I'm newbie laravel.
I have a form register and contain field is avatar and some field need validate.
I upload picture from my computer but when i submit form if some field not pass validate then picture file lost.
How can i keep old picture uploaded ?
With text field, i can use old() function to get old value but with input file i dont know how to keep value when form not pass validate.
(Have some suggestion: using ajax put value to session when input file change...)
Sorry my english skill not good,
Thanks you.
No, the file input can't be prepopulated by Laravel or by any software. Your website (and any website) doesn't and shouldn't know the local path to the file. Imagine the security risks if they did! You could trick a user into uploading their SSH private key or something.
What you need to do is process the uploaded file regardless, even if there are validation errors.
Then you could either store it in your database with a pending status, or have some unique hash assigned to it, with a matching hash stored in the user's session. The point is to be able to identify incomplete uploads that belong to this specific user.
Then when you display the form, retrieve those incomplete files either from the session or database, and display the thumbnail next to the file upload. This tells the user that they don't need to re-upload that file. Just make sure that they have a way to remove it as well in case they changed their mind.
Once the form is submitted correctly then clear the session hash or update the database status to complete; whatever you need to do.
Andrewtweber Answered Very Well So i pasted here.Credit goes to him
Ref:
Laravel 5.1: keep uploaded file as old input
Related
I'm currently working on a web app that uses CodeIgniter, in specific, I'm building the signup forms.
This form consists out of 3 different steps, I'm just wondering what the best way would be in order to save information between 2 steps?
I only want to save all the information into the database once the final stap has been completed.
Should I just use native PHP session to do this? Or should I use CI flashdata?
I've used hidden fields and sessions. I tend to save all the form values to a text file at the end of each stage. Then if something happens at any given stage I can choose what to do with the data saved in the text file.
For instance, if you wished you could capture an email address on the first page. If the form doesn't get completed (as in all stages were successfully completed), then you could send an email to the prospective user with a link to the signup form at the appropriate stage. The prospective user would not have to re-fill any of the fields they've filled in and you get a chance to recapture them as a user.
I tend to use the text file as a default way to save all the data from any stage of a multi-stage form. At the end of the form I can process the data into the DB and delete the text file. To catch partially complete signups I can write a script that is executed via a cronjob that runs every minute. I always save a timestamp in the data file representing the last time the file was updated. If the timestamp is more than X minutes old you run your didn't finish signup script on it or just delete it.
Saving data at each stage is simple. After the first stage you create the $dataFile with $dataFile = file_put_contents(json_encode($data)); where $data = array('timestamp'=>...) + $_POST;. Each stage after the first I use $data = json_decode(file_get_contents($dataFile), TRUE) + $_POST;, and $data['timestamp'] = ...;. Then use file_put_contents to save it back to the file. Obviously, you will need to track the $dataFile variable but this is easily done via hidden fields or session data.
The file will only be out there for X minutes before being processed and deleted but if you wish to have security on the text file during that short time frame then I'd suggest looking up a cipher or creating your own variation on the simple Ceasar's cipher. Use the cipher on the field names as well as the values.
Back in Dec I was working through the issue of multi-stage forms in the latest CodeIgniter for myself. I can't say this is a generally accepted best practice but the text file has worked well for me in the past. I posted some sample code for a multi-stage form here: Multi-Stage Form Example.
You can post the values to the next form where you can use hidden fields to store these values so that when you post the last form you have all the values and you can process them at one time.
I faced this case in my latest project and I used the session of Codeigniter to save the data submitted after validation in userdata session as array in the last step I send data to the DB
i want to ask that if its possible to keep the user's upload path where he selects from his computer that which file will be uploaded like the path " C:\Users\User1\Desktop\1.jpg " , the reason i want to learn about this is after submitting forms with php when he fails about validation, i want him to not reselect it..
Summary : How can i save the path : C:\Users\User1\Desktop\1.jpg in user's form if user fails on other field's validation
Thanks
It is not possible. Only the filename is sent by the browser, not the full path.
First thoughts
I am just posting this in case you think of doing something crazy like, why don't I use javascript or JS library to get the path?
It's a DOM element after all.
Well browsers are your enemy!! why? For security reasons, browsers have security restructions like as you have guessed don't expose the local file structure.
Question
What would you do with the file path?
How's a file path going to be handy on the server-side?
Hem, let me think...still thinking.....
The only purpose that I can think of is discovery before attempting a hacking.
Field validation can be an honest answer, but you can avoid this by creating a form that uses AJAX to submit the data to sever.
What??
Yes sir, use ajax submit the data as post, validate it and send a message back to the browser stating if the form was successfully submitted or not.
With ajax you don't leave the page when data is submitted to the server
One section of my site allows users to upload files. These files are not uploaded to the server that the website is hosted on (let's say site.com), instead they are uploaded to s1.site.com, s2.site.com etc. These subdomains point to servers on a different IP address than the main server. I am using the Uploadify jQuery plugin for file uploads.
Now, when a user is logged in and uploads a file, I want that uploaded file to appear in their account page under "files". I'm stuck on what the best way to do this would be.
I can set options for Uploadify to send additional POST data along with the upload. The simple solution would be to just send the username of the user uploading the file along with the file upload, however other users could spoof their username and upload files into other peoples accounts. Not cool. So I need a way to tell what user is uploading the file while stopping username spoofing.
I thought about sending the users session as POST data, kind of like this:
$('#file_upload).uploadify({
formData : { '<?php echo session_name();?>' : '<?php echo session_id();?>' }
});
But I don't really know a thing about sessions. CodeIgniter is handling my user logins. Would this work? Could someone explain to me exactly how I'd go about doing this?
Thank you.
I like to do things like use md5 hashing to create a unique Hash Value based on the Username. I do this once the user has created his or her account for the first time. Then I store that hash value in a column called hash_validation.
Next, I would (upon user login(you use CodeIngiter for this)) create a session variable for the hash value. Then I can check the hash value against the table and the username for security purposes. It's as simple as ->
$_SESSION['hash_value'] = $row['hash_validation']; //general example of grabbing the row we created
I like to hide my SESSION values in a div on the page so I can constantly reference them with JavaScript without having to communicate with the server.
Once we've done all the above, we can use the formData method to send over the hash value to the server (without using php like you did above.) Then the server can check the hash value against existing hash values for said username in the table, and if it's correct, we'll upload the file.
I had an upload form on my website, where users entered details about their upload file, selected the file and uploaded to the webserver.
The POST action of the form was to submit the file to a php page called upload_control.php, where the post details were validated, and if correct the file was stored on disk an entry was placed in the database. The file was renamed to ID_name before storing, where the ID was taken from the database, as the largest ID so far (just a counter).
Now things have changed and it makes more sense to upload the file to storage elsewhere. This is done straight by the user, the action of the form points to the other server which stores the file if the form was submitted correctly. [ I have no control over the processing done by the other server, it's a storage solution like amazon s3 ]
The problem is: How do I get the last used ID from my database, so that I rename the file to ID_filename with javascript before uploading? (I can store the filename on a hidden form field and the remote server will understand to rename it when it receives it).
Better yet: Is there a way to validate all the form details - using php. not javascript, before submiting the form to the storage solution?
My thoughts are towards sending the form details to a php script on my server with ajax, upon hitting the submit button but before posting, so that the php script can get the latest id from the database, validate the request, send back the new details or the new id, and then really submit the form. -- But how can this by done?
on button click call php function through ajax, and pass all the data collected from page to service as json, php is very strong at parsing json. and you can return result from that method to indicate whether to data is authenticated or not. A nice tutorial to hook you up is this.
http://www.queness.com/post/328/a-simple-ajax-driven-website-with-jqueryphp
I have a form that the user needs to populate and then the form will be sent to a server.
After the user submits the form, if the server script found that the form is not correctly populated (i.e. the uploading file is too big), it should return error to the client side.
Now, my question is as follows:
How do I keep the user seeing the same page without transferring to a different page?
Because I don't want the user to waste time to reenter everything again. I just want the user to correct the wrong part.
Because I don't want the user to waste
time to reenter everything again. I
just want the user to correct the
wrong part.
This is a good intention, but the wrong solution.
To stay on the same page would mean you have to submit the form using javascript. While possible, why make things more complicated than they have to be?
Instead, submit the form to the server and when you write out the form again to the user with the error message, set what the user entered as the default value on the form. Then it will be there for them and they won't have to type it again.
Note: Don't do this for passwords tho; the page may be cached and then the users password is saved in a plain file on the hard disk. This is why most sites make users retype passwords each time.
You need to show form again and fill previously entered data in input's "value" fields. Of course, don't forget to replace special characters with html entities with htmlentities();
I also found one tutorial for you: http://evolt.org/node/60144