Flex multiple file upload in one HTTP Post - apache-flex

Going over the file references in a FileReferenceList calling upload on each one means the files are uploaded as separate requests.
I want to upload a bunch of file in one POST (and I already have a ASHX handler that will accept it).
Any ideas?

AFAIK that is not possible.
From the docs:
The FileReferenceList class lets the user select one or more files to upload to a server-side script. The file upload is handled by the FileReference.upload() method, which must be called on each file that the user selects.
...and...
Uploading multiple files requires you to upload each of the selected files by using FileReference.upload()
You could perhaps create a zip with the AS3 zip library and send that to the server.

No you cannot, its a security restriction of the Flash player. You can simulate File upload with Action Script (usefull if you want to send data but no User files).
Its the same with Flash 10, so maybe on Flash 11...

Related

Is it possible to upload a file in Symfony2 without referring to entity's or using Doctrine?

I'm building a web application that displays specific data to the customers of my client. The client wants to populate the application with data via a CSV file. So he needs to be able to upload the file to the server, and the application places the CSV data in to the database.
I am using Ddeboer/DataImport bundle and have managed to get it to work with a CSV file already placed on the server. The trick now is to get the CSV file on to the server in the first place.
Because I want the file to be directly sent to the server, and that it won't be associated to any other records held on the database, I feel there is absolutely no need to use Doctrine at all. However, the documentation that I've encountered suggest that you should only upload files to the server via Doctrine/Database. Surely this can't be the case?
Is there a simple way of just uploading the file to a designated folder on the server? No bells or whistles, just a pure file upload in Symfony2.
Of course it is. The cookbook only contains a doctrine based entry but it has a link to the file form type.
http://symfony.com/doc/current/reference/forms/types/file.html

Determining .exe file in time of upload

I have developed File Upload web page in ASP.NET. Now user can rename a .exe file to txt or some other extension and upload the same. I want to restrict that. How I can implement that in ASP.NET?
The only safe way to do this is to get the byte [] from the file that has been posted and examine it to determine if the file is indeed in one of the formats you allow the user to upload. You don't need to save the file, you can just get the byte[] from the HttpPostedFile object.
Other than examining the content (looking for magic numbers, for example) there isn't an infallible way to make sure that the user is not attempting to upload something that you don't allow.

Securing Individual Files in ASP.NET

I have a scenario where a user will have access to a one-time-url.
When the user clicks on the URL, specific files will be available to that user.
I have many files on the site but would only like certain files to be accessible by that user.
I have though about generating an authenticated cookie and using forms based auth and applying permissions to a certain folder, but I need authorization on indiviual files. and the files will constintly be changing.
What would be the best way to give a user only access to specific files? (I won't display the other files, but I still do not want other files available if they are typed in the URL)
I would create an .ashx (handler file) and have that serve the files to the user (load into memory and then write the contents out by pushing the file to the content stream). That way the end user never has permissions to the actual files on the system but can still access them. Your code can then control when and how long each file is available to a user.
I would provide an abstraction around the actual file retrieval. That way the user never sees file name. Something like www.example.com/File.aspx?id=SOMERANDOMGUID
That RANDOMGUID could reference a file in the back end.
If you have lots of disk space, one way to accomplish this is to copy the files to a randomly-generated folder, so that the URL to a user's files is unique for each user.
I think it would be easier if your files are associated with an ID and the path is kept in the database. This way you can pull the files using the ID.

ASP.NET File upload - Validation

In our application , we are using asp.net FileUpload control to upload files.
Requirement is , user should be able to upload only ".doc, .xls , .pdf" files.
System should not allow him to upload other files. To achieve this we are validating the extension of the uploaded file. If it is not valid then throwing error message.. this works fine..
But if i change the any exe file as .doc file , then system is allowing to upload. this should not happen.
Is there any way to validate the file with its content instead of its extension ..?
Check out this question/answer on stackoverflow. I belive this is a duplicate question.
Also, look into reading a file's magic number especially if you are just trying to determine if the file is one of a few acceptable types. Magic number Wikipedia
Uploadify is a good file uploading tool that I have found which allows you to specify which extensions you allow the user to see when uploading their files. It also has alot of other cool options and it is highly customizeable. It uses a combination of jquery and flash to allow the user to upload more than one file at a time as well (if desired).

Flash uploader and ASP.net MVC

I have a flash upload component I want to use to upload multiple files. I'm using it in a MVC app and what I want to happen is that the user picks the files they want to upload, it uploads them and then displays a page showing all the files they have uploaded so they can add a description and select where to save them, and then save the files.
At the moment when files are uploaded the flash component calls a controller to process the files, this bit works fine, I can get the uploaded files and do what I like with them. The problem is is that I cannot just redirect to a View once the controllers done its work, because its the flash component calling the controller, not the page and so nothing happens when you try and do that.
I had attempted to save the files in the session and then forward the user on completion of the upload using some code in the flash actionscript, this however does not work, the session always turns up null. I had also considered actually saving the files to a temp location and then on the displaying page just listing all files in the temp location, but this is then going to involve saving the files twice, once to the temp directory and then to the actual place the user wants to put them, which I assume will be slow.
Any thoughts on the best way to do this?
Is your site using cookie based authentication? If so then the flash uploader needs to include the authentication cookie when uploading otherwise the upload will be seen as coming from a new user - this would explain your null values in the session state. If you are unable to get flash to post the cookie then you'll have to identify the user within the upload URL.
You should keep session state to a minimum or even better not use is at all so storing large amounts of data such as images in it is a bad idea.
With our applications we save all uploaded files to the database and then give them a unique Guid that is then used to retrieved/display them later. Within the database images could be associated with a user and in your case be marked as just uploaded so that when you redirect the user to the additional information page you know which images to display.
but this is then going to involve
saving the files twice, once to the
temp directory and then to the actual
place the user wants to put them
In relation to where the files are saved on the server you should not be allowing the user to determine where the files are saved.

Resources