Thanks for that, will keep that in mind. Will do, I am trying to be as secure as possible, but also try to be as simple as possible.
I originally was thinking of just writing a client application to upload the files, and then have people login to the web application and do what they need to do their. I figured it would be easier to have everything as part of a web application so they woudln't have to download anything. I figured having 2 seperate things might annoy people, but honestly it seems that it will save me time and it seems like what I am tryign to do is out of the scope of a basic file upload. Sadly everything would have worked fine if I didn't have to upload additional files. Also, what probably would have also hit me, is that in the file I am uploading, I have to read an MS Access DB, then from there get the URL's to the images to upload. I've seen examples of JSP with Ms Access DB, but probably would have issues with that too. I am going to use "UCanAccess" for that so hopefully everything works well with that. I guess I'll build the application, have it do all of the file reading and stuff on their computer, and then send a multipart form data to my servlet to process and upload? Thanks for the help once again Hassan, I appreciate your time and patience with my and my questions. All the best. > Date: Sat, 6 Sep 2014 16:10:10 -0700 > Subject: Re: [fileupload] - Question about uploading additional files other > than the ones in the form? > From: hassan.schroe...@gmail.com > To: user@commons.apache.org > > On Sat, Sep 6, 2014 at 3:58 PM, Konrad Zuse <thekonradz...@hotmail.com> wrote: > > > Yeah I understand I have to build it, was just curious if I would have > > limitations like I am having now. > > A desktop application does not have the sandboxing limitations of > processes running in a Web browser. > > That said, you and you alone are now responsible for ensuring that > your application can't be exploited to compromise the system that > it's running on. > > If it were me, I'd consider writing the app to parse the file locally and > merge the additional assets into a single upload, rather than parsing > server-side and sending a request back. Much easier to build, easier > to test, and a whole lot easier to secure. > > Good luck, > -- > Hassan Schroeder ------------------------ hassan.schroe...@gmail.com > http://about.me/hassanschroeder > twitter: @hassan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@commons.apache.org > For additional commands, e-mail: user-h...@commons.apache.org >
