Re: Multipart Form - Ascertain File Type
This WebDNA talk-list message is from 2007
It keeps the original formatting.
numero = 68738
interpreted = N
texte = Tana Adams wrote:> I was wondering if anyone knew how to ascertain what type of file was being> uploaded when using a multipart form. I'm trying to create a file upload> that will only allow a .txt file to be uploaded.AFAICT, this is impossible to do on the front end. In other words, the multipart MIME upload doesn't have any mechanism to validate the file contents when uploaded. That doesn't mean you can't validate the file after the fact, and simply delete anything that doesn't meet whatever criteria you like (too large, not a JPEG, not named .txt, etc).Be aware that trying to determine what the file contains using only the filename (especially extension) is fraught with danger and pitfalls. One of the results of M$loth's infinite stupidity is the constant issue with e-mail attachments of the form innocuous_file.txt.exe, which based on default (read: STUPID) Windows default is displayed asinnocuous_file.txtwhen in actuality, it is a worm/virus/rootkit...John-- John PeacockDirector of Information Research and TechnologyRowman & Littlefield Publishing Group4501 Forbes BoulevardSuite HLanham, MD 20706301-459-3366 x.5010fax 301-429-5748-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Tana Adams wrote:> I was wondering if anyone knew how to ascertain what type of file was being> uploaded when using a multipart form. I'm trying to create a file upload> that will only allow a .txt file to be uploaded.AFAICT, this is impossible to do on the front end. In other words, the multipart MIME upload doesn't have any mechanism to validate the file contents when uploaded. That doesn't mean you can't validate the file after the fact, and simply delete anything that doesn't meet whatever criteria you like (too large, not a JPEG, not named .txt, etc).Be aware that trying to determine what the file contains using only the filename (especially extension) is fraught with danger and pitfalls. One of the results of M$loth's infinite stupidity is the constant issue with e-mail attachments of the form innocuous_file.txt.exe, which based on default (read: STUPID) Windows default is displayed asinnocuous_file.txtwhen in actuality, it is a worm/virus/rootkit...John-- John PeacockDirector of Information Research and TechnologyRowman & Littlefield Publishing Group4501 Forbes BoulevardSuite HLanham, MD 20706301-459-3366 x.5010fax 301-429-5748-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
John Peacock
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat2b15MacPlugin - showing [math] (1997)
Lookup Notfound (1998)
WebCat2b12 CGI Mac -- Problems propagating the cart through frames...still (1997)
WebCat2b13MacPlugIn - More limits on [include] (1997)
bug in [SendMail] (1997)
WebCat2b13 Mac plugin - [sendmail] and checkboxes (1997)
[ModDate] & [ModTime] ? (1997)
.htaccess to make WebDNA serve HTML (2007)
errormessages.db (1997)
[subtotal] and others (1997)
[include ...] behavior (1997)
HUGE DATABASES (1998)
Dynamically Generated Pages & WC? (2000)
Autoreturn Submit? (1997)
Show shoppingcart after remove last item (1997)
Using Cookie for client specific info? (1997)
Emailer Problem (1999)
Other Databases, access, filemaker etc. (2000)
Emailer again (1997)
Still Stumped on ShowNext...HELP! (1997)