将文件上传到HTML表单并提交之间会发生什么? [英] What happens between uploading a file to an HTML form and submitting it?
问题描述
文件在上传到HTML表单之后但在提交之前会发生什么?
What happens to a file after it is uploaded into an HTML form but before it is submitted?
我将简历上传到此网站 https://studyhut.com/employment/ 然后点击红色X将其删除,但我想确保它是真的删了。
I uploaded my resume to this website https://studyhut.com/employment/ and then clicked the red X to delete it, but I want to make sure that it was really deleted.
检查选择文件按钮的元素我看到它的HTML是
Inspecting the element that is the Select files button I see that its HTML is
input id="gform_browse_button_5_6" value="Select files" class="button gform_button_select_files" aria-describedby="extensions_message" tabindex="9" style="position: relative; z-index: 1;" type="button">
根据我对JavaScript的了解,我应该去看看控制id gform_browse_button_5_6的代码或者class button gform_button_select_files(哪一个?)但源代码中有一个gajillion脚本。
Based on my knowledge of JavaScript I should go to look at the code that controls the id gform_browse_button_5_6 or the class button gform_button_select_files (which one?) however there are a gajillion scripts in the source code.
- 如何在Firefox中使用检查器确定id或类所在的位置或2.一般来说,在上传和提交表单之间我的简历是否安全?我之前读过,提交文件后存储在服务器上的一个临时文件夹中,然后可以由PHP处理,但是当我选择要上传的文件时它发生了什么,它显示了带有删除选项的文件名它(可能用AJAX更新了页面)?
UPDATE :
我找到了一个地方其中gform_button_select_files类在 https中处理: //studyhut.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.0.7 ,代码是
b(document).ready(function(){"undefined"!=typeof adminpage&&"toplevel_page_gf_edit_forms"===adminpage||"undefined"==typeof plupload?b(".gform_button_select_files").prop("disabled",!0):"undefined"!=typeof adminpage&&adminpage.indexOf("_page_gf_entries")>-1&&b(".gform_fileupload_multifile").each(function(){c(this)})}),a.setup=function(a){c(a)}}(window.gfMultiFileUploader=window.gfMultiFileUploader||{},jQuery);var __gf_keyup_timeout;jQuery(document).on("change keyup",".gfield_trigger_change input, .gfield_trigger_change select, .gfield_trigger_change textarea",function(a){gf_raw_input_change(a,this)}),!window.rgars,!window.rgar,String.prototype.format=function(){var a=arguments;return this.replace(/{(\d+)}/g,function(b,c){return"undefined"!=typeof a[c]?a[c]:b})};
这对任何人意味着什么,或者它是否意味着人类难以理解?
Does this mean anything to anyone or is it pretty much meant to be human unreadable?
更新II 看起来c是在另一个函数中定义的
Update II It looks like c is defined inside another function
)}};!function(a,b){function c(c){function g(a,c){b("#"+a).prepend("<li>"+c+"</li>")}
重力形式js src
/ *![CDATA [ /
var gform_gravityforms = {strings:{invalid_file_extension:不允许此类型的文件。必须是以下之一:,delete_file:删除此文件,in_progress:正在进行中,file_exceeds_limit:文件超出大小限制,illegal_extension:此类型的文件是不允许。,max_reached:马达到的最大文件数,unknown_error:在服务器上保存文件时出现问题,current_uploading:请等待上传完成,取消:取消,取消_upload :取消此上传,已取消:已取消},变种:{images_url:https://studyhut.com/wp-content/plugins/gravityforms/images}};
/ ]]> * /
/* ![CDATA[ / var gform_gravityforms = {"strings":{"invalid_file_extension":"This type of file is not allowed. Must be one of the following: ","delete_file":"Delete this file","in_progress":"in progress","file_exceeds_limit":"File exceeds size limit","illegal_extension":"This type of file is not allowed.","max_reached":"Maximum number of files reached","unknown_error":"There was a problem while saving the file on the server","currently_uploading":"Please wait for the uploading to complete","cancel":"Cancel","cancel_upload":"Cancel this upload","cancelled":"Cancelled"},"vars":{"images_url":"https://studyhut.com/wp-content/plugins/gravityforms/images"}}; / ]]> */
https://studyhut.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver= 2.0.7
最后
这个是用于点击删除按钮的HTML
Finally This is the HTML for clicking on the delete button
img class="gform_delete" src="https://studyhut.com/wp-content/plugins/gravityforms/images/delete.png" onclick="gformDeleteUploadedFile(5,6, this);" onkeypress="gformDeleteUploadedFile(5,6, this);" alt="Delete this file" title="Delete this file">
这里是gformDeleteUploadedFile函数
and here is the gformDeleteUploadedFile function
function gformDeleteUploadedFile(a,b,c){var d=jQuery("#field_"+a+"_"+b),e=jQuery(c).parent().index();d.find(".ginput_preview").eq(e).remove(),d.find('input[type="file"]').removeClass("gform_hidden"),d.find(".ginput_post_image_file").show(),d.find('input[type="text"]').val("");var f=jQuery("#gform_uploaded_files_"+a).val();if(f){var g=jQuery.secureEvalJSON(f);if(g){var h="input_"+b,i=d.find("#gform_multifile_upload_"+a+"_"+b);if(i.length>0){g[h].splice(e,1);var j=i.data("settings"),k=j.gf_vars.max_files;jQuery("#"+j.gf_vars.message_id).html(""),g[h].length<k&&gfMultiFileUploader.toggleDisabled(j,!1)}else g[h]=null;jQuery("#gform_uploaded_files_"+a).val(jQuery.toJSON(g))}}}
推荐答案
从我看到的你的简历不安全它通过ajax帖子发送到服务器上。单击上载时,您可以从检查器的网络选项卡中看到此信息。一旦它进入服务器,您无法做任何事情来查看他们在该文件中的位置。
From what I can see your resume is not safe it is sent to the server on uploaded via an ajax post. You can see this from the network tab of your inspector when clicking upload. Once it's going to the server there is nothing you can do to see where what they are doing with that file.
但有一件事,这是一个使用重力表格构建在WordPress上的网站,您可以进一步了解它以及它希望您在后面做什么 - 结束(常见做法),如果你有兴趣,但仍无法保证他们在后端做什么
One thing though, this is a site built on WordPress using gravity forms for the upload, you could look further into that and what it expects you to do at the back-end (common practices) if you are interested but there is still no assurance what they are doing at the back-end
更新:
再看一遍,我认为服务器不会删除你上传的文件。再次通过检查上传时的网络选项卡,您将看到通过POST向服务器发出ajax请求,现在当您单击删除时,不会向服务器发出任何请求,并且仅在前端进行更改要经过的DELETE请求,但事实并非如此。因此,服务器保持您的上传,但无法知道他们正在做什么。如果在一段时间后没有链接到任何东西或者只是永远保留它,它们可能会删除它。
After taking another look at this, I think that the server does not delete the file you have uploaded. Again by checking your network tab on upload, you will see an ajax request is made to the server via a POST, now when you click delete no request is made to the server and a change is only made on the front-end you would expect a DELETE request to go through but it doesn't. So the server is keeping your upload, no way of knowing what they are doing with it though. It could be that they will delete it if not linked to anything after some time or just keeping it forever.
第一个ajax请求看起来是通过 https://studyhut.com/wp-includes /js/plupload/plupload.full.min.js?ver=2.1.8 插件
The first ajax request looks to be initiated via the https://studyhut.com/wp-includes/js/plupload/plupload.full.min.js?ver=2.1.8 plugin
这篇关于将文件上传到HTML表单并提交之间会发生什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
