File Upload Button question

[Rob Kolanko]

When the File Upload field type is used in the NetWebForm, I noticed that the file is selected by pressing the browse button, and the file is uploaded when the Save button is pushed. Is it possible to retrieve the file size on the clients computer before the save button is pressed? (is the size in a property some where?)  Also I can see client’s path to the file in the web page file upload field, however  the variable contains the server path to the file. Is it possible to retrieve the client’s path to the file from a property or a net value?

Thanks,
Robert Kolanko

[Bruce]

There's no "simple" way to do this - although there are a few techniques you can use which may work in some cases. Flash is the most obvious helper here, but of course some systems don't have flash, so work-arounds abound.

It's something I'll be looking into though when I look at the File Uploading plugin.

more some more reading see here;
http://stackoverflow.com/questions/4204249/recommended-way-to-check-file-size-on-upload
and here
http://stackoverflow.com/questions/4256715/ensure-file-size-of-uploaded-file-is-lower-than-maxrequestlength-before-the-uplo

cheers
Bruce

[Rob Kolanko]

Hi Bruce,
I reviewed your links, an interesting observation is that many of the posts assume IIS is the web server.  The file size restrictions mentioned in these posts are IIS parameters. Since NetTalk applications replace IIS, this opens a lot of questions on how NetTalk applications are actually handling the uploading files. Are there any restrictions on the size of the file that is uploaded?  Do any of the server properties restrict the amount of data that can be sent from the browser. Is it restricted to the size of the post transaction?   

I have used a product called csASPUpload from www.chestysoft.com. It is a server side ASP component that is used in an ASP script. Using this component the file size can be determined prior to the file upload and plugins are not required on the browser.  I have not tried it with NetTalk, because I think that IIS is required to run ASP components on the server. The component must be getting the file attributes from the browser somehow through the ASP page. Since NetTalk is the web server, maybe if an ASP page is sent to the browser, we could get more information back from the browser, when the <input=file …> tag is used.

Anyway this just my guess, I am likely speaking way ahead of my intelligence level here. The File Uploading plugin you mentioned, will this be for the server or the client’s browser?

Thanks,
Robert Kolanko

[useless]

Some people say the Javascript security model doesnt permit this sort of thing, but a quick google threw up this javascript which might work I havent tested.

function findSize() {
    if ( $.browser.msie ) {
       var a = document.getElementById('loadfile').value;
           $('#myImage').attr('src',a);
           var imgbytes = document.getElementById('myImage').fileSize;
           var imgkbytes = Math.round(parseInt(imgbytes)/1024);
           alert(imgkbytes+' KB');
    }else {
           var fileInput = $("#loadfile")[0];
           var imgbytes = fileInput.files[0].fileSize; // Size returned in bytes.
           var imgkbytes = Math.round(parseInt(imgbytes)/1024);
                   alert(imgkbytes+' KB');
     }
}   
</script>

or another that might work.

function LimitedSize()
{
var i;
var y = document.images;
for (i=0;i<y.length;i++)
{
    if((y.id) == 'Sample')
    {
      if(y.fileSize > 102400)
          return false;
    }
}
return true;
}

[Johan de Klerk]

Hi Guys,

I don't have any knowledge of this but saw this.

jQuery File Upload Demo
http://blueimp.github.com/jQuery-File-Upload/

Uploadify
http://www.uploadify.com/
http://www.uploadify.com/about/

Maybe this can be used.

Regards

Johan de Klerk

[Bruce]

Hi Richard,

thanks for the fileSize tips - I'll investigate that a bit more with regards to which browsers it works in and so on. It may be a useful "warning" to the user that they are submitting a file which is too large.

Of course nothing stops the user sending (either via your page, or via some command line utility like CURL) a file which is too large, so ultimately the server will need to implement the limit as well (which fortunately is trivial to do.)

Johan;
The BlueImp plugin is the one I've been checking out recently with a view to including it - however there are some technical questions - especially with regard to the look, that I still need to answer.

Cheers
Bruce

[Bruce]

Hi Robert,

>>  The file size restrictions mentioned in these posts are IIS parameters. Since NetTalk applications replace IIS, this opens a lot of questions on how NetTalk applications are actually handling the uploading files.

The good news is that the server side is completely under your control, so implementing stuff on that side is really easy. But of course by then the user has already sat through uploading the file, so it's a bit "late" for genuine users. For malicious users of course it _has_ to be here.

>> Are there any restrictions on the size of the file that is uploaded? 

built into NetTalk - no. However if you wanted to apply a restriction you can do it in the WebHandler, in the HandleFile menthod. One line will suffice;

if p_len > x then return.

HandleFile is the method that writes the incoming file to disk.

>> Do any of the server properties restrict the amount of data that can be sent from the browser. Is it restricted to the size of the post transaction?   

no - bear in mind that as the post is arriving it's not "understood" at that point. Only once the whole request has arrived is it handed off to the WebHandler.
It would be possible to keep an eye on an incoming request, in the process method, and abandon it if it got too large though.

>> I have used a product called csASPUpload from www.chestysoft.com. It is a server side ASP component that is used in an ASP script. Using this component the file size can be determined prior to the file upload and plugins are not required on the browser.

The browser-side code is not affected by ASP - and the server side part should be easy to handle - so I'll take a look into it.

cheers
Bruce