Re: Saving the name of an attached file to the DB

Peter Tilbrook Wed, 28 Feb 2007 02:47:45 -0800

Actually, for security, I would avoid using a hard-coded directory and do 
something like:


<cffile action="UPLOAD" filefield="ImageFile" 
destination="#expandpath("images/content")#" nameconflict="MAKEUNIQUE">

It helps keep the directory structure of you server more secure from potential 
hackers.

eg:

        <cftry>
                <cffile action="UPLOAD" filefield="ImageFile" 
destination="#expandpath("images/content")#" nameconflict="MAKEUNIQUE">
                <cfcatch type="any">
                        <cfinclude template="dsp_upload_error.cfm">
                        <cfabort>
                </cfcatch>
        </cftry>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Create Web Applications With ColdFusion MX7 & Flex 2. 
Build powerful, scalable RIAs. Free Trial
http://www.adobe.com/products/coldfusion/flex2/

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:270932
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: Saving the name of an attached file to the DB

Reply via email to