I'm developing a flexible processing CFML script that accepts (authenticated) FORM posts and processes the data. The data is stored based on form field prefixes, but I don't have any hints regarding which fields may contain a file when processing a "multipart/form-data" form posts. I found Ryan Stille's blog post from 2012 entitled "Getting the client filename before using cffile", but it didn't work with Lucee.
I've been using Ryan's Adobe ColdFusion-only UDF for a couple years, but I need a cross-compatible solution since I'm attempting to migrate some projects to Lucee. I searched & couldn't find anything, so I thought I'd try my hand at it. (I'm not 100% sure if this is the best way to do it since it uses an undocumented method.)
The benefit to this approach is that it returns a single struct containing keys that match all form "file" field names with extra information identifying the original filename, type, size and temporary file path. Enjoy!
getFormFiles UDF (cross-compatible cfml)
https://gist.github.com/JamoCA/524b68b4fbbbf884da7f631e697defbd
| <!--- 2022-05-05: getFormFiles UDF for Adobe ColdFusion and Lucee | |
| Gist: https://gist.github.com/JamoCA/524b68b4fbbbf884da7f631e697defbd | |
| Blog: https://dev.to/gamesover/identifying-random-uploaded-form-files-57n7 | |
| ---> | |
| <cfscript> | |
| public struct function getFormFiles() output=false hint="I return a struct with all form field & file data from a form post" { | |
| if (cgi.request_method neq "post") return {}; | |
| local.result = [:]; | |
| local.isLucee = server.ColdFusion.ProductName is "lucee"; | |
| local.tmpPartsArray = (local.isLucee) ? form.getRaw() : form.getPartsArray(); | |
| if (local.keyExists("tmpPartsArray")) { | |
| local.javaFile = createObject("java", "java.io.File"); | |
| for ( local.tmpPart in local.tmpPartsArray ) { | |
| local.tempPath = form[local.tmpPart.getName()]; | |
| local.isLuceeFile = local.isLucee && listLast(local.tempPath,".") is "upload" && fileExists(local.tempPath); | |
| if ( local.isLuceeFile || (!local.isLucee && local.tmpPart.isFile())) { | |
| local.data = [:]; | |
| if (local.isLucee){ | |
| local.data["name"] = GetPageContext().formScope().getUploadResource(local.tmpPart.getName()).getName(); | |
| } else { | |
| local.data["name"] = local.tmpPart.getFileName(); | |
| } | |
| local.filesize = local.javaFile.init(javacast("string", local.tempPath)); | |
| local.data["size"] = local.filesize.length(); | |
| local.data["type"] = fileGetMimeType(local.tempPath); | |
| local.data["tempPath"] = local.tempPath; | |
| local.result[local.tmpPart.getName()] = local.data; | |
| } | |
| } | |
| } | |
| return local.result; | |
| } | |
| </cfscript> | |
| <cfif cgi.request_method is "post"> | |
| <cfdump var=#getFormFiles()# label="getFormFiles()"> | |
| </cfif> | |
| <cfoutput> | |
| <form action="#CGI.script_Name#<cfif len(CGI.Query_String)>?#CGI.Query_String#</cfif>" method="POST" enctype="multipart/form-data"> | |
| <input type="hidden" name="fieldToIgnore" value="1"> | |
| File <input type="file" name="RandomFile_#getTickCount()#" required> | |
| <button type="submit">Upload</button> | |
| </form> | |
| </cfoutput> | |
Top comments (0)