Nip it in the bud. Force the user to upload a file with an extension. I have
something that does this that restricts the user to only upload PDF's. BTW I
use the LeftCorner js library... It has a bunch of cf functions translated
to JS.
<script type="text/javascript" src="js/LeftCorner.js"></script>
<script type="text/javascript">
function validate()
{ var myformvalue = document.myform.resume.value;
var myformListLen = LeftCorner.ListLen(myformvalue , ".");
var myformextention =
LeftCorner.LCase(LeftCorner.ListGetAt(myformvalue,
myformListLen , "."));
if (document.myform.resume.value =='')
{
alert('Please select a file to upload.');
document.myform.resume.focus();
return false;
}
if (myformextention !='pdf')
{
alert('Please select a file with "pdf" as the file
extention.\n\nExample: MyResume.pdf\n\n');
document.myform.resume.focus();
return false;
}
return true;
}
</script>
......
<form action="#CGI.script_name#" method="post" name="myform"
ONSUBMIT="return validate();" enctype="multipart/form-data">
<input type="file" name="resume" id="resume" value="" />
etc.
On Wed, Feb 27, 2008 at 10:40 AM, Mark Fuqua <[EMAIL PROTECTED]> wrote:
> I have a page that uploads a file, either pdf or jpg. I thought
> everything
> was working well until I discovered that some of the files are being
> uploaded without the file extension and some with.
>
>
>
> In the code below, the server side validation is done, then the file is
> uploaded, then the information is inserted in the database and then the
> permissions for who can view the file are placed in a separate table (many
> to many).
>
>
>
> Two questions:
>
>
>
> How can I make sure the database gets all the file names with the
> extension
> or that the database gets all the file name without the extension?
>
>
>
> How do I handle a file name with spaces? The database will have a file
> name
> with spaces.will that be automatically handled by the browser?
>
>
>
> Mark
>
>
>
> <!---check for needed session variables, redirect if missing--->
>
> <cfif not isdefined("session.jobName")Or not isdefined ("session.jobId")>
> <cflocation
> url="#application.absoluteUrlRoot#/JobAdmin/jobAdminLogIn.cfm?message=Your
>
> Job Admin Session Has Expired">
>
> <cfabort>
>
> </cfif>
>
>
>
>
>
> <cf_ValidateForm
>
>
> errorLocation="#Application.absoluteUrlRoot#/JobAdmin/JobFiles/JobFilesAddFo
>
> rm.cfm">
>
> <cf_ValidateInput variableName="Form.jobFileType" label="Type of
> File"
>
> validationType="varchar(50)" required="yes">
>
> <!---<cf_ValidateInput variableName="Form.JobFileAccessLevel"
> label="Access Level" validationType="varchar(50)" required="yes">--->
>
> <cf_ValidateInput variableName="Form.JobFileTitle" label="File Title"
>
> validationType="varchar(50)" required="yes">
>
> <cf_ValidateInput variableName="Form.FiletoUpload" label="File to
> Upload"
>
> validationType="varchar(100)" required="yes"> </cf_ValidateForm>
>
>
>
>
>
> <!---Query for job folder name--->
>
> <cfquery name="jobfolder" datasource="#Application.dbDSN#"> select
> jobfoldername from jobs where jobId = #session.jobId#
>
>
>
>
>
>
>
> </cfquery>
>
>
>
>
>
> <cfoutput>
>
> <cffile action = "upload"
>
> fileField = "FiletoUpload"
>
> destination =
>
> "c:/Coldfusion8/#
> Application.absoluteUrlRoot#/JobAdmin/JobFiles/#jobfolder.jobfoldern
>
> ame#"
>
> accept = "image/pjpeg, image/jpg, application/pdf"
>
> nameConflict = "MakeUnique"
>
> result="result">
>
> </cfoutput>
>
>
>
>
>
>
>
> <cf_InsertRecord table="JobFiles" lookupKey="JobFileName"
>
> lookupKeyType="varchar(100)"
>
>
> redirectTo="#Application.absoluteUrlRoot#/JobAdmin/JobFiles/JobFileAccessLis
>
> t.cfm?FromAction=1">
>
> <cf_PrimaryKey primaryKeyColumn="JobFileId" primaryKeyType="integer">
>
> <cf_PassColumnToAction column="JobFileType" type="varchar(50)"
>
> value="#Result.serverFileExt#" valueIfEmpty="NULL">
>
> <!---<cf_PassColumnToAction column="JobFileAccessLevel"
> type="varchar(50)"
>
> value="#Form.JobFileAccessLevel#" valueIfEmpty="NULL">--->
>
> <cf_PassColumnToAction column="JobFileTitle" type="varchar(50)"
>
> value="#Form.JobFileTitle#" valueIfEmpty="NULL">
>
> <cf_PassColumnToAction column="JobFileName" type="varchar(50)"
>
> value="#result.serverFile#" valueIfEmpty="NULL">
>
> <cf_PassColumnToAction column="JobFileJob" type="integer"
>
> value="#session.jobId#" valueIfEmpty="NULL">
>
> <cf_PassChooserToAction spouseTable="PlumRole"
> childTable="JobFileAccess"
>
> spouseTablePrimaryKey="RoleCode" spouseTablePrimaryKeyType="varchar(12)"
>
> foreignKeyFromChildTableToMainTable="JobFileId"
>
> foreignKeyFromChildTableToSpouseTable="PlumRole"
>
> >
>
>
>
> </cf_InsertRecord>
>
>
>
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;160198600;22374440;w
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:299955
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
