Setting Limitations for Images

When you use ActiveX/Java Uploader to upload images (rather than common files) to your Web site, you may wish to limit dimensions or color model of these images; for example:

  • If you take photo print orders, you may want to cut off the files that are too small (which are smaller than, say, 640 x 480) and perhaps disable CMYK images.
  • If you provide photo blog hosting, usually it makes no sense to accept the files that are too large (which are larger than, say, 800 x 600).

Restricting Image Dimensions

To restrict dimensions the RestrictionsRestrictions (ASP.NET)Restrictions (PHP)restrictions (JavaScript) class exposes the following properties:

Note

You may want to resize the images which are too large instead of prohibiting them. See the Resizing and Recompressing via ActiveX/Java Uploader topic for more information.

ActiveX/Java Uploader does not show "wrong" images by default, but users can see them after clicking Total files. The denied images cannot be selected, so they have no checkboxes near them. If a user tries to add such images to upload list, ActiveX/Java Uploader displays an error message saying why this image is denied. Besides, each denied image is equipped with a tooltip containing the same error message text. This text can be customized using the Messages.DimensionsTooLargeDimensionsTooLarge (ASP.NET)DimensionsTooLarge (PHP)dimensionsTooLarge (JavaScript) and Messages.DimensionsTooSmallDimensionsTooSmall (ASP.NET)DimensionsTooSmall (PHP)dimensionsTooSmall (JavaScript) properties.

Both these properties should be set to 0 when no image dimension limitations are required.

In the following example only images smaller then 800 x 600 are allowed:

ASP.NET
<aur:Uploader ID="Uploader1" runat="server">
    <Restrictions MaxImageHeight="600" MaxImageWidth="800"/>
    <Messages DimensionsTooLarge="Image is too large, it should be smaller than 800x600 pixels."/>
</aur:Uploader>
PHP
$uploader = new Uploader("Uploader1");
$uploader->getRestrictions()->setMaxImageHeight(600);
$uploader->getRestrictions()->setMaxImageWidth(800);
$uploader->getMessages()->setDimensionsTooLarge("Image is too large, it should be smaller than 800x600 pixels.");
JavaScript
var u = $au.uploader({
    id: 'Uploader1',
    restrictions: {maxImageHeight: 600, maxImageWidth: 800},
    messages: {dimensionsTooLarge: 'Image is too large, it should be smaller than 800x600 pixels.'}
});

Disabling CMYK Images

To forbid your users from uploading CMYK images set the Restrictions.EnableCmykEnableCmyk (ASP.NET)EnableCmyk (PHP)enableCmyk (JavaScript) property to false. In that case ActiveX/Java Uploader does not display CMYK images until a user clicks Total files. Even so, such files still cannot be selected: they have no checkboxes near them and ActiveX/Java Uploader displays an error message saying that CMYK images are disabled whenever a user tries to add it to the upload list. Additionally, each CMYK image is equipped with a tooltip containing the same error message text. This text can be customized using the Messages.CmykImagesNotAllowedCmykImagesNotAllowed (ASP.NET)CmykImagesNotAllowed (PHP)cmykImagesNotAllowed (JavaScript) property.

Example below shows how to deny CMYK images:

ASP.NET
<aur:Uploader ID="Uploader1" runat="server">
    <Restrictions EnableCmyk="False" />
    <Messages CmykImagesNotAllowed="CMYK images are not allowed." />
</aur:Uploader>
PHP
$uploader = new Uploader("Uploader1");
$uploader->getRestrictions()->setEnableCmyk(false);
$uploader->getMessages()->setCmykImagesNotAllowed("CMYK images are not allowed.");
JavaScript
var u = $au.uploader({
    id: 'Uploader1',
    restrictions: {enableCmyk: false},
    messages: {cmykImagesNotAllowed: 'CMYK images are not allowed.'}
});
Important

As limitations specified in ActiveX/Java Uploader are checked only on the client side, you should not interpret them as a reliable protection. A potential malicious user can bypass all these limitations (by emulating ActiveX/Java Uploader or modifying its parameters in a local copy of a page). That is why it is highly recommended to implement server-side verification of uploaded files in addition to ActiveX/Java Uploader file tests.

In other words, all the limitation features discussed in this article should be used solely for the convenience of the user. They should not be interpreted as a serious protection from malicious users.

See Also

Reference

Manual