File Upload Validation

 

Documentation home

 

Overview. 1

Client-Side Validation. 1

Server-Side Validation. 1

File Items 1

API Methods 2

 

See also: Uploading Files, File Upload Controls, Controls

 

Introduction

This document details validation for files uploaded using the File Upload Control. For a description of the available file upload controls and examples of their use, see Uploading Files.

 

Files are validated to ensure they are not empty, and that they are of an expected size and type. By default the File Upload control options ‘File Types’ and ‘Maximum File Size’ are left blank, so that any size and type of file is accepted. For more detail on how to specify validation options see File Upload Properties.

 

This validation is provided primarily to prevent user error, and provides some confidence that uploaded files are within the specified parameters. However, file types and sizes can in some cases be spoofed by a malicious user, so if this could affect other users or the application itself it is recommended to implement additional validation in your application.

Overview

There are two stages of validation; client-side validation which takes place in the user’s browser, and server-side validation which takes place on the server the files are uploaded to. The flow diagram below shows the validation process in more detail, starting from the point at which a file upload is triggered. Client-side validation, server-side validation, and File Items are explained in more detail below. 

Client-Side Validation

Selected files are validated on the client side to ensure they are not empty and have a valid extension and size. If a file fails validation, a message is shown detailing the file and validation error. These messages are implemented using System Texts, providing default values and translations for some locales, and allowing easy modification. Validation messages pop up by the File Upload control on modern browsers, and are displayed as an alert on older browsers, as shown below.

 

Modern browser message style                Old browser message style

 

 


Server-Side Validation

The extensions and sizes of uploaded files are also validated on the server. If a file fails to validate it will not be uploaded, and its File Item’s status will be set to ‘FAILED’. The File Item’s error message will specify the validation error.

File Items

A File Item contains basic information regarding a file uploaded using a File Upload control. A File Upload control provides the API method ‘getFileItems’, which returns an iterator through File Items representing each file in the last attempted upload. The API methods for File Items are described below.

 

API Methods

Name

Description

Type

getFileName

 

Returns the file name the uploaded file is saved as on the server. This may differ from the user’s local file name if the ‘Replace Duplicate Files’ option is unselected on the File Upload control, as duplicate file names will be saved with an incrementing unique identifier _x appended to the original name.

E.g myfile.txt would be created as myfile_1.txt if the file already exists.

 

String

 

getUserFileName

Returns the original file name of the uploaded file.

String

getFileSize

Returns the file size of the uploaded file.

Number

getStatus

Returns the status of the file upload, either ‘OK’ for success or ‘FAILED’ for failure.

 

String

hasError

Returns true if the file has failed to upload

Boolean

getErrorMessage

Returns the failure error message if the file has failed to upload, otherwise returns null.

String

getFilePath

Returns the full path to the uploaded file on the server.

String

getRelativePath

Returns the path to the uploaded file on the server relative to the base upload directory

String