4 Replies Latest reply on Feb 16, 2010 8:07 AM by cfsetNewbie

    Server side validation for file type with cffil sent via cfmail problem

    cfsetNewbie Level 1

      Hello;

      I have a small app that I need to allow users to be able to use a form, and send me and email with a file attachment. I have it working nicely, I included file manipulation into the validation process of the form and required form fields. The problem I'm having, is this. I'm trying to create and instance where if they try and upload lets say a pdf, it throws and error: "You are trying to upload the wrong file, please try again we only accept bla bla bla" Problem is, even if I'm uploading the proper file, it's rejecting it and deleting it. Can someone help me fix this? I've tried a number of different ways and can't seem to get this to go off properly. I am posting some of the code. There is a ton, so I'm posting the main parts so you get the idea and see my variables.

       


      <!--- Declairing my variables and setting up form validation--->
      <cfparam name="FORM.descript" type="string" default=""/>
      <cfparam name="FORM.attachment_1" type="string" default=""/>

      <cfset arrErrors = ArrayNew( 1 ) />

      <cfset showForm = true>
      <cfif structKeyExists(form, "sendcomments")>

      <cfif NOT len(trim(FORM.name))>
      <cfset ArrayAppend(arrErrors,"Your Full Name!<br>") />
      </cfif>

       

      <!--- This is where the file error control is as you can see how the name is validated, the file will be dealt with in a similar maner--->

      <cfif NOT Len(Trim(FORM.attachment_1))>
      <cfset ArrayAppend(arrErrors,"You didn't attach a file!<br>") />
      <cfelseif ArrayLen( arrErrors )>
      <cftry>
      <cffile action="DELETE" file="#FORM.resume#"/>
      <cfcatch>

       

      <!--- File delete error. --->
      </cfcatch>
      </cftry>
      <cfelse>
      <!--- no errors with the file upload so lets upload it--->
      <cftry>
      <cfset request.AcceptImage="image/gif,image/jpg,image/jpeg,image/pjpeg,image/x-png">
      <cffile action="upload"
                       filefield="attachment_1"
                       accept="#request.AcceptImage#"
                       destination="c:\websites\187914Kg3\uploads\"
                       nameconflict="Makeunique">

       

       

      <!---
      Now that we have the file uploaded, let's
      check the file extension. I find this to be
      better than checking the MIME type as that
      can be inaccurate (so can this, but at least
      it doesn't throw a ColdFusion error).
      --->
      <cfif NOT ListFindNoCase("request.AcceptImage",CFFILE.ServerFileExt)>
      <cfset ArrayAppend(arrErrors,"Only JPEG, GIF, and PNG file formats are accepted!<br>") />
      <!---
      Since this was not an acceptable file,
      let's delete the one that was uploaded.
      --->
      <cftry>
      <cffile action="DELETE" file="#CFFILE.ServerDirectory#\#CFFILE.ServerFile#"/>
      <cfcatch>
      <!--- File Delete Error. --->
      </cfcatch>
      </cftry>
      </cfif>
      <!--- This is the code that is causing my problem. The above code is saying everything is not the proper file and rejecting it all--->

       

      Can anyone help me out. I can make more of this code available if needed. Like i said, there's a lot and I didn't want to dump it all out, this is the section creating the problem. There are no errors at this time, just rejecting all file types.

       

      thank you.

        • 1. Re: Server side validation for file type with cffil sent via cfmail problem
          A*** Level 1

          The following works. You need to adapt it to your forms/pages, however:

           

          <!--- Check to see if the Form variable exists --->

          <cfoutput>

          <cfif NOT isDefined("Form.attachment_1")>   

                <form method="post" action=#cgi.script_name#

                      name="uploadForm" enctype="multipart/form-data">

                      <input name=" attachment_1" type="file">

                      <br>

                      <input name="submit" type="submit" value="Upload Image">

                </form>

          <cfelse>

                <!--- If TRUE, upload the file --->

                <cffile action = "upload"

                      result="myResult"  

                      fileField = "attachment_1"

                      destination=" C:\websites\187914Kg3\uploads\" 

                      accept = "" 

                      nameConflict = "makeUnique">

               

                <cfset svrFile = "#myResult.ServerDirectory#"&"\"&"#myResult.ServerFile#"/>

           

                <!--- Check if file is an image file --->

                <cfif #reFindNoCase("gif|jpg|jpeg|pjpeg|png",myResult.clientFileExt, 1)# EQ 1>

                      <!--- Retain right file type --->

                      <p>

                      Your file <strong>#myResult.clientFile#</strong> has been uploaded successfully!<br />

                      <a href="yourTemplate.cfm">Back</a></p>

                      <!--- Otherwise --->

                <cfelse>

                      <p>

                      You are trying to upload a <strong>#myResult.clientFileExt#</strong> file, please try again. We only accept <strong>gif, jpg, jpeg, and png</strong>.

                      </p>

                      <!--- Delete unacceptable file and show form to user to try again --->     

                      <cffile action="delete"  file="#svrFile#" />

                      <form method="post" action=#cgi.script_name# 

                            name="uploadForm" enctype="multipart/form-data">

                            <input name=" attachment_1" type="file">

                            <br>

                            <input name="submit" type="submit" value="Try again!">

                      </form>

                </cfif>

          </cfif>

          </cfoutput>

          • 2. Re: Server side validation for file type with cffil sent via cfmail problem
            cfsetNewbie Level 1

            That worked! I adapted it to work in my code. It totally fixed my problem! Thank you! Maybe you can

            help with one last part? How would I also validate file size? I'm using this code, but it's not working. I don't want

            files over 5 meg.

             

            <cfif val(cgi.content_length) gt 1024000>
            <cfset ArrayAppend(arrErrors,"Your file was too large. Please try a smaller file!<br>") />
            <cftry>
            <cfcatch>
            <cffile action="DELETE" file="#svrFile#"/>
            <!--- File Delete Error. --->
            </cfcatch>
            </cftry>
            </cfif>

             

             

            it's not working properly.  Is there a simple way to limit file size as well?

            • 3. Re: Server side validation for file type with cffil sent via cfmail problem
              A*** Level 1

              It appears you are comparing your content_length with 1MB.

              1KB: 1024 bytes

              1MB: 1024*1024 bytes

               

              Let us use max allowable size of 25KB here and amend the second half of our code.

               

              <!--- Set max allowable file size in KB at the top --->

              <cfset maxFileSize = 25>

                    <!--- Check if file is an image file of acceptable size --->

                    <cfif (#reFindNoCase("gif|jpg|jpeg|pjpeg|png",myResult.clientFileExt, 1)# EQ 1) AND (#myResult.FileSize# LTE (#maxFileSize#*1024))>

               

                          <!--- Retain if right file type and size --->

                          <p>

                          Your file <strong>#myResult.clientFile#</strong> has been uploaded successfully!<br />

                          <a href="yourTemplate.cfm">Back</a></p>

                          <!--- Otherwise if wrong type --->

                    <cfelseif #reFindNoCase("gif|jpg|jpeg|pjpeg|png",myResult.clientFileExt, 1)# NEQ 1>

                          <p>

                          You are trying to upload a <strong>#myResult.clientFileExt#</strong> file, please try again. We only accept <strong>gif, jpg, jpeg, and png</strong>.

                          </p>

                          <!--- Delete unacceptable file and show form to user to try again--->  

                          <cffile action="delete"  file="#svrFile#" />

                                <form method="post" action=#cgi.script_name# 

                                name="uploadForm" enctype="multipart/form-data">

                                <input name="attachment_1" type="file">

                                <br>

                                <input name="submit" type="submit" value="Try again!">

                          </form>

                          <!--- Or size too large --->

                    <cfelseif #myResult.FileSize# GT (#maxFileSize#*1024)>

                          <p>

                          Your file was too large (<strong>#numberFormat(myResult.fileSize/1024, "____.__")# KB</strong>). Please try a smaller file!

                          </p>

                          <!--- Delete file and show form--->

                          <cffile action="delete"  file="#svrFile#" />

                                <form method="post" action=#cgi.script_name# 

                                name="uploadForm" enctype="multipart/form-data">

                                <input name="attachment_1" type="file">

                                <br>

                                <input name="submit" type="submit" value="Try again!">

                          </form>

                    </cfif>

              </cfif>        <!--- Closes the cfif tag which started from the first half --->

              </cfoutput><!--- ditto --->

              • 4. Re: Server side validation for file type with cffil sent via cfmail problem
                cfsetNewbie Level 1

                thank you very much! That worked. I only needed to take

                a couple lines of your code and change it to work in mine.

                Works like a charm!