Trongate Website Homepage

A General Overview Of File Uploading

Giving website visitors the ability to upload files onto your server represents a huge security risk. Some general guidance for best security practices, with regards to file uploading, is offered at the end of this chapter. However, if you are planning on building a file uploader and you aren't entirely sure about what you're doing, you are hereby strongly encouraged to seek expert, professional assistance.

Trongate provides the necessary tools to build custom file uploaders. The process of building a file uploader is similar to building any other form, but with a few additional steps to handle the file itself.

Here is a list of the main components that make up a custom file uploader:

  • A webpage with a file upload form: This is the user interface that allows users to select a file and submit it to the server.
  • A method for receiving post requests from the uploader: This is the server-side code that handles the file once it has been submitted by the user.
  • Some validation tests: These are used to ensure that the submitted file meets the requirements set by the application (e.g. file type, size).
  • A means of gracefully dealing with errors: This includes handling errors that occur during validation, as well as errors that may happen during the file upload process.
  • A destination directory where files are to be uploaded to: This is the location on the server where the uploaded file will be saved.
  • A little bit of configuration: This includes setting up the destination directory, and any other settings that the uploader needs in order to function.
  • A success message or page: This is the message or page that is displayed to the user once the file has been successfully uploaded.
  • As you can see, most of these components are similar to what you would expect in any form building scenario. The upcoming pages of the documentation will provide a detailed guide on how to build each of these components and put them together to create a custom file uploader using Trongate.