1
Views
901
JScannell
JScannell
MDGarcia
  • Locked
  • Question
Java script blocked due to MIME type error
Replies
2
Views
2K
MDGarcia
MDGarcia
lexer
  • Locked
  • Question
Passing fields from (html-JavaScript) table to JavaScript Function
Replies
0
Views
997
lexer
lexer

Part and Inventory Search

Sponsor

Back
Top