When using the inital file list functionality to populate fineuploader with previously stored files, is it possible for the edit filename functionality to be used?
At the moment it seems that the edit elements are hidden in the template, although it would be relatively simply if this functionality were enabled to hook onto the rename trigger and save the updated filename via ajax (what i'm hoping to achieve).
So is there someway to enable the edit filename for the initial file list?
Your requirements are outside of the scope of a file upload library. If you want to allow your users to rename a file uploaded in a different session, you will need to provide for this in your custom web application. You can certainly modify the file list provided by Fine Uploader after it is rendered with the initial files.
Related
Our JSF 2.2 web application may have the situation, that users have to fill in a formular where they have to upload multiple files.
Example
First Name: [ John ]
Last Name: [ Doe ]
Photo: [ choose File ] (no file chosen)
Passport: [ choose File ] (no file chosen)
I know that there is multiple upload forms like Primefaces but this doesn't fit to my requirement, since I want to know which file is either the photo or passport, and I need to validate the input, because the files are mandatory.
Option 1: Multiple single file uploads
The first option would be like in the example above. Just use multiple single <h:inputFile> tags.
Pros:
users select files when they are asked for
users know this kind of file uploads
Cons:
since there are more <h:inputFile> tags, every file upload will be processed during the form submit: so we might have to limit filesizes so that users won't run into problems
I did not try this: is it even possible to use multiple single file uploads in the same <h:form>?
Option 2: Upload in popup + callback
I have seen this sometimes and wondered why it was implemented that way. When you have to upload a file it opens a popup with a file upload. After the upload, the popup is closed and the form has selected the uploaded file.
Are there any hints/tutorials for this technique? Especially the between-window-communication is unclear for me.
Pros:
nearly the same as the standard way
Cons:
problems with popup-blockers
for this approach, fallback mechanics have to be implemented: what if the user cancels the form? when are uploaded files deleted, so that there are no garbage files?
Option 3: Upload in modal dialog + callback
To eliminate the popup blocker problem we could use a modal dialog for an upload. So we choose to upload a file, a new modal <p:dialog modal="true"/> opens and there inside the <h:inputFile> handles your upload.
I did try this and found out that AJAX uploads are not possible with <h:inputFile> or <p:inputFile mode="simple"> (can't find the source of BalusC's comment, but there is a similar one). My whole site got rerendered and my formular input was lost.
Pros:
nearly the same as the standard way
no problems with popup blockers
Cons:
even possible?
Option 4: "Upload Manager"
My last idea was to provide an upload manager. This is a view where users can see their uploaded files in a list/table and add files with a single <h:inputFile>, add descriptions, and so on. So the files are already in the system and get deleted after (say) 72 hours if they are not referenced.
Users then click on a link when they have to input a file, and choose the corresponding file from a list/table in a modal dialog. Therefore users have to upload their files first, before even filling a form, which is quite a pain, so it would be nice if they could also upload files in the modal dialog. (this would look like a view, where they have a single <h:inputFile> and a list of their already uploaded files). But there we have the same AJAX problem like in Option 3...
The only way I see to get around this, is to write something at the beginning of a form like:
For this form you need the following files in your upload manager:
- Photo
- Passport
Pros:
technically: good because it's always only one file in a submit (AJAX?)
no specific fallback mechanisms (except a 72hrs cronjob deleting unused files)
users can upload multiple files for the (say) next 20 forms - this is good in our web application
Cons:
users are not used to this technique
even possible?
Do you have any other ideas to handle with this situation? I can't be the only one with this.
Or are multiple file uploads like Primefaces good to configure for validations?
I hope you can help me out with this brainstorming
Using the jQuery wrapped version of Fineuploader v3.3.
Is it possible to populate the file list with files already in the upload folder?
I think "_addToList(id, name)" should do the trick, but I can't get it to work. Any ideas?
Seems that they are currently working on this feature:
https://github.com/Widen/fine-uploader/issues/784
So, this will be available soon.
This is not a behavior that Fine Uploader currently supports. Fine Uploader only displays files that users have submitted to the uploader since the current uploader instance was created. It doesn't try to be an all-in-one web application. You could probably add your own item to the list/UI via javascript. That probably wouldn't be terribly difficult, but seems like an odd thing to do.
If you'd like to discuss your specific use case more, please open up a feature request in the Github issue tracker.
Generally, client side code cannot add stored or hard-coded path based file names for use in any type of POST or upload operation. Obviously this is a security measure, you can imagine if a malicious web page could add to a generic POST operation some type of baked in file name. So from what I understand, only the user can specify path based file names, via a file browser for the session that it is included in. This applies to HTML/JavaScript/jQuery but am unsure if Flash/Silverlight based solutions would also be limited. I think a Java based uploader would be free of this. But you are just moving closer and closer to installed software.
I'm using valums file uploader and I want to display a file path in textbox after user choosen any file (like with standart file upload). Is there any possible solution to achieve this?
No. Based on my research I've found numerous posts suggesting that browser security features prevent objects from knowing the file system until the appropriate submit action is invoked.
Furthermore they suggest that if you do want to display the full path you'll need a non-browser solution like a java plugin (possibly even a flash object could do it).
Is there way to copy a file into Plone with WebDAV and have Plone register it as an Event file (rather than a simple page)?
I would very much like to use Plone for it's standard CMS properties (which are brilliant) but I can't spend time programming up an application in Plone - it's way too complicated. The "Plan" is to generate information in another system and use scripts to export it into Plone - hence copying via WebDAV would be a perfect solution if these generated files could be recognized as Events.
If not an alternative, still using WebDAV, would be to generate and copy a python script, that uses API calls to create the events. Though I'm not sure where to copy and what API calls to make.
Or is there a way of importing iCal files?
Thanks
You can customize the code to accomplish any end -- but by default, out-of-the-box, you need to:
Upload text files with the file name extension .event -- you can edit this in the content type registry tool in the root of your Plone site. This tells the folder what type of item to create (an event).
Format you text file using RFC822-style key-value formatting (like mail headers or HTTP headers are formatted) in a text file you upload via WebDAV. You must use IS0 8601 formatted (YYYY-MM-DDThh:ss:mmTZD) timestamps for all date/time field values.
If in doubt on the specifics of the last point, refer to the source code in Products.Archetypes.Marshall.RFC822Marshaller and DateTime.DateTime (zope2).
If you wish to customize the marshaller in use, you could write your own marshaller, and monkey-patch ATEvent to use it. This would allow you to support upload/download of vcs/ics if you wrote the code to do so. This is NOT the path of least resistance. YMMV, this is under-documented, and requires some serious Plone development experience.
I am implementing a project to my site to allow users to upload image files (ai, pdf, jpeg, gif, tiff). I know this can be very risky but I was wondering what kind of security checks I should put in place to make sure these files to not cause my site any harm.
OR
Should I use something like dropbox to upload my images? If I do this is it possible to get these images whenever I want so I can display them within the browser to the user?
image uploads are fine, because you know what you want: An image
First rule is never to trust the client, so let the user upload the file (maybe you want to add an upload size limit).
Second, you have to ensure that the image is really an image so
Check the mime-type of the file (don't go by the file extension, use a real mime type check like the file shell command or an appropriate library)
To really make sure the file is OK, Open and Reprocess it using an image library like GD, ImageMagick etc. and save it to disk (keep in mind this needs some resource!). This will also filter out corrupted images.
An uploaded file usually doesn't harm the site itself but the users who download the file.
I've come across with a file uploading part of a project I worked.
Some high-level suggestions to complement sled's answer:
The mime type is set on base of the file extension, so it's no useful (as the file has not been uploaded yet to the server, the mime type is just a 'guess' in base of his extension).
So solutions would be:
Do the content check client-side (before sending the http-request)
When you get the whole file by HTTP do the check server-side before persisting to the disk.
Other Suggestions:
The simple file extension check
(wheter by filename or mime-type) is
the basic secutiry measure that also
has to be present.
Folder permissions: Don't allow execute permissions, don't allow the user to create new folders (as it might create a sub-folder with executing permissions).