File Uploads

The “File Upload” form field

Upload fields are form fields that the form user can use to send you a file. This file is uploaded to a directory of your choice on your server. You can add an upload field to a form in Visforms by creating a field of type “File Upload”.

The HTML control “Upload File”

file upload control

The control that is displayed for an upload field in the form has a button. With its help, a file to be uploaded can be selected on the local computer. Furthermore, the control has an area in which the file name of the file to be uploaded is displayed. The file name display becomes visible after selecting a file using the button.

The browser controls the appearance of the control

The control is generated entirely by the browser. It can therefore look different in different browsers. The button text (e.g. “Browse”) is also supplied by the browser. Therefore, if you have a multilingual Joomla website and change the language, the language of the button text does not change like all other texts.

The language of the button text is always in the language of the browser. This is determined by the operating system or selected/determined during browser installation. The language of the button text can therefore not be influenced with Visforms.

Filename cannot be set programmatically

No JavaScript access possible

Another special feature of the upload control is that its value, i.e. which file should be uploaded can only be set by using the button. Its value cannot be set programmatically, such as with JavaScript. This is because the browser is doing a lot of work related to the file being uploaded in the background. All of this background work would not happen if the filename was set programmatically. In addition, the browser saves information that it uses for the upload. These works are browser-internal and cannot be programmatically influenced from the outside.

Upload field is always empty

This is also the reason why an upload field is always empty, when the form is submitted again. This always happens when data that has already been transmitted has not passed validation on the server. Any other information already entered by the user is unaffected and will be displayed again.

The file to be uploaded will be sent by POST

The file upload process consists of several essential steps.

The browser is responsible for transmitting the file data to the server. Just like with all other data that is transmitted with a form. For this purpose, the data in the file is also packed and sent to the server together with all other form data.

The server unpacks the data and saves the uploaded file under a temporary name in an intermediate directory.

It is then up to the application, in this case Visforms, to decide what to do next with the temporary file. On the one hand, this includes a thorough validation of the file according to the specifications in the form configuration with regard to size and file extension. On the other hand, this includes a check according to the Joomla standards regarding whether the file contains potentially dangerous content. Finally, Visforms also saves the file in the location specified in the form configuration.

Unfavorable server settings

Unfavorable server settings can lead to errors when uploading files.

These settings are made in php.ini.

Each server has settings that regulate, among other things:

  • the maximum total amount of data that can be transmitted with one POST,
  • the maximum size of a single uploaded file,
  • the maximum amount of data that can be uploaded at once.

Errors have nothing to do with visforms

If the data transmitted by the browser does not correspond to these settings, errors will occur. The errors have nothing to do with visforms or specific settings in visforms. Especially not if the total request content is larger than the maximum allowed value for a POST. In this case, all transferred data will be lost and an empty POST will be passed.

Impossible to redisplay submitted form data

Then it is not possible, for example, to display form data that has already been transmitted. But that should happen when Visforms submits the form again because the submitted data did not pass validation on the server. And this is also very likely because the data is missing.

Security token missing

The security token sent with the POST is then also missing. This can lead to the message “Invalid Token” appearing and the form not being sent correctly.

Settings in php.ini

The following php.ini settings are of particular interest:

  • upload_max_filesize: This setting determines the maximum size of a single uploaded file.
  • post_max_size: This setting determines how large the total amount of data that is submitted with the form can be.
    This results from the sum of the size of all files uploaded with the form.
    So if the form contains more than one upload field plus the size of any other data submitted with the form.
    This also includes the variable texts from the input fields.

The form configuration must adapt to the server settings.

The php.ini settings always take precedence over settings you specify in the form configuration. Suppose you allow files up to 5 MB in size to be uploaded in a form. In the php.ini of your website, however, there is an upload_max_filesize of 4 MB. Then no file larger than 4 MB can be uploaded. Any such attempt will result in an error.

Therefore, please always make sure that the settings you make in the form configuration regarding the permitted size of upload files match the settings in your server configuration. Suppose you have 3 upload fields in your form. Then the allowed file size you set in Visforms should be less than 1/3 of post_max_size.

Visforms validates on the browser side that the size of each individual upload file

  • below the “upload_max_filesize” and
  • Is below the maximum file size specified in the form. Otherwise, Visforms will prevent a form from being submitted with files that are too large.

Determine server settings

You can find out which values have been set for your website in the administration of your website and System -> System information under the tab “PHP information”.

Customize server settings

Many providers allow you to override the values for these parameters set in php.ini. This can be done in a .htaccess file or in a separate php.ini file. If the values in your server configuration are too low, please ask your provider whether and how changes are possible.