Ok. It is a security reason.
I was thinking about. I am Drupalist.
Let say I have 6 browse button (eg. img01, img02, img03, img04, img05,
img06)
I hide all except the first.
The user click first browse button and make a choice.
So I Can hide the first button (with label and everything else) copy the
choice of user to a div and show the second browse button.
If user "delete" the div should be empty the content button and bring back
to top.(or something like that)
I can create a chain to 2-3-4-5-6 and to all upload buttons I have and the
last we can set a message (limit of upload is 6 files)(In this technique we
will always have a limit) .
Of course the upload process will occur only when user submit the form.
This solution could be very useful to all CMS and in special to Drupal.
But unfortunately I am not a programmer. Who can help me?
I think this post will resolve a lot of problems to a lot of people.
Should be based in JQuery to show the power of this beautiful tool.
Regards
macm
2007/4/3, Erik Beeson <[EMAIL PROTECTED]>:
You can't set the value of an input type="file" field and here's why:
<form id="hacker_form" action="/steal_your_file" ... >
<input type="file" value="/etc/passwd"/>
</form>
<script>
document.getElementById('hacker_form').submit();
</script>
If you were allowed to set the value like that, the above snippet
would upload the target file without the user even knowing it was
happening. That's the security issue.
--Erik
On 4/2/07, macm <[EMAIL PROTECTED]> wrote:
>
> Hi
>
> I am trying upload without refresh so I tried
>
>
http://the-stickman.com/web-development/javascript/upload-multiple-files-with-a-single-file-element/
>
> Works like a charm but:
>
> Browser Peculiarities
>
> * Internet Explorer and Netscape do not use the VALUE attribute as
> the default contents of the input area. Any default value set via HTML
> is not usable via scripting and the DOM as well (hence it is not
> listed as 'supported' in any of the browsers.) If a user enters text
> in the field however, that value is then reachable via the DOM as it
> normally would be for a normal INPUT field (via the .value property.)
> The reason for this behavior would presumably be to ensure the
> security/safety of users against malicious authors. Opera displays the
> default VALUE attribute value and submits it as well (although it
> prompts for confirmation on submit if you have not altered that
> value.)
>
> from:
http://www.blooberry.com/indexdot/html/tagpages/i/inputfile.htm
>
>
> I heard that exist a trick about this and I would like to know who can
> tell me.
>
> So How I have paths from example above.
>
> Something like that => c:/mydocuments/myfile.gif
>
> How can I insert this in input file element? (I know how can I insert
> but the problem isnt accept like I said before)
>
> If Input file dont accept value=" " how can I insert the path into
> input element?
>
> Regards
>
> macm
>
>
--
Mário Alberto Chaves Moura
[EMAIL PROTECTED]
31-9157-6000
