I need to upload a single specific file (Ex. "C:\test.jpeg") to the web server using HTML5 components "FileAPI" and "XMLHttpRequest". Is it possible?
I have seen all types of examples that include drag and drop options, but I need less than that. I just need to call the JavaScript function, and I will send the path of the file I need to upload to a specific folder on the server.
IMPORTANT: I CAN NOT USE THE INPUT TAG. IT MUST BE DYNAMICALLY
Thanks in advance.
You cannot have arbitrary access to the filesystem from the browser, even with HTML5's Filesystem API. This has been discussed in many other threads on Stackoverflow. Have a look at one of the more recent threads, for example: Some questions about HTML5 FileSystemAPI.
Related
I have a very basic form which posts images to a PHP script, I use it to upload images to my server.
The problem I have is that when I return to my form at a later date I want it to remember the file I uploaded to my server. I can do this with text inputs by caching the input values in a cookie, can I do something similar for file inputs?
The answer is no. This is due to the security implications if the form remembers paths.
Not with a form, as the others have pointed out. You might be able to fulfill your requirement with a Flash or Java applet which does the upload for you and may be able to remember the path itself (e.g. in a cookie). However this isn't exactly lightweight and will trigger some security popup in most browsers. This may turn away users from your site.
I assume you want this for convenience, so users can upload multiple files with ease. You might want to provide a drag & drop file upload (e.g. as outlined in this tutorial http://tutorialzine.com/2011/09/html5-file-upload-jquery-php/). This would improve your usability while keeping within the boundaries enforced by browser security.
Currently working on an offshoot of the idea more adequately addressed here.
Creating a Secure File Hosting Server for PDFs
I'm developing a secure PDF hosting website where certain users can download certain PDF's that I have stored outside of the webroot to prevent people from accessing documents they shouldn't access.
I've got the download working using the first solution, but I want to implement a 'view/preview' feature too. I still don't get content headers as well as I should but I believe what is causing the bulk of my issues is I can't put a 'src' attribute on the embed/object/iframe/whatever. And that's kind of the point of the system.
My question is, is there any way to feed a file (as opposed to a url) to an embed/object? I would like to keep my current system and I'm going for simplicity at the moment so the easier the better.
I saw Recommended way to embed PDF in HTML? and will probably check out pdf.js if I'm trying something that isn't doable.
I have not yet had the chance to play with pdf.js, but it either that or a flash player of some sort.
Or you rely on the browser to display it has a webpage and you can iframe it, but that's so lame... it would work only for a fraction of you users.
PDF2SWF - convert PDF to SWF ( 1 page = 1 SWF).
Use other SWF (reader) to load SWF pages via XML or something else.
Use $_SESSION to store ID of PDF document which should be served through e.g. /preview (same link for previewing all documents)
Don't serve original PDF, put a watermark, or make them low-res.
Otherwise, your PDF will never be "secure".
http://www.swftools.org/
Is it possible to upload specific files from users PC to server, but WITHOUT using file form element?
I need this for my customer - he does not want to select those files from his pc.
Is it possible somehow to define value of file form element like we can for other elements?
Thank you in advance, hope that this question is not basic one.
MORE INFORMATION: we know that we can upload file on server, using 'file' web form element. By using this element we select file from our computer and upload it on server. Ok, but is possible to "skip" file selection, and upload specific file (files) without selecting it with file form element?
I think your best bet would be to use a signed java applet. End user will be prompted to grant certain permissions (local file access, network access) when the applet is launched for the first time but it's possible to suppress permission requests on subsequent launches by having user check the "trust the publisher" checkbox.
The file should be selected in order to be encrypted, the encryption consists of it's data, so for security reasons browsers doesn't allow default values not to have file injections, so the answer is no, you still need to use <input type="file"> with no default value, read this for more info.
Not without some help from an external plugin. The browser has the file element locked down because it would be a security risk to allow any website to automatically upload a file from your computer.
EDIT:
Now that I see what you want to accomplish, why go through the browser? Why not setup some sort of synchronization between his computer in the server that doesn't go through the web?
Use the name attribute in the input element, and tell the customer use a suitable version of Opera that supports the attribute. Something like Opera 7. Might be hard to find.
I know that this answer may sound sarcastic, but this hopefully illustrates the situation: file input was originally designed to allow a default filename to be specified, this was implemented in some browsers only for some period of time, and now the excuse is “security”, i.e. browser vendors did not want to implement suitable security precautions and they describe the issue as if the idea itself were “insecure.”
I want to know if this is possible to print all attached pdf from an object.
(i'm afraid not, but better asking ;D)
context:
User uploads multiple pdf file in his account, then later, he clicks on "print all the pdf attachements", instead of downloading and then one by one clicking on "print"
Thanks.
There are several ways you can go about this with either just JS or a combination of PHP and js (and perhaps server-side programs that can be called by PHP):
Have the target document be a php file which programatically join all the PDFs into a single document (for instance, with pdftk) and then outputs the joined file with PDF headers. This file would be loaded into an iframe which you could call window.print() on with JavaScript.
Use javascript's window.print() function to target several hidden iframes each of which has one of the PDFs loaded in it. The major drawback of this approach is that it will generate multiple print dialogue boxes.
Both of these approaches rely on the user having the necessary settings and plugins to actually load PDFs within the browser window, but if they don't they'll be prompted to download the large file/multiple files.
This can not be done with PHP. Why? Well, PHP is a server-side script. It has no possibilities to access the user's printer.
To my knowledge there is no solution with javascript either. Mike made a good point with the printer dialog being accessible through a javascript command but that is where it stops. This is a good thing though, would you want a page you enter to be able to use your printer without your permission?
Best way is probably to concatenate all the pdf into a single document server side then allow the user to download and print that. This is what manuscriptcentral and probably other online academic peer review systems do.
I'm putting together a portfolio website which includes a number of images, some of which I don't want to be viewable by the general public. I imagine that I'll email someone a user name and password, with which they can "log-in" to view my work.
I've seen various solutions to the "hide-an-image" problem on line including the following, which uses php's readfile. I've also seen another that uses .htaccess.
Use php's readfile() or redirect to display a image file?
I'm not crazy about the readfile solution, as it seems slow to load the images, and I'd like to be able to use Cabel Sasser's FancyZoom, which needs unfettered access to the image, (his library wants a link to the full sized image), so that rules out .htaccess.
To recap what I'm trying to do:
1) Provide a site where I give users the ability to authenticate themselves as someone I'd like looking at my images.
2) Restrict random web users from being able see those images.
3) Use FancyZoom to blow up thumbnails.
I don't care what technology this ends up using -- Javascript, PHP, etc. -- whatever's cleanest and easiest.
By the way, I'm a Java Developer, not a web developer, so I'm probably not thinking about the problem correctly.
Instead of providing a link to an image. Provide a link to a cgi script which will automatically provide the proper header and content of the image.
For example:
image.php?sample.jpg
You can then make sure they are already authenticated (e.g. pass a session id) as part of the link.
This would be part of the header, and then your image data can follow.
header('Content-Type: image/jpeg');
Edit: If it has to be fast, you can write this in C/C++ instead of php.
Using .htaccess should be the safest/simplest method, as it's built in functionality of the webserver itself.
I do not know if it fits your needs, but I solved a similar poblem(giving pictures to a restricted group of people) by using TinyWebGallery, which is a small gallery application without database.
You can allow access to different directories via password and you can upload pictures directly into the filesystem, as TinyWebGallery will check for new dirs/pics on the fly. It will generate thumbnails and gives users possibility to rate / comment pictures (You can disable this).
This is not the smallest tool, however I thik it is far easier to setup than using apache directives and it looks better as naked images.
If you're using Nginx, you could use the Secure Link module.