Upload files by convention?

7 views
Skip to first unread message

John Whish

unread,
Oct 23, 2009, 4:28:35 PM10/23/09
to ColdBox Platform
This is a bit of a brain dump, but I was just having an interesting
conversation with Bob Silverberg recently about where we think file
uploads should occur in an OO application. Currently we are both
processing our file uploads by calling a Filesystem object (in my case
the uploadFile() method of the Utilities plugin) from the service
layer.

We concluded that the job of uploading files really belongs in the
controller, and as the controller is an extension of an MVC framework,
maybe the MVC framework could handle the file uploads.

We're thinking that it could work along the lines of the security
interceptor config to handle which handler and permissions are allowed
to upload files. A naming converntion could be used to name form
fields containing file uploads. The result of the upload could be
store in the event collection.

Do you think that this would be a good thing to have as a ColdBox
interceptor?

Bob has posted a more in-depth version to the Model Glue mailing list
which is an interesting read at
http://groups.google.co.uk/group/model-glue/browse_thread/thread/db6893bbe8a9050

Thanks for reading :)


Luis Majano

unread,
Oct 23, 2009, 4:39:45 PM10/23/09
to col...@googlegroups.com
I think this is a great case for an interceptor and something customizable.  Then you can do your own conventions or whatever you like.  Myself personaly, I usually go the way of uploading via the plugin, as 1 line pretty much does it all for me from my controllers or services.

Luis
--
Luis F. Majano
President
Ortus Solutions, Corp

ColdBox Platform: http://www.coldbox.org
Linked In: http://www.linkedin.com/pub/3/731/483
Blog: http://www.luismajano.com
IECFUG Manager: http://www.iecfug.com

John Whish

unread,
Oct 23, 2009, 4:49:46 PM10/23/09
to ColdBox Platform
Thanks for the reply Luis.

If I can give an example of where I think this would be a benefit over
calling the uploadFile() method is when you have a form which allows
for several optional uploads. The uploadFile() method expects the
FileField to contain a file, so you have to check if the form field
contains data and repeat this process for each file upload.

- John

br...@bradwood.com

unread,
Oct 23, 2009, 5:09:52 PM10/23/09
to col...@googlegroups.com
Interesting thoughts. We have a FileManagementService that wraps a
number of CFFile and CFDirectory tasks. We usually call it from our
handler and tell it what to do with the uploaded file.

~Brad

John Whish

unread,
Oct 23, 2009, 5:26:04 PM10/23/09
to col...@googlegroups.com
I'm kinda thinking out loud here, but another thought is that I could specify allowed file types. When a file is uploaded I want it to go into a directory outside the webroot (so a potential DOS attack can't execute the file before it is deleted), if the file is valid, the interceptor could actually move the file if valid or delete it, all transparent to the model.
Reply all
Reply to author
Forward
0 new messages