I think the main problem with what you are proposing is that it is the *browser* that needs to know that it is uploading the file. I don't think the server does anything special. The client just says "OK, I'm sending you a file", and the server receives it. In your instance, the client is saying, "Here's some text", and you'd like the server to be able to request a file on the client's computer??? I think it's impossible. It's definitely insecure. I think you need to find another way to do it. John Hunter wrote:
"John" == John Ziniti <jziniti@speakeasy.org> writes:
John> You really need to send in the "filename" as the value of a John> browser "<input type=file>" form element. In short, the John> file name is not enough info ... the form element passes in John> a file handle as well, allowing the upload.
Yes, I've been reading some of the HTTPRequest source code to try and figure out how this is done, but no luck yet. If anyone knows how to construct this object from a filename/path etc so that it could be used with manage_addFile, I would be much obliged.
Thanks, John Hunter
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )