PDA

View Full Version : FILE input type attribute for a default?



Justin Ba
Dec 6th, 2002, 10:58 PM
Does anybody know the attribute to populate a <INPUT TYPE=FILE> with a default value

I've tried :

document.FORM.File1.value
document.FORM.File1.text
document.FORM.File1.file

can't think of anything else at the moment...

mordred
Dec 6th, 2002, 11:12 PM
You are asking the impossible, this is a security restriction! If it were possible to set the value of a file upload field by scripting, you could trick the user to upload a different file than he originally selected. Quite a big security issue IMO.

beetle
Dec 6th, 2002, 11:15 PM
That's right. A <input type="file"> can ONLY be populated by it's own 'Browse' control. No exceptions, no loopholes, no workarounds.

Justin Ba
Dec 6th, 2002, 11:17 PM
ahh, good catch.. didn't think of that.

I'm coding for my companies intranet.. I really wish MS provided a special browser without all the security restrictions specifically for company intranets.

Anyways, the reason I was trying to do this is after submitting the file upload, if a file with the same name existed on the file server already, i wanted to prompt them to see if they wanted to overwrite or not... i was trying to re-populate the file object and re-submit the form with a ?overwrite=1 if they chose yes... any hints as to a different method that might be possible?

beetle
Dec 6th, 2002, 11:20 PM
Well, HTA's (http://msdn.microsoft.com/workshop/author/hta/overview/htaoverview.asp?frame=true) gain special access to the client machine that may allow you some extra flexibility.

joh6nn
Dec 6th, 2002, 11:25 PM
yeah, but you still can't do that. sorry man, you're just flat out of luck. what you might try, is this:

http://www.codingforums.com/showthread.php?threadid=5042

Justin Ba
Dec 6th, 2002, 11:39 PM
joh6nn, thanks for that link... It is indeed an interesting work around.

However I'm not making the connection as to how I can use that to accomplish my goal.

A nudge in the right direction would be most appreciated.

joh6nn
Dec 6th, 2002, 11:45 PM
it's a standard text box, a standard button, and a hidden file box. now, you can't set a default value for the file box, but you can set the default value for the text box. when the form submit, it submits the value in the text box, not the one in the file box. get it?

Justin Ba
Dec 7th, 2002, 12:15 AM
I could be wrong, but im pretty sure, both by reading the code and testing, that infact it is still submiting the contents of the <input type=file>, what that code does is allow for you to customize what the user sees as far as text/style/size of the browse button by hideing the real one, sending a click event to it from the fake button, and onchange of the realfile input, setting the value of the bogus text box. It is just an illusion not a security risk :)

If I'm wrong and still missing the ball, please set me straight! I would love to get this code working instead of making a comprimise.

God
Dec 7th, 2002, 12:38 AM
yeah, that's what it does all right. it's a shame that code's absolutely set in stone, and can't be altered to do what you want, like joh6nn suggested. otherwise, you might have a workable solution on your hands.

pity, that.

Justin Ba
Dec 7th, 2002, 01:09 AM
Thanks for the laugh all sarcastic one


I tried editing the code to do what he suggested, I found that I could not.

If I set the value of the dummy text box and re-submitted, no file was uploaded, because, like intended, the FILE input type is secure. All that the code refered to does, is put an wrapper/interface between the user and the object.

I challenge you, since, being god and all, you can do anything, to prove me wrong and get the code working instead of putting me down.

whammy
Dec 7th, 2002, 01:18 AM
How about you just try it? :D

If you upload a file with the same name, it shouldn't allow you to overwrite the file in the first place, I would assume (but I haven't tested it without using FSO, and this may depend on the security settings in that particular directory, or whether that file is "read-only" or not, but I'm not totally sure about that since I usually use ASP to accomplish this type of thing).

Keep in mind I'm only talking about a LAN, not anything web-related.

:D

Or, you could use an ASP page that checks first for the existence of the file, using Scripting.FileSystemObject:

http://www.w3schools.com/asp

and do absolutely whatever you want...

Sounds to me like you need to install PWS or IIS, Justin. That should solve your problem. If you do end up going this route, you may need an upload component like the free one at http://www.dundas.com

Justin Ba
Dec 7th, 2002, 01:31 AM
Whammy, I have tried it.. several times, and several ways.. I'm not normally one to come to a forum and ask for help unless i've exausted myself for a while trying to figure it out (as you can see, from 11 posts in 6 months, 90% in this thread).

I'm not using the filesystem object directly to perform the upload, I'm using a 3rd party upload tool that allows you to set properties such as Overwrite.

I tried using oFS.FileExists(Request("FILE1")) but because when uploading the form must be posted with ENCTYPE="multipart/form-data"
the Request object will not work, from there, I tried using the upload objects UserFileName property to do the same thing, but it seems using the Filesystem object at all on my own, somehow inturupts the upload and even if the file doesnt already exist it wont upload properly.

I wish I could show you all the different code I've tried to get the job done, but for security reasons, my company doesnt allow that sort of thing.

Thank you for the civil reply though.

whammy
Dec 7th, 2002, 01:34 AM
Actually it sounds like you're running into problems with the upload component in that case, if you've already ruled out security permissions in the directory of consequence.If that's the case, I would contact the company who made the component, or try another component - it sounds like you're already plenty familiar with this, and likely using ASP already!

Sorry I thought otherwise.

P.S. I would double-check, though, to make sure that the component has write permissions in the directory that you're trying to overwrite in - that could very well be the problem. You should be able to test for this by trying to replace a test file... not sure exactly how, though, since I don't know the component you're using or the network security permissions.

I'm no expert in networking, but it sounds to me like that could be the problem?

P.S. If I am on the right track, this is the wrong forum to post in - I would have posted this in a server-side forum, since this forum deals with client-side javascript pretty much exclusively, and this seems to me like a potential network or component problem more than anything else. :)

God
Dec 7th, 2002, 12:40 PM
Justin, post the code that you're using. To me, this is a pretty straight forward thing, so i think maybe we're just miscommunicating ( you have no idea how often this happens to me. Like this one time with a group of Mennonites... well, never mind ).

Whammy, i'm not narrow-minded, and watch who you call pathetic. i'm new to the forum; everyone has to start sometime.

whammy
Dec 7th, 2002, 10:36 PM
Perhaps I had you mistaken for someone else. ;)