Use the cffile tag for uploading files to the server.
Note that allowing people to upload files is fraught with danger and only trusted users should be allowed to upload files. Checks should be made to make sure that only allowed file types are uploaded.
The Client-Side
First of all, let us deal with the client side. This assumes some knowledge of HTML.
You need to include an input file field in your form, use the POST method and set the MIME encoding to "multipart/form-data" from the default value of "application/x-www-form-urlencoded".
[HTML]<form name="uploadform" action="actionpage.cfm" method="POST" enctype="multipart/form-data">
<input type="file" name="uploadfile">
<input type="submit" name="uploadsubmit" value="Upload">
</form>[/HTML]
These are the three basic client-side components for a file upload.
The Server-Side
Now onto the server side. This assumes some basic knowledge of Coldfusion.
You will need to use the cffile tag (the syntax is shown below):
Expand|Select|Wrap|Line Numbers
- <cffile
- action = "upload"
- fileField = "formfield"
- destination = "full_path_name"
- nameConflict = "behaviour"
- accept = "mime_type" or "file_type"
- mode = "permission"
- attributes = "file_attribute_or_list"
- result = "result_name">
Expand|Select|Wrap|Line Numbers
- <cffile
- action = "upload"
- fileField = "uploadfile"
- destination = "c:\Inetpub\wwwroot\uploads"
- nameConflict = "overwrite">
The nameConflict attribute is optional, but should be specified in case a file already exists with the same name. In that case, you have four options:
Error: An error message is displayed with the page processing aborted.
Skip: The file is not uploaded, but no error message .
Overwrite: Files on the server with the same name are overwritten.
Makeunique: The file is uploaded and given a unique name.
You can use the accept attribute to restrict the types of files that the user is allowed to upload, e.g. to allow only GIFs, JPGs and PNGs, you could use:
Expand|Select|Wrap|Line Numbers
- accept="image/gif,image/jpg,image/png"
You can skip this part if you don't need to set the file properties.
The final three attributes are mode, attributes and result.
mode lets you set the read/write/execute file permissions on Unix/Linux.
attributes allows you to set whether the file should be readOnly (read only), hidden or normal (on Windows). each attribute must be explicitly set, otherwise they will be overridden.
result lets you use a prefix other than cffile for the variable which contains the result parameters, e.g. if you set this result parameter to cfresult, for the size of the uploaded file, instead of
Expand|Select|Wrap|Line Numbers
- cffile.fileSize
Expand|Select|Wrap|Line Numbers
- cfresult.fileSize
Ok, now for an example. Our example sends the form to the same page which we shall call UploadFile.cfm.
Expand|Select|Wrap|Line Numbers
- <cfif isDefined("form.uploadfile")>
- <cffile
- action = "upload"
- fileField = "uploadfile"
- destination = "c:\Inetpub\wwwroot\uploads"
- nameConflict = "overwrite">
- <cfelse>
- <form name="uploadform" action="UploadFile.cfm" method="POST" enctype="multipart/form-data">
- <input type="file" name="uploadfile">
- <input type="submit" name="uploadsubmit" value="Upload">
- </form>
- </cfif>