I'm trying to figure out how to get a server to accept a file through HTTP post in one step - without going through all the trouble of creating an html form and clicking the submit button.
I know how to write a PHP/HTML package that accomplishes the following:
user points their local browser to a URL with an upload form
user selects a local file and clicks "upload" button on the form
server accepts that file and places it in a specified place
I create an HTML file with a form that calls a php script when the submit button is clicked.
I'd like to change this to the following:
From command line, user executes the following command:
"curl -X POST #somefile http://myhost/getter.php"
server (myhost) accepts that file and places it in a specified place
Said another way, I'd like to send the file directly to the php script without going through the form step.
Much thanks for any guidance.
http://curl.haxx.se/docs/httpscripting.html
4.3 File Upload POST
<form method="POST" enctype='multipart/form-data' action="upload.cgi">
<input type=file name=upload>
<input type=submit name=press value="OK">
</form>
command line equivalent:
curl --form upload=#localfilename --form press=OK [URL]
Related
I have looked around for "PHP validation and redirection" but so far they don't work me because I cannot execute PHP scripts inside a HTML page because my website hosting does not give me access to the apache config httpd file. I can add handlers but I don't think that helps me. Here's what I'm trying to do:
User inputs some stuff including a valid email address
PHP creates a json string and save it on the server (works)
Write an email to the user confirming what they've entered (works)
Re-direct after the submit which is from the following code:
<form method=POST action="go.php">
<input type="submit" value="Submit" />
</form>
If the user has entered anything invalid (email, name...) the PHP script should return the user to the previous page with a red * beside the field that's invalid.
My question is, how can I do that without putting PHP inside the html?
I´ve a multipart form with a mixture of default inputs (text, select etc.) and a file upload (<input type="file">).
I´m using a combination of form validation class and upload library of Codeigniter for form submission. That works great.
I´ve only one problem for what I haven´t found a solution yet: If the user selects an image but misses to fill another required field (like "name"), then the form validation class blocks the request and shows an error message to the customer.
But now I´ve the problem, that the image was already submitted successfully and I don´t want to let the user add the file again. So I want to pre-fill the file input with this data.
I´ve tried different things like:
<input type="file" name="image" value="<?php echo set_value('image','');?>" />
and also spent time on finding a solution on the web but without success.
On the server side, you do not get any information about where the file is located on the client's computer, so in the scenario of a user uploading an image successfully but the user hasn't filled out the rest of the fields properly, you have to simply omit the input type="file" field entirely but keep a store of where the file is located on your server. There's a few ways to go about this, but it all involves taking the absolute location of the uploaded file and:
Inserting it back as a hidden value using <input type="hidden" name="uploadedFile" value="<?php echo $absPath; ?>" /> then checking for the existence of $_POST['uploadedFile'] and utilizing it appropriately. But this isn't a solid idea as you're now exposing server paths to the end-user (opens yourself up to malicious attack.)
Starting a session and saving the absolute path in the $_SESSION variable while presenting the user with a simple token in their re-attempt form.
I'd stick with method 2, so assuming you've done all the work to validate the form and upload the file and your file is located in $absFilePath, you could do the following:
session_start(); // This needs to be at the very top of you PHP file
// ...
$formToken = md5(time());
$_SESSION['uploadedFile'][$formToken] = $absFilePath;
Then render the token as a hidden variable using:
if (!empty($_SESSION['uploadedFile'][$formToken]))
echo '<input type="hidden" name="formToken" value="'.$formToken.'" />';
and hide the file upload portion using
if (empty($_SESSION['uploadedFile'][$formToken]))
echo // <input type="file" output here...
finally inside of your form submission code check for the existence of a formToken value before attempting to load $_FILES['image'] using isset($_POST['formToken']), and handle it using:
$absFilePath = $_SESSION['uploadedFile'][$_POST['formToken']];
Bam! Now you have your absolute file path as if the file had been uploaded just like before.
Since you haven't given enough code, I can only given you enough instruction to get you started, but this should be more than enough.
I have build a form in which you can add images. Unfortunatelly, I am not able to call "move_uploaded_file" in PHP, as the server is running PHP safe mode and there is no way to modify this (I have checked). Therefore, I submit my form to my OWN server, which handles the file uploading.
On my own server, the file however; is not found. I think it has to do with the form calling the external url.
I know this because
echo $_FILES['uploadFile']['name'] ."<br>";
returns just an empty line.
The form itself is:
<form action="http://ejw.patrickh.nl/load.php" method="get" enctype="multipart/form-data" onsubmit ="return checkInput();"> </form>
and contains several input buttons.
Bottomline: the form on my own server submits the file perfectly, however when I make use of the form which is on another site, with the above action; no file is found.
Can this be fixed, and if so; how?
Thanks in advance!
You have to use method="post" to submit files.
Also the enctype attribute alone can be used only, if method="post".
What I want
I want to upload a file without reloading the page, also I want to add the source link for the image to the textarea.
So when I push the upload_photo, the image uploads and a link is added to the textarea.
I want pure HTML, Javascript|AJAX and PHP.
What I have
<form action"index.php" method="post" enctype="multipart/form-data">
<textarea id="textarea" name="text"></textarea>
<input type="file" name="photo" />
<input type="submit" name="upload_photo"/>
<input type="submit" name="post"/>
</form>
Example sites:
http://www.friendfeed.com - the page don't reloads when you upload the files
What I don't want
Please avoid posting solutions with jQuery or any library, API.
That's easy.
Put an iframe, give it a name, for example "MyIframe".
Then in the form, add the TARGET attribute, with the value "MyIframe", and the action - the script that takes the upload (takeupload.php for example)
In the main page define a Javascript function that does something you need after the upload is done, which will be called, with parameters, from the page generated by takeupload.php.
in takeupload.php upload the image, then send as an output a normal blank HTML page that will execute a script which will call the method described above, with a set of parameters you need (image name, path, error, or plain HTML to insert somewhere, etc.).
use it like this:
<script type="text/javascript">
parent.YourJSMethod(parameters);
</script>
The page will be loaded in the iframe, and it will run a function defined outside the iframe. Upload is done, and the parent page receives data about the result.
This is fairly simple. No jQuery needed, no AJAX, no nothing, just a very simple Javascript code and a little HTML.
This can indeed be done with AJAX. I don't think that using AJAX is any more of a security risk than sending a vanilla HTML form; you will have to validate all user input on the server side all the same. Here's a simple example:
http://www.webtoolkit.info/ajax-file-upload.html
There is a button in a site like this:
<form method="POST" action = "/invite/1233">
<input type="hidden" name="t" value="4b16d">
<button type="submit">submit</button>
</form>
How can I "emulate" pressing this button for example in bash? Is it possible to make an adress that I can click instead of this button? Why http://site-domain-here/invite/1233?t=4b16d doesnt work?
On your terminal, assuming you have curl installed (who doesn't?), run:
curl -d "t=4b16d" http://site-domain-here/invite/1233
The -d option means that the request will be made with POST.
In response to your addition to your question:
Why http://site-domain-here/invite/1233?t=4b16d doesnt work?
This is because by following the link above you are by default issuing a GET request; not a POST request with post data which is what the web page/service requires.
See http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Request_methods for an explanation of the various HTTP request "verbs".