Thank you for the advice. I'll stick to hard coded file locations and names :).
Thanks again, - Ole On 09/05/2011 03:22 AM, André Warnier wrote:
This must be about the worst advice I have ever seen. What about someone typing e.g. "/etc/passwd" in that text box? If you allow people to upload files to your server, you should create your own location and naming scheme for the uploaded files. You should not even use the original filename, unless you are dying to experience all the silly things that people can think of in terms of filenames (with spaces in them, or characters that are valid on one platform but not another, or characters in various character sets and so on.) Jonathan Soons wrote:You need to add a line in in your form: <input type="text" name="filename" /> Then in your servlet GetPost() method you put this filename in a variable: String filename; filename = req.getParameter("filename"); Then instead of part.write("samplefile"); do: part.write(filename); Jonathan Soons ________________________________________ From: Ole Ersoy [ole.er...@gmail.com] Sent: Friday, September 02, 2011 6:50 PM To: Tomcat Users List Subject: Servlet 3.0 File Upload Hi, I have a working file upload servlet, with the exception that it calls the uploaded file "samplefile" instead of using the name of the file. So if I upload different files, they all overwrite each other. Any ideas on how to fix this? I used this tutorial to get it working: http://www.servletworld.com/servlet-tutorials/servlet3/multipartconfig-file-upload-example.html TIA, - Ole --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
