Is there a way to upload files?

Jim Ault jimaultwins at
Sat May 15 11:45:19 EDT 2010

On May 15, 2010, at 8:08 AM, Geoff Canyon Rev wrote:

> It's easy enough to look at a web form and convert it to a set of
> arguments to use in rev, like so:
> But what if the form includes file upload? Is there a way to take a  
> local file and include it in a url to upload it to a web server?

Technically it is a major security breach to have a file upload occur  
without a use interaction, such as clicking a 'submit' button.
Otherwise a scoundrel could begin uploading from anywhere on the  
user's hard drive in a steady sequence.

Assuming you are doing the form correctly with user interaction, you  
would use the POST command in Rev to send one or more variables and  
their values to a URL.

The basic idea is that you build header lines to control how the  
server script will operate on your data, then append variable=value  
pairs to the single variable.

in the Rev script, when all the strings have been concatenated, the  
text is sent to the URL of the server script.
The URL triggers a script that has been programmed to read and work  
with those variables (usually with error checking).

The file upload is usually stored in a temporary directory on the web  
server with a random temporary name created by the web server, then  
renamed according to the name sent by the POST command.

Look in the dictionary for specific examples of code that builds the  
header lines the appends the data pairs.

The GET command does the same thing, except it has a limit of about  
1000 characters.
A server script that is well-written will check for GET variables and  
POST variables to detect which format has been set.

Both methods will create an array such as

  ( using PHP syntax for the array )
$_GET['type']         {which holds '12'}
$_GET['summary']  {which holds 'this+is+a+test'}
$_GET['user']         {which holds 'geoff.canyon'}
$_GET['password']  {which holds 'test'}

sending the variables as a block to the URL
$_POST['type']         {which holds '12'}
$_POST['summary']  {which holds 'this+is+a+test'}
$_POST['user']         {which holds 'geoff.canyon'}
$_POST['password']  {which holds 'test'}

Obviously, if you accidentally used the same variable name twice,  
there would be data loss, just as with Rev associative arrays.

Hope this helps you get the idea.

Jim Ault
Las Vegas

More information about the Use-livecode mailing list