├── .github ├── dependabot.yml └── workflows │ ├── ci.yml │ ├── codeql.yml │ └── scorecard.yml ├── .gitignore ├── .npmrc ├── CHANGELOG.md ├── LICENSE ├── README.md ├── StorageEngine.md ├── doc ├── README-ar.md ├── README-es.md ├── README-fr.md ├── README-ko.md ├── README-pt-br.md ├── README-ru.md ├── README-uz.md ├── README-vi.md └── README-zh-cn.md ├── index.js ├── lib ├── counter.js ├── file-appender.js ├── make-middleware.js ├── multer-error.js └── remove-uploaded-files.js ├── package.json ├── storage ├── disk.js └── memory.js └── test ├── _util.js ├── disk-storage.js ├── error-handling.js ├── expected-files.js ├── express-integration.js ├── fields.js ├── file-filter.js ├── file-ordering.js ├── files ├── empty.dat ├── large.jpg ├── medium.dat ├── small0.dat ├── small1.dat ├── tiny0.dat └── tiny1.dat ├── functionality.js ├── issue-232.js ├── memory-storage.js ├── none.js ├── reuse-middleware.js ├── select-field.js └── unicode.js /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: github-actions 4 | directory: / 5 | schedule: 6 | interval: monthly 7 | 8 | - package-ecosystem: npm 9 | directory: / 10 | schedule: 11 | interval: monthly 12 | open-pull-requests-limit: 10 13 | ignore: 14 | - dependency-name: "*" 15 | update-types: ["version-update:semver-major"] 16 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: ci 2 | 3 | on: 4 | - pull_request 5 | - push 6 | 7 | permissions: 8 | contents: read 9 | 10 | jobs: 11 | test: 12 | permissions: 13 | checks: write # for coverallsapp/github-action to create new checks 14 | contents: read # for actions/checkout to fetch code 15 | runs-on: ubuntu-latest 16 | strategy: 17 | fail-fast: false 18 | matrix: 19 | name: 20 | - Node.js 10.x 21 | - Node.js 11.x 22 | - Node.js 12.x 23 | - Node.js 13.x 24 | - Node.js 14.x 25 | - Node.js 15.x 26 | - Node.js 16.x 27 | - Node.js 17.x 28 | - Node.js 18.x 29 | - Node.js 19.x 30 | - Node.js 20.x 31 | - Node.js 21.x 32 | - Node.js 22.x 33 | - Node.js 23.x 34 | - Node.js 24.x 35 | 36 | include: 37 | - name: Node.js 10.x 38 | node-version: "10.24" 39 | npm-i: mocha@8.4.0 40 | 41 | - name: Node.js 11.x 42 | node-version: "11.15" 43 | npm-i: mocha@8.4.0 44 | 45 | - name: Node.js 12.x 46 | node-version: "12.22" 47 | npm-i: mocha@9.2.2 48 | 49 | - name: Node.js 13.x 50 | node-version: "13.14" 51 | npm-i: mocha@9.2.2 52 | 53 | - name: Node.js 14.x 54 | node-version: "14.21" 55 | npm-i: mocha@9.2.2 56 | 57 | - name: Node.js 15.x 58 | node-version: "15.14" 59 | npm-i: mocha@9.2.2 60 | 61 | - name: Node.js 16.x 62 | node-version: "16.20" 63 | 64 | - name: Node.js 17.x 65 | node-version: "17.9" 66 | 67 | - name: Node.js 18.x 68 | node-version: "18.18" 69 | 70 | - name: Node.js 19.x 71 | node-version: "19.9" 72 | 73 | - name: Node.js 20.x 74 | node-version: "20.9" 75 | 76 | - name: Node.js 21.x 77 | node-version: "21" 78 | 79 | - name: Node.js 22.x 80 | node-version: "22" 81 | 82 | - name: Node.js 23.x 83 | node-version: "23" 84 | 85 | - name: Node.js 24.x 86 | node-version: "24" 87 | 88 | steps: 89 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 90 | 91 | - name: Install Node.js ${{ matrix.node-version }} 92 | shell: bash -eo pipefail -l {0} 93 | run: | 94 | nvm install --default ${{ matrix.node-version }} 95 | if [[ "${{ matrix.node-version }}" == 0.* && "$(cut -d. -f2 <<< "${{ matrix.node-version }}")" -lt 10 ]]; then 96 | nvm install --alias=npm 0.10 97 | nvm use ${{ matrix.node-version }} 98 | if [[ "$(npm -v)" == 1.1.* ]]; then 99 | nvm exec npm npm install -g npm@1.1 100 | ln -fs "$(which npm)" "$(dirname "$(nvm which npm)")/npm" 101 | else 102 | sed -i '1s;^.*$;'"$(printf '#!%q' "$(nvm which npm)")"';' "$(readlink -f "$(which npm)")" 103 | fi 104 | npm config set strict-ssl false 105 | fi 106 | dirname "$(nvm which ${{ matrix.node-version }})" >> "$GITHUB_PATH" 107 | 108 | - name: Remove npm module(s) ${{ matrix.npm-rm }} 109 | run: npm rm --silent --save-dev ${{ matrix.npm-rm }} 110 | if: matrix.npm-rm != '' 111 | 112 | - name: Install npm module(s) ${{ matrix.npm-i }} 113 | run: npm install --save-dev ${{ matrix.npm-i }} 114 | if: matrix.npm-i != '' 115 | 116 | - name: Install Node.js dependencies 117 | run: npm install 118 | 119 | - name: List environment 120 | id: list_env 121 | shell: bash 122 | run: | 123 | echo "node@$(node -v)" 124 | echo "npm@$(npm -v)" 125 | npm -s ls ||: 126 | (npm -s ls --depth=0 ||:) | awk -F'[ @]' 'NR>1 && $2 { print $2 "=" $3 }' >> "$GITHUB_OUTPUT" 127 | 128 | - name: Lint code 129 | run: npm run lint 130 | 131 | - name: Run tests 132 | shell: bash 133 | run: | 134 | if npm -ps ls nyc | grep -q nyc; then 135 | npm run test-ci 136 | else 137 | npm test 138 | fi 139 | 140 | - name: Collect code coverage 141 | uses: coverallsapp/github-action@09b709cf6a16e30b0808ba050c7a6e8a5ef13f8d # master 142 | if: steps.list_env.outputs.nyc != '' 143 | with: 144 | github-token: ${{ secrets.GITHUB_TOKEN }} 145 | flag-name: run-${{ matrix.test_number }} 146 | parallel: true 147 | 148 | coverage: 149 | permissions: 150 | checks: write # for coverallsapp/github-action to create new checks 151 | needs: test 152 | runs-on: ubuntu-latest 153 | steps: 154 | - name: Upload code coverage 155 | uses: coverallsapp/github-action@09b709cf6a16e30b0808ba050c7a6e8a5ef13f8d # master 156 | with: 157 | github-token: ${{ secrets.GITHUB_TOKEN }} 158 | parallel-finished: true 159 | -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- 1 | # For most projects, this workflow file will not need changing; you simply need 2 | # to commit it to your repository. 3 | # 4 | # You may wish to alter this file to override the set of languages analyzed, 5 | # or to provide custom queries or build logic. 6 | # 7 | # ******** NOTE ******** 8 | # We have attempted to detect the languages in your repository. Please check 9 | # the `language` matrix defined below to confirm you have the correct set of 10 | # supported CodeQL languages. 11 | # 12 | name: "CodeQL" 13 | 14 | on: 15 | push: 16 | branches: ["main", "v2"] 17 | pull_request: 18 | # The branches below must be a subset of the branches above 19 | branches: ["main", "v2] 20 | schedule: 21 | - cron: "0 0 * * 1" 22 | 23 | permissions: 24 | contents: read 25 | 26 | jobs: 27 | analyze: 28 | name: Analyze 29 | runs-on: ubuntu-latest 30 | permissions: 31 | actions: read 32 | contents: read 33 | security-events: write 34 | 35 | steps: 36 | - name: Checkout repository 37 | uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 38 | 39 | # Initializes the CodeQL tools for scanning. 40 | - name: Initialize CodeQL 41 | uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7 42 | with: 43 | languages: javascript 44 | # If you wish to specify custom queries, you can do so here or in a config file. 45 | # By default, queries listed here will override any specified in a config file. 46 | # Prefix the list here with "+" to use these queries and those in the config file. 47 | 48 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 49 | # If this step fails, then you should remove it and run the build manually (see below) 50 | # - name: Autobuild 51 | # uses: github/codeql-action/autobuild@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7 52 | 53 | # ℹ️ Command-line programs to run using the OS shell. 54 | # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun 55 | 56 | # If the Autobuild fails above, remove it and uncomment the following three lines. 57 | # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. 58 | 59 | # - run: | 60 | # echo "Run, Build Application using script" 61 | # ./location_of_script_within_repo/buildscript.sh 62 | 63 | - name: Perform CodeQL Analysis 64 | uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7 65 | with: 66 | category: "/language:javascript" 67 | -------------------------------------------------------------------------------- /.github/workflows/scorecard.yml: -------------------------------------------------------------------------------- 1 | # This workflow uses actions that are not certified by GitHub. They are provided 2 | # by a third-party and are governed by separate terms of service, privacy 3 | # policy, and support documentation. 4 | 5 | name: Scorecard supply-chain security 6 | 7 | on: 8 | # For Branch-Protection check. Only the default branch is supported. See 9 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection 10 | branch_protection_rule: 11 | # To guarantee Maintained check is occasionally updated. See 12 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained 13 | schedule: 14 | - cron: '16 21 * * 1' 15 | push: 16 | branches: [ "main" ] 17 | 18 | # Declare default permissions as read only. 19 | permissions: read-all 20 | 21 | jobs: 22 | analysis: 23 | name: Scorecard analysis 24 | runs-on: ubuntu-latest 25 | permissions: 26 | # Needed to upload the results to code-scanning dashboard. 27 | security-events: write 28 | # Needed to publish results and get a badge (see publish_results below). 29 | id-token: write 30 | # Uncomment the permissions below if installing in a private repository. 31 | # contents: read 32 | # actions: read 33 | 34 | steps: 35 | - name: "Checkout code" 36 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 37 | with: 38 | persist-credentials: false 39 | 40 | - name: "Run analysis" 41 | uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 42 | with: 43 | results_file: results.sarif 44 | results_format: sarif 45 | # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: 46 | # - you want to enable the Branch-Protection check on a *public* repository, or 47 | # - you are installing Scorecard on a *private* repository 48 | # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. 49 | # repo_token: ${{ secrets.SCORECARD_TOKEN }} 50 | 51 | # Public repositories: 52 | # - Publish results to OpenSSF REST API for easy access by consumers 53 | # - Allows the repository to include the Scorecard badge. 54 | # - See https://github.com/ossf/scorecard-action#publishing-results. 55 | # For private repositories: 56 | # - `publish_results` will always be set to `false`, regardless 57 | # of the value entered here. 58 | publish_results: true 59 | 60 | # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF 61 | # format to the repository Actions tab. 62 | - name: "Upload artifact" 63 | uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 64 | with: 65 | name: SARIF file 66 | path: results.sarif 67 | retention-days: 5 68 | 69 | # Upload the results to GitHub's code scanning dashboard. 70 | - name: "Upload to code-scanning" 71 | uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 72 | with: 73 | sarif_file: results.sarif 74 | 75 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # OS X 2 | .DS_Store* 3 | Icon? 4 | ._* 5 | 6 | # Windows 7 | Thumbs.db 8 | ehthumbs.db 9 | Desktop.ini 10 | 11 | # Linux 12 | .directory 13 | *~ 14 | 15 | 16 | # npm 17 | node_modules 18 | *.log 19 | *.gz 20 | 21 | 22 | # Coveralls 23 | coverage 24 | -------------------------------------------------------------------------------- /.npmrc: -------------------------------------------------------------------------------- 1 | package-lock=false 2 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Change log 2 | 3 | All notable changes to this project will be documented in this file. 4 | This project adheres to [Semantic Versioning](http://semver.org/). 5 | 6 | ## 2.0.1 7 | 8 | - Fix [CVE-2025-48997](https://www.cve.org/CVERecord?id=CVE-2025-48997) ([GHSA-g5hg-p3ph-g8qg](https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg)) 9 | 10 | ## 2.0.0 11 | 12 | - **Breaking change: The minimum supported Node version is now 10.16.0** 13 | - Fix [CVE-2025-47935](https://www.cve.org/CVERecord?id=CVE-2025-47935) ([GHSA-44fp-w29j-9vj5](https://github.com/expressjs/multer/security/advisories/GHSA-44fp-w29j-9vj5)) 14 | - Fix [CVE-2025-47944](https://www.cve.org/CVERecord?id=CVE-2025-47944) ([GHSA-4pg4-qvpc-4q3h](https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h)) 15 | 16 | ## 1.4.5-lts.2 17 | 18 | - Fix out-of-band error event from busboy (#1177) 19 | 20 | ## 1.4.5-lts.1 21 | 22 | - No changes 23 | 24 | ## 1.4.4-lts.1 25 | 26 | - Bugfix: Bump busboy to fix CVE-2022-24434 (#1097) 27 | - Breaking: Require Node.js 10.16.0 or later (#1097) 28 | 29 | ## 1.4.4 - 2021-12-07 30 | 31 | - Bugfix: Handle missing field names (#913) 32 | - Docs: Add Vietnamese translation (#803) 33 | - Docs: Improve Spanish translation (#948) 34 | 35 | ## 1.4.3 - 2021-08-09 36 | 37 | - Bugfix: Avoid deprecated pseudoRandomBytes function (#774) 38 | - Docs: Add Português Brazil translation for README (#758) 39 | - Docs: Clarify the callback calling convention (#775) 40 | - Docs: Add example on how to link to html multipart form (#580) 41 | - Docs: Add Spanish translation for README (#838) 42 | - Docs: Add Math.random() to storage filename example (#841) 43 | - Docs: Fix mistakes in russian doc (#869) 44 | - Docs: Improve Português Brazil translation (#877) 45 | - Docs: Update var to const in all Readmes (#1024) 46 | - Internal: Bump mkdirp version (#862) 47 | - Internal: Bump Standard version (#878) 48 | 49 | ## 1.4.2 - 2019-07-16 50 | 51 | - Docs: Add Russian translation for README (#662) 52 | - Docs: Patch zh-CN README base on newest README (#670) 53 | - Docs: Fix broken link in Readme (#679) 54 | - Docs: Fix broken link in Chinese Readme (#730) 55 | - Docs: Fix typo in Russian README (#738) 56 | - Docs: Add unit for fieldSize in busboy limit params (#734) 57 | - Internal: Make unit tests comaptible with Node.js 13.x (#752) 58 | 59 | ## 1.4.1 - 2018-10-11 60 | 61 | - Bugfix: Make sure that req.file.buffer always is a Buffer 62 | 63 | ## 1.4.0 - 2018-09-26 64 | 65 | - Feature: Make Multer errors inherit from MulterError 66 | 67 | ## 1.3.1 - 2018-06-28 68 | 69 | - Bugfix: Bump vulnerable dependency 70 | 71 | ## 1.3.0 - 2017-01-25 72 | 73 | - Feature: Expose preservePath option 74 | 75 | ## 1.2.1 - 2016-12-14 76 | 77 | - Bugfix: Prevent Multiple Errors from Crashing 78 | 79 | ## 1.2.0 - 2016-08-04 80 | 81 | - Feature: add .none() for accepting only fields 82 | 83 | ## 1.1.0 - 2015-10-23 84 | 85 | - Feature: accept any file, regardless of fieldname 86 | 87 | ## 1.0.6 - 2015-10-03 88 | 89 | - Bugfix: always report limit errors 90 | 91 | ## 1.0.5 - 2015-09-19 92 | 93 | - Bugfix: drain the stream before considering request done 94 | 95 | ## 1.0.4 - 2015-09-19 96 | 97 | - Bugfix: propagate all errors from busboy 98 | 99 | ## 1.0.3 - 2015-08-06 100 | 101 | - Bugfix: ensure file order is correct 102 | 103 | ## 1.0.2 - 2015-08-06 104 | 105 | - Bugfix: don't hang when hitting size limit 106 | 107 | ## 1.0.1 - 2015-07-20 108 | 109 | - Bugfix: decrement pending writes on error 110 | 111 | ## 1.0.0 - 2015-07-18 112 | 113 | - Introduce storage engines 114 | - Specify expected fields 115 | - Follow the W3C JSON form spec 116 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2014 Hage Yaapa <[http://www.hacksparrow.com](http://www.hacksparrow.com)> 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is 8 | furnished to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in 11 | all copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 18 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer is a node.js middleware for handling `multipart/form-data`, which is primarily used for uploading files. It is written 4 | on top of [busboy](https://github.com/mscdex/busboy) for maximum efficiency. 5 | 6 | **NOTE**: Multer will not process any form which is not multipart (`multipart/form-data`). 7 | 8 | ## Translations 9 | 10 | This README is also available in other languages: 11 | 12 | | | | 13 | | ------------------------------------------------------------------------------ | --------------- | 14 | | [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) | Arabic | 15 | | [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) | Chinese | 16 | | [Français](https://github.com/expressjs/multer/blob/main/doc/README-fr.md) | French | 17 | | [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) | Korean | 18 | | [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) | Portuguese (BR) | 19 | | [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) | Russian | 20 | | [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) | Spanish | 21 | | [O'zbek tili](https://github.com/expressjs/multer/blob/main/doc/README-uz.md) | Uzbek | 22 | | [Việt Nam](https://github.com/expressjs/multer/blob/main/doc/README-vi.md) | Vietnamese | 23 | 24 | ## Installation 25 | 26 | ```sh 27 | $ npm install multer 28 | ``` 29 | 30 | ## Usage 31 | 32 | Multer adds a `body` object and a `file` or `files` object to the `request` object. The `body` object contains the values of the text fields of the form, the `file` or `files` object contains the files uploaded via the form. 33 | 34 | Basic usage example: 35 | 36 | Don't forget the `enctype="multipart/form-data"` in your form. 37 | 38 | ```html 39 |
40 | 41 |
42 | ``` 43 | 44 | ```javascript 45 | const express = require('express') 46 | const multer = require('multer') 47 | const upload = multer({ dest: 'uploads/' }) 48 | 49 | const app = express() 50 | 51 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 52 | // req.file is the `avatar` file 53 | // req.body will hold the text fields, if there were any 54 | }) 55 | 56 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 57 | // req.files is array of `photos` files 58 | // req.body will contain the text fields, if there were any 59 | }) 60 | 61 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 62 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 63 | // req.files is an object (String -> Array) where fieldname is the key, and the value is array of files 64 | // 65 | // e.g. 66 | // req.files['avatar'][0] -> File 67 | // req.files['gallery'] -> Array 68 | // 69 | // req.body will contain the text fields, if there were any 70 | }) 71 | ``` 72 | 73 | In case you need to handle a text-only multipart form, you should use the `.none()` method: 74 | 75 | ```javascript 76 | const express = require('express') 77 | const app = express() 78 | const multer = require('multer') 79 | const upload = multer() 80 | 81 | app.post('/profile', upload.none(), function (req, res, next) { 82 | // req.body contains the text fields 83 | }) 84 | ``` 85 | 86 | Here's an example on how multer is used in a HTML form. Take special note of the `enctype="multipart/form-data"` and `name="uploaded_file"` fields: 87 | 88 | ```html 89 |
90 |
91 | 92 | 93 | 94 |
95 |
96 | ``` 97 | 98 | Then in your javascript file you would add these lines to access both the file and the body. It is important that you use the `name` field value from the form in your upload function. This tells multer which field on the request it should look for the files in. If these fields aren't the same in the HTML form and on your server, your upload will fail: 99 | 100 | ```javascript 101 | const multer = require('multer') 102 | const upload = multer({ dest: './public/data/uploads/' }) 103 | app.post('/stats', upload.single('uploaded_file'), function (req, res) { 104 | // req.file is the name of your file in the form above, here 'uploaded_file' 105 | // req.body will hold the text fields, if there were any 106 | console.log(req.file, req.body) 107 | }); 108 | ``` 109 | 110 | 111 | 112 | ## API 113 | 114 | ### File information 115 | 116 | Each file contains the following information: 117 | 118 | Key | Description | Note 119 | --- | --- | --- 120 | `fieldname` | Field name specified in the form | 121 | `originalname` | Name of the file on the user's computer | 122 | `encoding` | Encoding type of the file | 123 | `mimetype` | Mime type of the file | 124 | `size` | Size of the file in bytes | 125 | `destination` | The folder to which the file has been saved | `DiskStorage` 126 | `filename` | The name of the file within the `destination` | `DiskStorage` 127 | `path` | The full path to the uploaded file | `DiskStorage` 128 | `buffer` | A `Buffer` of the entire file | `MemoryStorage` 129 | 130 | ### `multer(opts)` 131 | 132 | Multer accepts an options object, the most basic of which is the `dest` 133 | property, which tells Multer where to upload the files. In case you omit the 134 | options object, the files will be kept in memory and never written to disk. 135 | 136 | By default, Multer will rename the files so as to avoid naming conflicts. The 137 | renaming function can be customized according to your needs. 138 | 139 | The following are the options that can be passed to Multer. 140 | 141 | Key | Description 142 | --- | --- 143 | `dest` or `storage` | Where to store the files 144 | `fileFilter` | Function to control which files are accepted 145 | `limits` | Limits of the uploaded data 146 | `preservePath` | Keep the full path of files instead of just the base name 147 | 148 | In an average web app, only `dest` might be required, and configured as shown in 149 | the following example. 150 | 151 | ```javascript 152 | const upload = multer({ dest: 'uploads/' }) 153 | ``` 154 | 155 | If you want more control over your uploads, you'll want to use the `storage` 156 | option instead of `dest`. Multer ships with storage engines `DiskStorage` 157 | and `MemoryStorage`; More engines are available from third parties. 158 | 159 | #### `.single(fieldname)` 160 | 161 | Accept a single file with the name `fieldname`. The single file will be stored 162 | in `req.file`. 163 | 164 | #### `.array(fieldname[, maxCount])` 165 | 166 | Accept an array of files, all with the name `fieldname`. Optionally error out if 167 | more than `maxCount` files are uploaded. The array of files will be stored in 168 | `req.files`. 169 | 170 | #### `.fields(fields)` 171 | 172 | Accept a mix of files, specified by `fields`. An object with arrays of files 173 | will be stored in `req.files`. 174 | 175 | `fields` should be an array of objects with `name` and optionally a `maxCount`. 176 | Example: 177 | 178 | ```javascript 179 | [ 180 | { name: 'avatar', maxCount: 1 }, 181 | { name: 'gallery', maxCount: 8 } 182 | ] 183 | ``` 184 | 185 | #### `.none()` 186 | 187 | Accept only text fields. If any file upload is made, error with code 188 | "LIMIT\_UNEXPECTED\_FILE" will be issued. 189 | 190 | #### `.any()` 191 | 192 | Accepts all files that comes over the wire. An array of files will be stored in 193 | `req.files`. 194 | 195 | **WARNING:** Make sure that you always handle the files that a user uploads. 196 | Never add multer as a global middleware since a malicious user could upload 197 | files to a route that you didn't anticipate. Only use this function on routes 198 | where you are handling the uploaded files. 199 | 200 | ### `storage` 201 | 202 | #### `DiskStorage` 203 | 204 | The disk storage engine gives you full control on storing files to disk. 205 | 206 | ```javascript 207 | const storage = multer.diskStorage({ 208 | destination: function (req, file, cb) { 209 | cb(null, '/tmp/my-uploads') 210 | }, 211 | filename: function (req, file, cb) { 212 | const uniqueSuffix = Date.now() + '-' + Math.round(Math.random() * 1E9) 213 | cb(null, file.fieldname + '-' + uniqueSuffix) 214 | } 215 | }) 216 | 217 | const upload = multer({ storage: storage }) 218 | ``` 219 | 220 | There are two options available, `destination` and `filename`. They are both 221 | functions that determine where the file should be stored. 222 | 223 | `destination` is used to determine within which folder the uploaded files should 224 | be stored. This can also be given as a `string` (e.g. `'/tmp/uploads'`). If no 225 | `destination` is given, the operating system's default directory for temporary 226 | files is used. 227 | 228 | **Note:** You are responsible for creating the directory when providing 229 | `destination` as a function. When passing a string, multer will make sure that 230 | the directory is created for you. 231 | 232 | `filename` is used to determine what the file should be named inside the folder. 233 | If no `filename` is given, each file will be given a random name that doesn't 234 | include any file extension. 235 | 236 | **Note:** Multer will not append any file extension for you, your function 237 | should return a filename complete with a file extension. 238 | 239 | Each function gets passed both the request (`req`) and some information about 240 | the file (`file`) to aid with the decision. 241 | 242 | Note that `req.body` might not have been fully populated yet. It depends on the 243 | order that the client transmits fields and files to the server. 244 | 245 | For understanding the calling convention used in the callback (needing to pass 246 | null as the first param), refer to 247 | [Node.js error handling](https://web.archive.org/web/20220417042018/https://www.joyent.com/node-js/production/design/errors) 248 | 249 | #### `MemoryStorage` 250 | 251 | The memory storage engine stores the files in memory as `Buffer` objects. It 252 | doesn't have any options. 253 | 254 | ```javascript 255 | const storage = multer.memoryStorage() 256 | const upload = multer({ storage: storage }) 257 | ``` 258 | 259 | When using memory storage, the file info will contain a field called 260 | `buffer` that contains the entire file. 261 | 262 | **WARNING**: Uploading very large files, or relatively small files in large 263 | numbers very quickly, can cause your application to run out of memory when 264 | memory storage is used. 265 | 266 | ### `limits` 267 | 268 | An object specifying the size limits of the following optional properties. Multer passes this object into busboy directly, and the details of the properties can be found on [busboy's page](https://github.com/mscdex/busboy#busboy-methods). 269 | 270 | The following integer values are available: 271 | 272 | Key | Description | Default 273 | --- | --- | --- 274 | `fieldNameSize` | Max field name size | 100 bytes 275 | `fieldSize` | Max field value size (in bytes) | 1MB 276 | `fields` | Max number of non-file fields | Infinity 277 | `fileSize` | For multipart forms, the max file size (in bytes) | Infinity 278 | `files` | For multipart forms, the max number of file fields | Infinity 279 | `parts` | For multipart forms, the max number of parts (fields + files) | Infinity 280 | `headerPairs` | For multipart forms, the max number of header key=>value pairs to parse | 2000 281 | 282 | Specifying the limits can help protect your site against denial of service (DoS) attacks. 283 | 284 | ### `fileFilter` 285 | 286 | Set this to a function to control which files should be uploaded and which 287 | should be skipped. The function should look like this: 288 | 289 | ```javascript 290 | function fileFilter (req, file, cb) { 291 | 292 | // The function should call `cb` with a boolean 293 | // to indicate if the file should be accepted 294 | 295 | // To reject this file pass `false`, like so: 296 | cb(null, false) 297 | 298 | // To accept the file pass `true`, like so: 299 | cb(null, true) 300 | 301 | // You can always pass an error if something goes wrong: 302 | cb(new Error('I don\'t have a clue!')) 303 | 304 | } 305 | ``` 306 | 307 | ## Error handling 308 | 309 | When encountering an error, Multer will delegate the error to Express. You can 310 | display a nice error page using [the standard express way](http://expressjs.com/guide/error-handling.html). 311 | 312 | If you want to catch errors specifically from Multer, you can call the 313 | middleware function by yourself. Also, if you want to catch only [the Multer errors](https://github.com/expressjs/multer/blob/main/lib/multer-error.js), you can use the `MulterError` class that is attached to the `multer` object itself (e.g. `err instanceof multer.MulterError`). 314 | 315 | ```javascript 316 | const multer = require('multer') 317 | const upload = multer().single('avatar') 318 | 319 | app.post('/profile', function (req, res) { 320 | upload(req, res, function (err) { 321 | if (err instanceof multer.MulterError) { 322 | // A Multer error occurred when uploading. 323 | } else if (err) { 324 | // An unknown error occurred when uploading. 325 | } 326 | 327 | // Everything went fine. 328 | }) 329 | }) 330 | ``` 331 | 332 | ## Custom storage engine 333 | 334 | For information on how to build your own storage engine, see [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 335 | 336 | ## License 337 | 338 | [MIT](LICENSE) 339 | 340 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 341 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 342 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 343 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 344 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 345 | [npm-url]: https://npmjs.org/package/multer 346 | [npm-version-image]: https://badgen.net/npm/v/multer 347 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 348 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /StorageEngine.md: -------------------------------------------------------------------------------- 1 | # Multer Storage Engine 2 | 3 | Storage engines are classes that expose two functions: `_handleFile` and `_removeFile`. 4 | Follow the template below to get started with your own custom storage engine. 5 | 6 | When asking the user for input (such as where to save this file), always give 7 | them the parameters `req, file, cb`, in this order. This makes it easier for 8 | developers to switch between storage engines. 9 | 10 | For example, in the template below, the engine saves the files to the disk. The 11 | user tells the engine where to save the file, and this is done by 12 | providing the `destination` parameter: 13 | 14 | ```javascript 15 | var storage = myCustomStorage({ 16 | destination: function (req, file, cb) { 17 | cb(null, '/var/www/uploads/' + file.originalname) 18 | } 19 | }) 20 | ``` 21 | 22 | Your engine is responsible for storing the file and returning information on how to 23 | access the file in the future. This is done by the `_handleFile` function. 24 | 25 | The file data will be given to you as a stream (`file.stream`). You should pipe 26 | this data somewhere, and when you are done, call `cb` with some information on the 27 | file. 28 | 29 | The information you provide in the callback will be merged with multer's file object, 30 | and then presented to the user via `req.files`. 31 | 32 | Your engine is also responsible for removing files if an error is encountered 33 | later on. Multer will decide which files to delete and when. Your storage class must 34 | implement the `_removeFile` function. It will receive the same arguments as 35 | `_handleFile`. Invoke the callback once the file has been removed. 36 | 37 | ## Template 38 | 39 | ```javascript 40 | var fs = require('fs') 41 | 42 | function getDestination (req, file, cb) { 43 | cb(null, '/dev/null') 44 | } 45 | 46 | function MyCustomStorage (opts) { 47 | this.getDestination = (opts.destination || getDestination) 48 | } 49 | 50 | MyCustomStorage.prototype._handleFile = function _handleFile (req, file, cb) { 51 | this.getDestination(req, file, function (err, path) { 52 | if (err) return cb(err) 53 | 54 | var outStream = fs.createWriteStream(path) 55 | 56 | file.stream.pipe(outStream) 57 | outStream.on('error', cb) 58 | outStream.on('finish', function () { 59 | cb(null, { 60 | path: path, 61 | size: outStream.bytesWritten 62 | }) 63 | }) 64 | }) 65 | } 66 | 67 | MyCustomStorage.prototype._removeFile = function _removeFile (req, file, cb) { 68 | fs.unlink(file.path, cb) 69 | } 70 | 71 | module.exports = function (opts) { 72 | return new MyCustomStorage(opts) 73 | } 74 | ``` 75 | -------------------------------------------------------------------------------- /doc/README-ar.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 |
4 | 5 | تعتبر Multer وسيط node.js لمعالجة `multipart/form-data`, والتي تُستخدم أساسًا لتحميل الملفات. تم بناء هذا الوسيط بالإعتماد على [busboy](https://github.com/mscdex/busboy) لأجل الحصول على أقصى قدر من الكفاءة. 6 | 7 | **ملاحظة**: لن يقوم Multer بمعالجة أي شكل غير متعدد الأجزاء (`multipart/form-data`). 8 | 9 | 10 | ## الترجمات 11 | 12 | هذا الملف متاح أيضًا بلغات أخرى: 13 | 14 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (الإنجليزية) 15 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (الإسبانية) 16 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (الصينية) 17 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (الكورية) 18 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (الروسية) 19 | - [Việt Nam](https://github.com/expressjs/multer/blob/main/doc/README-vi.md) (الفتنامية) 20 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (البرتغالية) 21 | 22 | 23 | ## التنصيب 24 | 25 |
26 | 27 | ```sh 28 | $ npm install --save multer 29 | ``` 30 | 31 |
32 | 33 | ## الاستعمال 34 | 35 | يضيف Multer كائن `body` وكائن `file` أو `files` إلى كائن `request`. يحتوي الكائن `body` على قيم مدخلات النص في الإستمارة ، بينما يحتوي الكائن `file` أو `files` على الملفات التي تم تحميلها عبر الإستمارة. 36 | 37 | مثال على الاستخدام الأساسي: 38 | 39 | لا تنسَ `enctype="multipart/form-data"` في الإستمارة الخاص بك. 40 | 41 |
42 | 43 | ```html 44 |
45 | 46 |
47 | ``` 48 | 49 | ```javascript 50 | var express = require('express') 51 | var multer = require('multer') 52 | var upload = multer({ dest: 'uploads/' }) 53 | 54 | var app = express() 55 | 56 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 57 | // req.file is the `avatar` file 58 | // req.body will hold the text fields, if there were any 59 | }) 60 | 61 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 62 | // req.files is array of `photos` files 63 | // req.body will contain the text fields, if there were any 64 | }) 65 | 66 | var uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 67 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 68 | // req.files is an object (String -> Array) where fieldname is the key, and the value is array of files 69 | // 70 | // e.g. 71 | // req.files['avatar'][0] -> File 72 | // req.files['gallery'] -> Array 73 | // 74 | // req.body will contain the text fields, if there were any 75 | }) 76 | ``` 77 | 78 |
79 | 80 | إذا احتجت لمعالجة إستمارة متعددة الأجزاء للنص فقط ، فيجب عليك استخدام الدالة `.none ()`: 81 | 82 |
83 | 84 | ```javascript 85 | var express = require('express') 86 | var app = express() 87 | var multer = require('multer') 88 | var upload = multer() 89 | 90 | app.post('/profile', upload.none(), function (req, res, next) { 91 | // req.body contains the text fields 92 | }) 93 | ``` 94 |
95 | 96 | ## واجهة برمجة التطبيقات (API) 97 | 98 | ### معلومات الملف 99 | 100 | كل ملف يحتوي على المعلومات التالية: 101 | 102 | مفتاح | وصف | ملاحظة 103 | --- | --- | --- 104 | `fieldname` | اسم المُدخَل المحدد في الإستمارة | 105 | `originalname` | اسم الملف على كمبيوتر المستخدم | 106 | `encoding` | نوع تشفير الملف | 107 | `mimetype` | نوع ملف ملحقات بريد إنترنت متعددة الأغراض ( MIME ) | 108 | `size` | حجم الملف بالبايت | 109 | `destination` | المجلد الذي تم حفظ الملف إليه | `تخزين على الاسطوانة` (`DiskStorage`) 110 | `filename` | اسم الملف داخل "الوجهة" ( `destination` ) | `تخزين على الاسطوانة` (`DiskStorage`) 111 | `path` | المسار الكامل للملف الذي تم تحميله | `تخزين على الاسطوانة` (`DiskStorage`) 112 | `buffer` | "ذاكرة" (`Buffer`) للملف بأكمله | `تخزين على الذاكرة ` (`MemoryStorage`) 113 | 114 | 115 | ### `multer(opts)` 116 | 117 | يقبل Multer كائن الخيارات ، وأهمها خاصية `dest`، والتي تحدد مكان تحميل الملفات. في حال حذفت كائن الخيارات ، سيتم الاحتفاظ بالملفات في الذاكرة ولن تتم كتابتها مطلقًا على القرص. 118 | 119 | بشكل افتراضي ، سيقوم Multer بإعادة تسمية الملفات لتجنب تعارض الأسماء. يمكن تخصيص وظيفة إعادة التسمية وفقا لاحتياجاتك. 120 | 121 | فيما يلي الخيارات التي يمكن تمريرها إلى Multer: 122 | 123 | مفتاح | وصف 124 | --- | --- 125 | `dest` أو `storage` | مكان لتخزين الملفات 126 | `fileFilter` | دالة للسيطرة على الملفات التي يتم قبولها 127 | `limits` | حدود البيانات التي تم تحميلها 128 | `preservePath` | الاحتفظ بالمسار الكامل للملفات بدلاً من الاسم الأساسي 129 | 130 | في تطبيق ويب متوسط ​​، قد تكون هناك حاجة فقط إلى `dest`، وتكوينها كما هو موضح في 131 | المثال التالي : 132 | 133 |
134 | 135 | ```javascript 136 | var upload = multer({ dest: 'uploads/' }) 137 | ``` 138 | 139 |
140 | 141 | إذا كنت تريد مزيدًا من التحكم في عمليات التحميل ، فستحتاج إلى استخدام خيار `storage` بدلاً من `dest`. يأتي Multer مع محركات التخزين `DiskStorage` و` MemoryStorage` ؛ كما تتوفر المزيد من المحركات من أطراف ثالثة. 142 | 143 | #### `.single(fieldname)` 144 | 145 | قبول ملف واحد باسم `اسم-المُدخَل`. سيتم تخزين الملف في `req.file`. 146 | 147 | #### `.array(fieldname[, maxCount])` 148 | 149 | قبول مصفوفة من الملفات ، وكلها تحمل اسم `اسم-المُدخَل`. يظهر خطأ اختياريً إذا تم تحميل ملفات أكثر من `maxCount`. سيتم تخزين مصفوفة الملفات في `req.files`. 150 | 151 | #### `.fields(fields)` 152 | 153 | قبول مزيج من الملفات ، المحدد بواسطة `المدخلات`. سيتم تخزين كائن مع مصفوفات من الملفات في `req.files`. 154 | 155 | يجب أن تكون `المدخلات` عبارة عن مصفوفة من الكائنات التي توفر بشكل اساسي `name` واختيارياً `maxCount`. 156 | مثال: 157 | 158 |
159 | 160 | ```javascript 161 | [ 162 | { name: 'avatar', maxCount: 1 }, 163 | { name: 'gallery', maxCount: 8 } 164 | ] 165 | ``` 166 | 167 |
168 | 169 | #### `.none()` 170 | 171 | قبول المدخلات النصية فقط. في حالة رفع أي ملف ، سيتم إصدار خطأ بشيفرة "LIMIT \_UNEXPECTED \_FILE". 172 | 173 | #### `.any()` 174 | 175 | قبول جميع الملفات التي تأتي عبر السلك. سيتم تخزين مصفوفة من الملفات في `req.files`. 176 | 177 | **تحذير:** تأكد من أنك تعالج دائمًا الملفات التي يقوم المستخدم بتحميلها. لا تقم أبداً بإضافة multer باعتبارها أداة وسيطة عامة ، حيث يمكن للمستخدم الضار تحميل الملفات إلى مسار غير متتوقع. استخدم هذه الدالة فقط على المسارات التي تتعامل فيها مع الملفات التي تم تحميلها. 178 | 179 | ### `storage` 180 | 181 | #### `DiskStorage` 182 | 183 | يمنحك محرك تخزين القرص التحكم الكامل في تخزين الملفات على القرص. 184 | 185 |
186 | 187 | ```javascript 188 | var storage = multer.diskStorage({ 189 | destination: function (req, file, cb) { 190 | cb(null, '/tmp/my-uploads') 191 | }, 192 | filename: function (req, file, cb) { 193 | cb(null, file.fieldname + '-' + Date.now()) 194 | } 195 | }) 196 | 197 | var upload = multer({ storage: storage }) 198 | ``` 199 | 200 |
201 | 202 | هناك خياران متاحان ، `destination` و `filename`. كلاهما يعملان على تحديد مكان تخزين الملف. 203 | 204 | يتم استخدام `destination` لتحديد أي مجلد يجب تخزين الملفات المحملة. يمكن أيضًا إعطاء هذا كـ`سلسلة` (مثل `'/tmp/uploads'`). إذا لم يتم إعطاء `destination` ، فسيتم استخدام الدليل الافتراضي لنظام التشغيل للملفات المؤقتة. 205 | 206 | **ملاحظة:** أنت مسؤول عن إنشاء الدليل عند توفر `destination` كدالة. عند المرور بسلسلة ، سوف يتأكد multer من إنشاء الدليل من أجلك. 207 | 208 | يتم استخدام `اسم الملف` لتحديد ما يجب تسمية الملف داخل المجلد. إذا لم يتم تقديم `اسم الملف`، فسيتم إعطاء كل ملف اسمًا عشوائيًا لا يتضمن أي امتداد للملف. 209 | 210 | **ملاحظة:** لن يقوم multer بإلحاق اي ملحق ملف لك، الدالة الخاص بك يجب أن تقوم بإرجاع اسم ملف كامل بملحق الملف. 211 | 212 | يتم تمرير كل دالة من خلال الطلب (req`) وبعض المعلومات حول الملف (`file`) للمساعدة في اتخاذ القرار. 213 | 214 | لاحظ أن `req.body` ربما لم يتم ملؤها بالكامل بعد. يعتمد ذلك على الترتيب الذي يقوم به العميل من خلال نقل المدخلات والملفات إلى الخادم. 215 | 216 | #### `MemoryStorage` 217 | 218 | يخزن محرك تخزين الذاكرة الملفات الموجودة في الذاكرة ككائنات `ذاكرة` (`Buffer`). ليس لديها أي خيارات. 219 | 220 |
221 | 222 | ```javascript 223 | var storage = multer.memoryStorage() 224 | var upload = multer({ storage: storage }) 225 | ``` 226 | 227 |
228 | 229 | عند استخدام ذاكرة التخزين ، ستحتوي معلومات الملف على مُدخَل يسمى `buffer` الذي يحتوي على الملف بأكمله. 230 | 231 | **تحذير**: يمكن أن يؤدي تحميل ملفات كبيرة جدًا أو ملفات صغيرة نسبيًا بأعداد كبيرة و بسرعة كبيرة إلى نفاد ذاكرة التطبيق عند استخدام ذاكرة التخزين. 232 | 233 | ### `limits` 234 | 235 | كائن يحدد حدود حجم الخصائص الاختيارية التالية. يقوم Multer بتمرير هذا الكائن إلى busboy مباشرة ، ويمكن العثور على تفاصيل الخصائص من خلال [صفحة busboy's](https://github.com/mscdex/busboy#busboy-methods). 236 | 237 | تتوفر القيم الصحيحة التالية: 238 | 239 | مفتاح | وصف | افتراضي 240 | --- | --- | --- 241 | `fieldNameSize` | الحد الأقصى لحجم اسم المُدخَل | 100 بايت 242 | `fieldSize` | الحد الأقصى لحجم قيمة المُدخَل (بالبايت) | 1 ميغابايت 243 | `fields` | الحد الأقصى لعدد المدخلات التى لا تعتبر من الملفات | ما لا نهاية 244 | `fileSize` | حجم الملف الأقصى بالنسبة لإستمارة متعددة الأجزاء (بالبايت) | ما لا نهاية 245 | `files` | الحد الأقصى لعدد المدخلات من نوع الملفات بالنسبة لإستمارة متعددة الأجزاء | ما لا نهاية 246 | `parts` | الحد الأقصى لعدد الأجزاء (مدخلات + ملفات) بالنسبة لإستمارة متعددة الأجزاء | ما لا نهاية 247 | `headerPairs` | الحد الأقصى لعدد أزواج الرأس (المفتاح => القيمة) المطلوب تحليلها بالنسبة لإستمارة متعددة الأجزاء | 2000 248 | 249 | يمكن أن يساعد تحديد الحدود في حماية موقعك من هجمات حجب الخدمة (DoS). 250 | 251 | ### `fileFilter` 252 | 253 | اضبط هذا على دالة للتحكم في الملفات التي ينبغي تحميلها وأي الملفات يجب تخطيها. يجب أن تبدو دالة كما يلي: 254 | 255 |
256 | 257 | ```javascript 258 | function fileFilter (req, file, cb) { 259 | 260 | // The function should call `cb` with a boolean 261 | // to indicate if the file should be accepted 262 | 263 | // To reject this file pass `false`, like so: 264 | cb(null, false) 265 | 266 | // To accept the file pass `true`, like so: 267 | cb(null, true) 268 | 269 | // You can always pass an error if something goes wrong: 270 | cb(new Error('I don\'t have a clue!')) 271 | 272 | } 273 | ``` 274 | 275 |
276 | 277 | ## معالجة الأخطاء 278 | 279 | عند مواجهة خطأ ، سيقوم Multer بتفويض الخطأ إلى Express. يمكنك 280 | عرض صفحة خطأ لطيفة باستخدام [طريقة Express القياسية](http://expressjs.com/guide/error-handling.html). 281 | 282 | إذا كنت تريد إنتقاء الأخطاء والحصول على [أخطاء Multer فقط](https://github.com/expressjs/multer/blob/main/lib/multer-error.js)، فيمكنك نداء بدالة الوسيطة من قبل نفسك. أيضًا ، إذا كنت تريد التقاط أخطاء Multer فقط ، فيمكنك استخدام صنف `MulterError` المتصل بالكائن` multer` نفسه (على سبيل المثال `err instanceof multer.MulterError`). 283 | 284 |
285 | 286 | ```javascript 287 | var multer = require('multer') 288 | var upload = multer().single('avatar') 289 | 290 | app.post('/profile', function (req, res) { 291 | upload(req, res, function (err) { 292 | if (err instanceof multer.MulterError) { 293 | // A Multer error occurred when uploading. 294 | } else if (err) { 295 | // An unknown error occurred when uploading. 296 | } 297 | 298 | // Everything went fine. 299 | }) 300 | }) 301 | ``` 302 | 303 |
304 | 305 | ## محرك التخزين الخاص بك 306 | 307 | للحصول على معلومات حول كيفية إنشاء محرك التخزين الخاص بك ، راجع [محرك تخزين Multer](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 308 | 309 | ## الترخيص 310 | 311 | [MIT](LICENSE) 312 | 313 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 314 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 315 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 316 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 317 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 318 | [npm-url]: https://npmjs.org/package/multer 319 | [npm-version-image]: https://badgen.net/npm/v/multer 320 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 321 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-es.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer es un "*middleware*" de node.js para el manejo de `multipart/form-data`, el cuál es usado sobre todo para la subida de archivos. Está escrito sobre [busboy](https://github.com/mscdex/busboy) para maximizar su eficiencia. 4 | 5 | **NOTA**: Multer no procesará ningún formulario que no sea multiparte (`multipart/form-data`). 6 | 7 | ## Traducciones 8 | 9 | Éste archivo README también está disponible en otros lenguajes: 10 | 11 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (Inglés) 12 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (Chino) 13 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (Coreano) 14 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (Ruso) 15 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (Portugués Brasileño) 16 | 17 | ## Instalación 18 | 19 | ```sh 20 | $ npm install --save multer 21 | ``` 22 | 23 | ## Uso 24 | 25 | Multer añade un objeto `body` y un objeto `file` o `files` al objeto `request`. El objeto `body` contiene los valores correspondientes a los campos de texto del formulario, los objetos `file` o `files` contienen los archivos que serán subidos mediante el formulario. 26 | 27 | Ejemplo básico de cómo usarlo: 28 | 29 | No te olvides de `enctype="multipart/form-data"` en tu formulario. 30 | 31 | ```html 32 |
33 | 34 |
35 | ``` 36 | 37 | ```javascript 38 | const express = require('express') 39 | const multer = require('multer') 40 | const upload = multer({ dest: 'uploads/' }) 41 | 42 | const app = express() 43 | 44 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 45 | // req.file es el archivo del `avatar` 46 | // req.body contendrá los campos de texto, si los hubiera. 47 | }) 48 | 49 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 50 | // req.files es el arreglo (array) de archivos `photos` 51 | // req.body contendrá los campos de texto, si los hubiera. 52 | }) 53 | 54 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 55 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 56 | // req.files es un objeto (String -> Array) donde el nombre del campo es la clave (key) y el valor es el arreglo (array) de archivos 57 | // 58 | // Ejemplo 59 | // req.files['avatar'][0] -> Archivo 60 | // req.files['gallery'] -> Array 61 | // 62 | // req.body contendrá los campos de texto, si los hubiera. 63 | }) 64 | ``` 65 | 66 | En caso de que necesites manejar un formulario multiparte (multipart form) que sólo contiene campos de texto, deberias usar el método `.none()`: 67 | 68 | ```javascript 69 | const express = require('express') 70 | const app = express() 71 | const multer = require('multer') 72 | const upload = multer() 73 | 74 | app.post('/profile', upload.none(), function (req, res, next) { 75 | // req.body contiene los campos textuales 76 | }) 77 | ``` 78 | 79 | 80 | Este es un ejemplo de cómo se utiliza multer en un formulario HTML. Presta especial atención en los campos `enctype="multipart/form-data"` y `name="uploaded_file"`: 81 | 82 | ```html 83 |
84 |
85 | 86 | 87 | 88 |
89 |
90 | ``` 91 | 92 | Luego en tu archivo javascript agrega estas líneas para acceder tanto al archivo (file) como al body.Es importante que uses el valor del campo `name` del formulario, en tu función de subida. Esto le indica a multer en qué campo de la petición debe buscar los archivos. Si estos campos no son los mismos en el formulario HTML y en tu servidor, la subida fallará: 93 | 94 | ```javascript 95 | const multer = require('multer') 96 | const upload = multer({ dest: './public/data/uploads/' }) 97 | app.post('/stats', upload.single('uploaded_file'), function (req, res) { 98 | // req.file es el nombre de tu archivo en el formulario anterior, en este caso 'uploaded_file' 99 | // req.body contendrá los campos de texto, si los hubiera. 100 | console.log(req.file, req.body) 101 | }); 102 | ``` 103 | 104 | 105 | 106 | ## API 107 | 108 | ### Información del archivo 109 | 110 | Cada archivo contiene la siguiente información: 111 | 112 | Clave (Key) | Descripción | Nota 113 | --- | --- | --- 114 | `fieldname` | Nombre del campo especificado en el formulario | 115 | `originalname` | Nombre del archivo en la computadora del usuario | 116 | `encoding` | Tipo de codificación del archivo | 117 | `mimetype` | Mime type del archivo | 118 | `size` | Tamaño del archivo en Bytes | 119 | `destination` | La carpeta donde se guardó el archivo | `DiskStorage` 120 | `filename` | El nombre del archivo en `destination` | `DiskStorage` 121 | `path` | La ruta completa al archivo subido | `DiskStorage` 122 | `buffer` | Un `Buffer` del archivo completo | `MemoryStorage` 123 | 124 | ### `multer(opts)` 125 | 126 | Multer acepta un objeto para configurar sus opciones, la más básica de ellas es la propiedad `dest`, la cual informa a Multer dónde debe subir los archivos. En caso de que omitas el objeto con las opciones, los archivos serán guardados en la memoria y nunca serán escritos en el disco. 127 | 128 | Por defecto, Multer renombrará los archivos para evitar conflictos de nombres. La función usada para renombrarlos puede ser modificada acorde a tus necesidades. 129 | 130 | Las siguientes son las opciones que pueden ser utilizadas con Multer. 131 | 132 | Clave (key) | Descripción 133 | --- | --- 134 | `dest` o `storage` | Donde se guardarán los archivos 135 | `fileFilter` | Función para controlar qué archivos son aceptados 136 | `limits` | Límites de los datos subidos 137 | `preservePath` | Mantiene la ruta completa de la ubicación de los archivos, en vez de sólo sus nombres 138 | 139 | En la aplicación web promedio es probable que sólo se requiera `dest`, siendo configurado como en el siguiente ejemplo: 140 | 141 | ```javascript 142 | const upload = multer({ dest: 'uploads/' }) 143 | ``` 144 | 145 | Si quieres más control sobre tus subidas, tendrás que usar la opción `storage` en vez de `dest`. Multer incorpora los mecanismos de almacenamiento `DiskStorage` y `MemoryStorage`; existen otros medios provistos por terceros. 146 | 147 | #### `.single(fieldname)` 148 | 149 | Acepta un único archivo con el nombre `fieldname`. Dicho archivo será guardado en `req.file`. 150 | 151 | #### `.array(fieldname[, maxCount])` 152 | 153 | Acepta un arreglo (array), de archivos, todos con el nombre `fieldname`. Opcionalmente puede generarse un error si se intentan subir una cantidad de archivos superior a `maxCount`. El arreglo (array) de archivos será guardado en `req.files`. 154 | 155 | #### `.fields(fields)` 156 | 157 | Acepta una mezcla de archivos, especificados por `field`. Un objeto con arreglos (arrays) de archivos será guardado en `req.files` 158 | 159 | `fields` debería ser un arreglo (array) de objetos con `name` y opcionalmente `maxCount`. 160 | Ejemplo: 161 | 162 | ```javascript 163 | [ 164 | { name: 'avatar', maxCount: 1 }, 165 | { name: 'gallery', maxCount: 8 } 166 | ] 167 | ``` 168 | 169 | #### `.none()` 170 | 171 | Acepta sólo campos de texto. En caso de intentar subir un archivo, se generará un error con el siguiente código 172 | "LIMIT\_UNEXPECTED\_FILE". 173 | 174 | #### `.any()` 175 | 176 | Acepta todos los archivos que han sido enviados. Un arreglo (array) conteniendo los archivos, será guardado en `req.files`. 177 | 178 | **ADVERTENCIA:** Asegúrate de siempre manejar los archivos que los usuarios intenten subir. Nunca uses Multer como una función middleware de manera global dado que, de esta forma, un usuario malicioso podría subir archivos por medio de rutas que no has anticipado. Usa sólo esta función en rutas en las que estás esperando archivos. 179 | 180 | ### `storage` 181 | 182 | #### `DiskStorage` 183 | 184 | El motor de almacenamiento en disco te ofrece un control total sobre el almacenamiento de archivos en tu disco. 185 | 186 | ```javascript 187 | const storage = multer.diskStorage({ 188 | destination: function (req, file, cb) { 189 | cb(null, '/tmp/my-uploads') 190 | }, 191 | filename: function (req, file, cb) { 192 | cb(null, file.fieldname + '-' + Date.now()) 193 | } 194 | }) 195 | 196 | const upload = multer({ storage: storage }) 197 | ``` 198 | 199 | Hay dos opciones disponibles, `destination` y `filename`. Ambas son funciones que determinan dónde debería almacenarse el archivo. 200 | 201 | `destination` se utiliza para determinar en qué carpeta se almacenarán los archivos subidos. Tambien se puede proporcionar como un `string` (por ejemplo: `'/tmp/uploads'`). Si no se proporciona `destination`, se utilizara el directorio predeterminado del sistema operativo para archivos temporales. 202 | 203 | **Nota:** Al pasar `destination` como una función, tú eres el responsable de crear los directorios donde los archivos serán almacenados. Cuando asignas un `string` a `destination`, Multer se asegurará de que el directorio sea creado en caso de no encontrarlo. 204 | 205 | `filename` es usado para determinar cómo debería ser nombrado el archivo dentro de la carpeta. Si `filename` no es provisto, a cada archivo se le asignará un nombre aleatorio que no incluirá ninguna extensión. 206 | 207 | **Nota:** Multer no añadirá ningúna extensión de archivos por ti, es tu función la que debería retornar un nombre completo, que incluya también la extensión del archivo. 208 | 209 | El objeto petición (`req`) y parte de la información del archivo (`file`) son pasadas a tu función para ayudar con la decisión en la nomenclatura. 210 | 211 | Nota que `req.body` puede que no haya sido totalmente poblado todavía. Esto depende del orden en el que el cliente transmita sus campos y archivos hacia el servidor. 212 | 213 | Para comprender la convención de llamada utilizada en el callback (necesitas pasar null como primer parametro), consulta en 214 | [Node.js manejo de errores](https://web.archive.org/web/20220417042018/https://www.joyent.com/node-js/production/design/errors) 215 | 216 | #### `MemoryStorage` 217 | 218 | El motor de almacenamiento en memoria almacena los archivos en memoria como objetos `Buffer`. Para esto no se proveen opciones. 219 | 220 | ```javascript 221 | const storage = multer.memoryStorage() 222 | const upload = multer({ storage: storage }) 223 | ``` 224 | 225 | Al usar el almacenamiento en memoria, la información del archivo contendrá un campo llamado `buffer` que contiene el archivo entero. 226 | 227 | **ADVERTENCIA**: Subir archivos grandes, o relativamente pequeños pero en gran cantidad y muy rápido, puede provocar que tu aplicación se quede sin memoria cuando es usado el almacenamiento en memoria. 228 | 229 | ### `limits` 230 | 231 | Un objeto especifica los límites correpondientes a los tamaños de las siguientes propiedades opcionales. Multer pasa este objeto directamente a *busboy*, los detalles de las propiedades pueden encontrarse en [la página de busboy](https://github.com/mscdex/busboy#busboy-methods). 232 | 233 | Los siguientes valores en números enteros están disponibles: 234 | 235 | Clave (Key) | Descripción | Por defecto 236 | --- | --- | --- 237 | `fieldNameSize` | Tamaño máximo del nombre del campo | 100 bytes 238 | `fieldSize` | Tamaño máximo de los valores para cada campo (en bytes) | 1MB 239 | `fields` | Número máximo de campos que no son archivos | Infinito 240 | `fileSize` | Para formularios multiparte, el tamaño máximo de los archivos (en bytes) | Infinito 241 | `files` | Para los formularios multiparte, el número máximo de campos para archivos | Infinito 242 | `parts` | Para los formularios multiparte, el número máximo de partes (campos + archivos) | Infinito 243 | `headerPairs` | Para los formularios multiparte, el número máximo de cabeceras de pares clave=>valor para analizar | 2000 244 | 245 | Especificar los límites puede ayudarte a proteger tu sitio contra ataques de denegación del servicio (DoS). 246 | 247 | ### `fileFilter` 248 | 249 | Asigna ésto a una función para controlar cuáles archivos deben ser subidos y cuáles deben ser omitidos. La función debería verse como ésta: 250 | 251 | ```javascript 252 | function fileFilter (req, file, cb) { 253 | 254 | // La función debe llamar a `cb` usando una variable del tipo boolean 255 | // para indicar si el archivo debería ser aceptado o no 256 | 257 | // Para rechazar el archivo es necesario pasar `false`, de la siguiente forma: 258 | cb(null, false) 259 | 260 | // Para aceptar el archivo es necesario pasar `true`, de la siguiente forma: 261 | cb(null, true) 262 | 263 | // Siempre puedes pasar un error en caso de que algo salga mal: 264 | cb(new Error('No tengo la menor idea!')) 265 | 266 | } 267 | ``` 268 | 269 | ## Manejo de errores 270 | 271 | Al encontrarse con un error, Multer delegará ese error a Express. Puedes mostrar una linda página de error usando [la manera standard de Express](http://expressjs.com/guide/error-handling.html). 272 | 273 | Si quieres capturar los errores específicamente desde Multer, puedes llamar la función middleware tú mismo. También, si quieres capturar sólo [los errores de Multer](https://github.com/expressjs/multer/blob/main/lib/multer-error.js), puedes usar la clase `MulterError` que está adherida al mismo objeto `multer` (por ejemplo: `err instanceof multer.MulterError`). 274 | 275 | ```javascript 276 | const multer = require('multer') 277 | const upload = multer().single('avatar') 278 | 279 | app.post('/profile', function (req, res) { 280 | upload(req, res, function (err) { 281 | if (err instanceof multer.MulterError) { 282 | // Un error de Multer ocurrió durante la subida. 283 | } else if (err) { 284 | // Un error desconocido ocurrió durante la subida. 285 | } 286 | 287 | // Todo salió bien. 288 | }) 289 | }) 290 | ``` 291 | 292 | ## Mecanismos de almacenamiento personalizados 293 | 294 | Para más información acerca de cómo construir tu propio mecanismo de almacenamiento, recomendamos leer [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 295 | 296 | ## Licencia 297 | 298 | [MIT](LICENSE) 299 | 300 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 301 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 302 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 303 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 304 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 305 | [npm-url]: https://npmjs.org/package/multer 306 | [npm-version-image]: https://badgen.net/npm/v/multer 307 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 308 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-ko.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer는 파일 업로드를 위해 사용되는 `multipart/form-data` 를 다루기 위한 node.js 의 미들웨어 입니다. 효율성을 최대화 하기 위해 [busboy](https://github.com/mscdex/busboy) 를 기반으로 하고 있습니다. 4 | 5 | **주**: Multer는 multipart (`multipart/form-data`)가 아닌 폼에서는 동작하지 않습니다. 6 | 7 | ## 번역 8 | 9 | 이 문서는 아래의 언어로도 제공됩니다: 10 | 11 | - [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) (아라비아 말) 12 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (영어) 13 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (스페인어) 14 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (중국어) 15 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (러시아) 16 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (포르투갈어 BR) 17 | 18 | ## 설치 19 | 20 | ```sh 21 | $ npm install --save multer 22 | ``` 23 | 24 | ## 사용법 25 | 26 | Multer는 `body` 객체와 한 개의 `file` 혹은 여러개의 `files` 객체를 `request` 객체에 추가합니다. `body` 객체는 폼 텍스트 필드의 값을 포함하고, 한 개 혹은 여러개의 파일 객체는 폼을 통해 업로드된 파일들을 포함하고 있습니다. 27 | 28 | 기본 사용 예제: 29 | 30 | ```javascript 31 | const express = require('express') 32 | const multer = require('multer') 33 | const upload = multer({ dest: 'uploads/' }) 34 | 35 | const app = express() 36 | 37 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 38 | // req.file 은 `avatar` 라는 필드의 파일 정보입니다. 39 | // 텍스트 필드가 있는 경우, req.body가 이를 포함할 것입니다. 40 | }) 41 | 42 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 43 | // req.files 는 `photos` 라는 파일정보를 배열로 가지고 있습니다. 44 | // 텍스트 필드가 있는 경우, req.body가 이를 포함할 것입니다. 45 | }) 46 | 47 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 48 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 49 | // req.files는 (String -> Array) 형태의 객체 입니다. 50 | // 필드명은 객체의 key에, 파일 정보는 배열로 value에 저장됩니다. 51 | // 52 | // e.g. 53 | // req.files['avatar'][0] -> File 54 | // req.files['gallery'] -> Array 55 | // 56 | // 텍스트 필드가 있는 경우, req.body가 이를 포함할 것입니다. 57 | }) 58 | ``` 59 | 60 | 텍스트 전용 multipart 폼을 처리해야 하는 경우, 어떠한 multer 메소드 (`.single()`, `.array()`, `fields()`) 도 사용할 수 있습니다. 아래는 `.array()` 를 사용한 예제 입니다 : 61 | 62 | ```javascript 63 | const express = require('express') 64 | const app = express() 65 | const multer = require('multer') 66 | const upload = multer() 67 | 68 | app.post('/profile', upload.array(), function (req, res, next) { 69 | // req.body는 텍스트 필드를 포함합니다. 70 | }) 71 | ``` 72 | 73 | ## API 74 | 75 | ### 파일 정보 76 | 77 | 각각의 파일은 아래의 정보를 포함하고 있습니다: 78 | 79 | Key | Description | Note 80 | --- | --- | --- 81 | `fieldname` | 폼에 정의된 필드 명 | 82 | `originalname` | 사용자가 업로드한 파일 명 | 83 | `encoding` | 파일의 엔코딩 타입 | 84 | `mimetype` | 파일의 Mime 타입 | 85 | `size` | 파일의 바이트(byte) 사이즈 | 86 | `destination` | 파일이 저장된 폴더 | `DiskStorage` 87 | `filename` | `destination` 에 저장된 파일 명 | `DiskStorage` 88 | `path` | 업로드된 파일의 전체 경로 | `DiskStorage` 89 | `buffer` | 전체 파일의 `Buffer` | `MemoryStorage` 90 | 91 | ### `multer(opts)` 92 | 93 | Multer는 옵션 객체를 허용합니다. 그 중 가장 기본 옵션인 `dest` 요소는 Multer에게 파일을 어디로 업로드 할 지를 알려줍니다. 만일 옵션 객체를 생략했다면, 파일은 디스크가 아니라 메모리에 저장될 것 입니다. 94 | 95 | 기본적으로 Multer는 이름이 중복되는 것을 방지하기 위해서 파일의 이름을 재작성 합니다. 필요에 따라 해당 함수는 커스터마이징이 가능합니다. 96 | 97 | Multer로 전달 가능한 옵션들은 다음과 같습니다. 98 | 99 | Key | Description 100 | --- | --- 101 | `dest` or `storage` | 파일이 저장될 위치 102 | `fileFilter` | 어떤 파일을 허용할지 제어하는 함수 103 | `limits` | 업로드 된 데이터의 한도 104 | `preservePath` | 파일의 base name 대신 보존할 파일의 전체 경로 105 | 106 | 보통의 웹 앱에서는 `dest` 옵션 정도만 필요할지도 모릅니다. 설정 방법은 아래의 예제에 나와있습니다. 107 | 108 | ```javascript 109 | const upload = multer({ dest: 'uploads/' }) 110 | ``` 111 | 112 | 만일 업로드를 더 제어하고 싶다면, `dest` 옵션 대신 `storage` 옵션을 사용할 수 있습니다. Multer는 스토리지 엔진인 `DiskStorage` 와 `MemoryStorage` 를 탑재하고 있습니다. 써드파티로부터 더 많은 엔진들을 사용할 수 있습니다. 113 | 114 | #### `.single(fieldname)` 115 | 116 | `fieldname` 인자에 명시된 이름의 단수 파일을 전달 받습니다. 이 파일은 `req.file` 에 저장될 것 입니다. 117 | 118 | #### `.array(fieldname[, maxCount])` 119 | 120 | `fieldname` 인자에 명시된 이름의 파일 전부를 배열 형태로 전달 받습니다. 선택적으로 `maxCount` 에 명시된 값 이상의 파일이 업로드 될 경우 에러를 출력할 수 있습니다. 전달 된 배열 형태의 파일은 `req.files` 에 저장될 것입니다. 121 | 122 | #### `.fields(fields)` 123 | 124 | `fields` 인자에 명시된 여러 파일을 전달 받습니다. 파일 객체는 배열 형태로 `req.files` 에 저장될 것입니다. 125 | 126 | `fields` 는 `name` 과 `maxCount` (선택사항) 을 포함하는 객체의 배열이어야 합니다. 127 | 예제: 128 | 129 | ```javascript 130 | [ 131 | { name: 'avatar', maxCount: 1 }, 132 | { name: 'gallery', maxCount: 8 } 133 | ] 134 | ``` 135 | 136 | #### `.none()` 137 | 138 | 오직 텍스트 필드만 허용합니다. 만일 파일이 업로드 되었을 경우, "LIMIT\_UNEXPECTED\_FILE" 와 같은 에러 코드가 발생할 것입니다. 이는 `upload.fields([])` 와 같은 동작을 합니다. 139 | 140 | #### `.any()` 141 | 142 | 전달된 모든 파일을 허용합니다. 파일 배열은 `req.files` 에 저장될 것입니다. 143 | 144 | **주의:** 항상 사용자가 업로드한 파일을 다룬다는 점을 명심하세요. 악의적인 사용자가 여러분이 예측하지 못한 곳으로 파일을 업로드 할 수 있으므로 절대 multer를 글로벌 미들웨어로 사용하지 마세요. 145 | 146 | ### `storage` 147 | 148 | #### `DiskStorage` 149 | 150 | 디스크 스토리지 엔진은 파일을 디스크에 저장하기 위한 모든 제어 기능을 제공합니다. 151 | 152 | ```javascript 153 | const storage = multer.diskStorage({ 154 | destination: function (req, file, cb) { 155 | cb(null, '/tmp/my-uploads') 156 | }, 157 | filename: function (req, file, cb) { 158 | cb(null, file.fieldname + '-' + Date.now()) 159 | } 160 | }) 161 | 162 | const upload = multer({ storage: storage }) 163 | ``` 164 | 165 | `destination` 과 `filename` 의 두가지 옵션이 가능합니다. 두 옵션 모두 파일을 어디에 저장할 지를 정하는 함수입니다. 166 | 167 | `destination` 옵션은 어느 폴더안에 업로드 한 파일을 저장할 지를 결정합니다. 이는 `string` 형태로 주어질 수 있습니다 (예. `'/tmp/uploads'`). 만일 `destination` 옵션이 주어지지 않으면, 운영체제 시스템에서 임시 파일을 저장하는 기본 디렉토리를 사용합니다. 168 | 169 | **주:** `destination` 을 함수로 사용할 경우, 디렉토리를 생성해야 할 책임이 있습니다. 문자열이 전달될 때, multer는 해당 디렉토리가 생성되었는지 확인합니다. 170 | 171 | `filename` 은 폴더안에 저장되는 파일 명을 결정하는데 사용됩니다. 172 | 만일 `filename` 이 주어지지 않는다면, 각각의 파일은 파일 확장자를 제외한 랜덤한 이름으로 지어질 것입니다. 173 | 174 | **주:** Multer는 어떠한 파일 확장자도 추가하지 않습니다. 사용자 함수는 파일 확장자를 온전히 포함한 파일명을 반환해야 합니다. 175 | 176 | 결정을 돕기 위해 각각의 함수는 요청 정보 (`req`) 와 파일 (`file`) 에 대한 정보를 모두 전달 받습니다. 177 | 178 | `req.body` 는 완전히 채워지지 않았을 수도 있습니다. 이는 클라이언트가 필드와 파일을 서버로 전송하는 순서에 따라 다릅니다. 179 | 180 | #### `MemoryStorage` 181 | 182 | 메모리 스토리지 엔진은 파일을 메모리에 `Buffer` 객체로 저장합니다. 이에 대해서는 어떤 옵션도 없습니다. 183 | 184 | ```javascript 185 | const storage = multer.memoryStorage() 186 | const upload = multer({ storage: storage }) 187 | ``` 188 | 189 | 메모리 스토리지 사용시, 파일 정보는 파일 전체를 포함하는 `buffer` 라고 불리는 필드를 포함할 것입니다. 190 | 191 | **주의**: 메모리 스토리지를 사용시, 매우 큰 사이즈의 파일을 업로드 하거나 많은 양의 비교적 작은 파일들을 매우 빠르게 업로드 하는 경우 응용 프로그램의 메모리 부족이 발생 할 수 있습니다. 192 | 193 | ### `limits` 194 | 195 | 다음의 선택적 속성의 크기 제한을 지정하는 객체입니다. Multer 는 이 객체를 busboy로 직접 전달합니다. 속성들에 대한 자세한 내용은 [busboy's page](https://github.com/mscdex/busboy#busboy-methods) 에서 확인 하실 수 있습니다. 196 | 197 | 다음과 같은 정수 값들이 가능합니다: 198 | 199 | 속성 | 설명 | 기본값 200 | --- | --- | --- 201 | `fieldNameSize` | 필드명 사이즈 최대값 | 100 bytes 202 | `fieldSize` | 필드값 사이즈 최대값 | 1MB 203 | `fields` | 파일형식이 아닌 필드의 최대 개수 | 무제한 204 | `fileSize` | multipart 형식 폼에서 최대 파일 사이즈(bytes) | 무제한 205 | `files` | multipart 형식 폼에서 파일 필드의 최대 개수 | 무제한 206 | `parts` | For multipart forms, the max number of parts (fields + files) | 무제한 207 | `headerPairs` | multipart 형식 폼에서 파싱할 헤더의 key=>value 쌍의 최대 개수| 2000 208 | 209 | 사이즈 제한을 지정하면 서비스 거부 (DoS) 공격으로부터 사이트를 보호하는데 도움이 됩니다. 210 | 211 | ### `fileFilter` 212 | 213 | 어느 파일을 업로드 할지, 혹은 건너뛸지 제어할 수 있게 함수에 설정합니다. 해당 함수는 아래와 같을 것입니다 : 214 | 215 | ```javascript 216 | function fileFilter (req, file, cb) { 217 | 218 | // 이 함수는 boolean 값과 함께 `cb`를 호출함으로써 해당 파일을 업로드 할지 여부를 나타낼 수 있습니다. 219 | // 이 파일을 거부하려면 다음과 같이 `false` 를 전달합니다: 220 | cb(null, false) 221 | 222 | // 이 파일을 허용하려면 다음과 같이 `true` 를 전달합니다: 223 | cb(null, true) 224 | 225 | // 무언가 문제가 생겼다면 언제나 에러를 전달할 수 있습니다: 226 | cb(new Error('I don\'t have a clue!')) 227 | 228 | } 229 | ``` 230 | 231 | ## 에러 핸들링 232 | 233 | 에러가 발생할 때, multer는 에러를 express에 위임할 것입니다. 여러분은 [the standard express way](http://expressjs.com/guide/error-handling.html) 를 이용해서 멋진 오류 페이지를 보여줄 수 있습니다. 234 | 235 | 만일 multer 로부터 특별히 에러를 캐치하고 싶다면, 직접 미들웨어 함수를 호출하세요. 236 | 237 | ```javascript 238 | const upload = multer().single('avatar') 239 | 240 | app.post('/profile', function (req, res) { 241 | upload(req, res, function (err) { 242 | if (err) { 243 | // 업로드할때 오류가 발생함 244 | return 245 | } 246 | 247 | // 정상적으로 완료됨 248 | }) 249 | }) 250 | ``` 251 | 252 | ## 커스텀 스토리지 엔진 253 | 254 | 자신만의 고유한 스토리지 엔진을 구축하기 위한 정보를 얻기 위해서는 [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md) 문서를 참고하세요. 255 | 256 | ## 라이센스 257 | 258 | [MIT](LICENSE) 259 | 260 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 261 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 262 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 263 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 264 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 265 | [npm-url]: https://npmjs.org/package/multer 266 | [npm-version-image]: https://badgen.net/npm/v/multer 267 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 268 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-pt-br.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer é um middleware node.js para manipulação `multipart/form-data`, que é usado principalmente para fazer upload de arquivos. Foi escrito em cima do [busboy](https://github.com/mscdex/busboy) para máxima eficiência. 4 | 5 | **NOTA**: Multer não processará nenhum formulário que não seja multipart (`multipart/form-data`). 6 | 7 | ## Traduções 8 | 9 | Este README também está disponível em outros idiomas: 10 | 11 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (Inglês) 12 | - [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) (Árabe) 13 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (Espanhol) 14 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (Chinês) 15 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (Coreano) 16 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (Russo) 17 | - [Việt Nam](https://github.com/expressjs/multer/blob/main/doc/README-vi.md) (Vietnã) 18 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (Português Brasil) 19 | - [Français](https://github.com/expressjs/multer/blob/main/doc/README-fr.md) (Francês) 20 | - [O'zbek tili](https://github.com/expressjs/multer/blob/main/doc/README-uz.md) (Uzbequistão) 21 | 22 | ## Instalação 23 | 24 | ```sh 25 | $ npm install --save multer 26 | ``` 27 | 28 | ## Uso 29 | 30 | Multer adiciona um objeto `body` e um `file` ou objeto `files` para objeto `request`. O objeto `body` contém os valores dos campos de texto do formulário, o objeto `file` ou `files` contém os arquivos enviados por meio do formulário. 31 | 32 | Exemplo de uso básico: 33 | 34 | Não esqueça o `enctype="multipart/form-data"` em seu formulário. 35 | 36 | ```html 37 |
38 | 39 |
40 | ``` 41 | 42 | ```javascript 43 | const express = require('express') 44 | const multer = require('multer') 45 | const upload = multer({ dest: 'uploads/' }) 46 | 47 | const app = express() 48 | 49 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 50 | // req.file é um arquivo `avatar` 51 | // req.body conterá os campos de texto, se houver 52 | }) 53 | 54 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 55 | // req.files é um array de arquivos `photos` 56 | // req.body conterá os campos de texto, se houver 57 | }) 58 | 59 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 60 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 61 | // req.files é um objeto (String -> Array) onde fieldname é a chave e o valor é array de arquivos 62 | // 63 | // e.g. 64 | // req.files['avatar'][0] -> File 65 | // req.files['gallery'] -> Array 66 | // 67 | // req.body conterá os campos de texto, se houver 68 | }) 69 | ``` 70 | 71 | Caso você precise lidar com formulário text-only multipart, você deve usar o método `.none()`: 72 | 73 | ```javascript 74 | const express = require('express') 75 | const app = express() 76 | const multer = require('multer') 77 | const upload = multer() 78 | 79 | app.post('/profile', upload.none(), function (req, res, next) { 80 | // req.body contém os campos de texto 81 | }) 82 | ``` 83 | 84 | Aqui está um exemplo de como o multer é usado em um formulário HTML. Onde adicionamos `enctype="multipart/form-data"` no form e no input `name="uploaded_file"`: 85 | 86 | ```html 87 |
88 |
89 | 90 | 91 | 92 |
93 |
94 | ``` 95 | 96 | Então, em seu arquivo javascript, você adicionaria essas linhas para acessar o arquivo e o corpo. É importante que você use o valor do campo `name` do formulário em sua função de upload. Isso informa ao multer em qual campo da solicitação ele deve procurar os arquivos. Se esses campos não forem iguais no formulário HTML e no seu servidor, seu upload falhará: 97 | 98 | ```javascript 99 | const multer = require('multer') 100 | const upload = multer({ dest: './public/data/uploads/' }) 101 | app.post('/stats', upload.single('uploaded_file'), function (req, res) { 102 | // req.fileé o nome do seu arquivo no formato acima, aqui 'uploaded_file' 103 | // req.body irá conter os campos de texto, se houver algum 104 | console.log(req.file, req.body) 105 | }); 106 | ``` 107 | 108 | ## API 109 | 110 | ### Informação de arquivo 111 | 112 | Cada arquivo contém as seguintes informações: 113 | 114 | Key | Descrição | Nota 115 | --- | --- | --- 116 | `fieldname` | Nome do campo especificado no formulário | 117 | `originalname` | Nome do arquivo no computador do usuário | 118 | `encoding` | Tipo de codificação do arquivo | 119 | `mimetype` | Tipo Mime do arquivo | 120 | `size` | Tamanho do arquivo em bytes | 121 | `destination` | A pasta na qual o arquivo foi salvo | `DiskStorage` 122 | `filename` | O nome do arquivo dentro do `destination` | `DiskStorage` 123 | `path` | O caminho completo para o arquivo enviado | `DiskStorage` 124 | `buffer` | O `Buffer` do arquivo inteiro | `MemoryStorage` 125 | 126 | ### `multer(opts)` 127 | 128 | Multer aceita um objeto de opções, a propriedade mais básica é o `dest`, que diz ao Multer onde fazer o upload dos arquivos. No caso de você omitir o objeto de opções, os arquivos serão mantidos na memória e nunca gravados no disco. 129 | 130 | Por padrão, Multer irá renomear os arquivos para evitar conflitos de nomes. A função de renomeação pode ser personalizada de acordo com suas necessidades. 131 | 132 | A seguir estão as opções que podem ser passadas para o Multer. 133 | 134 | Key | Descrição 135 | --- | --- 136 | `dest` ou `storage` | Onde armazenar os arquivos 137 | `fileFilter` | Função para controlar quais arquivos são aceitos 138 | `limits` | Limites dos dados enviados 139 | `preservePath` | Mantenha o caminho completo dos arquivos em vez de apenas o nome base 140 | 141 | Em um web app básico, somente o `dest` pode ser necessário, e configurado como mostrado no exemplo a seguir: 142 | 143 | ```javascript 144 | const upload = multer({ dest: 'uploads/' }) 145 | ``` 146 | 147 | Se você quiser mais controle sobre seus envios, você ter que usar a opção `storage` em vez de `dest`. Multer vem com motores de armazenamento `DiskStorage` e `MemoryStorage`; Mais mecanismos estão disponíveis de terceiros. 148 | 149 | #### `.single(fieldname)` 150 | 151 | Aceite um único arquivo com o nome `fieldname`. O arquivo único será armazenado em `req.file`. 152 | 153 | #### `.array(fieldname[, maxCount])` 154 | 155 | Aceite múltiplos arquivos, todos com o nome `fieldname`. Opcional, gera um errose forem enviados mais de `maxCount`. O array de arquivos serão armazenados em 156 | `req.files`. 157 | 158 | #### `.fields(fields)` 159 | 160 | Aceita uma mistura de arquivos, especificada por `fields`. Um objeto com um array de arquivos será armazenado em `req.files`. 161 | 162 | `fields` deve ser uma matriz de objetos com `name` e opcionalmente com `maxCount`. 163 | 164 | Exemplo: 165 | 166 | ```javascript 167 | [ 168 | { name: 'avatar', maxCount: 1 }, 169 | { name: 'gallery', maxCount: 8 } 170 | ] 171 | ``` 172 | 173 | #### `.none()` 174 | 175 | Aceite apenas campo de texto. Se algum upload de arquivo for feito, um erro com código "LIMIT\_UNEXPECTED\_FILE" será emitido. 176 | 177 | #### `.any()` 178 | 179 | Aceita todos os arquivos que são enviados. Uma matriz de arquivos será armazenada em 180 | `req.files`. 181 | 182 | **AVISO:** Certifique-se de sempre manipular os arquivos que um usuário envia. 183 | Nunca adicione o Multer como global no middleware, já que um usuário mal-intencionado poderia fazer upload de arquivos para uma rota que você não previu. Use esta função apenas nas rotas onde você está lidando com os arquivos enviados. 184 | 185 | ### `storage` 186 | 187 | #### `DiskStorage` 188 | 189 | O mecanismo de armazenamento em disco oferece controle total sobre o armazenamento de arquivos em disco. 190 | 191 | ```javascript 192 | const storage = multer.diskStorage({ 193 | destination: function (req, file, cb) { 194 | cb(null, '/tmp/my-uploads') 195 | }, 196 | filename: function (req, file, cb) { 197 | cb(null, file.fieldname + '-' + Date.now()) 198 | } 199 | }) 200 | 201 | const upload = multer({ storage: storage }) 202 | ``` 203 | 204 | Existem duas opções disponíveis, `destination` e `filename`. Ambas são funções que determinam onde o arquivo deve ser armazenado. 205 | 206 | `destination` é usado para determinar em qual pasta os arquivos enviados devem ser armazenados. Isso também pode ser dado como uma `string` (e.g. `'/tmp/uploads'`). Se não é dada `destination`, o diretório padrão do sistema operacional para arquivos temporários é usado. 207 | 208 | **Nota:** Você é responsável por criar o diretório ao fornecer o "destino" com uma função. Ao passar uma string, o Multer se certificará de que o diretório foi criado para você. 209 | 210 | `filename` é usado para determinar qual arquivo deve ser nomeado dentro da pasta. 211 | Se não for passado `filename`, cada arquivo receberá um nome aleatório que não inclui nenhuma extensão de arquivo. 212 | 213 | **Nota:** Multer não adicionará nenhuma extensão de arquivo para você, sua função é retornar um nome para o arquivo completo com a extensão de arquivo. 214 | 215 | Cada função é passada pelo request (`req`) e algumas informações sobre o arquivo (`file`) para ajudar com a decisão. 216 | 217 | Observe que `req.body` pode não ter sido totalmente preenchido ainda. Isso depende da ordem na qual o cliente transmite campos e arquivos para o servidor. 218 | 219 | Para entender a convenção de chamada usada no callback (precisando passar 220 | null como o primeiro parâmetro), consulte em 221 | [Manipulação de erros no Node.js](https://web.archive.org/web/20220417042018/https://www.joyent.com/node-js/production/design/errors) 222 | 223 | #### `MemoryStorage` 224 | 225 | O mecanismo de armazenamento na memória, armazena os arquivos na memória como um objeto `Buffer`. Não tendo opções. 226 | ```javascript 227 | const storage = multer.memoryStorage() 228 | const upload = multer({ storage: storage }) 229 | ``` 230 | Ao usar o armazenamento de memória, as informações do arquivo conterão um campo chamado `buffer` que contém o arquivo inteiro. 231 | 232 | **AVISO**: Fazer upload de arquivos muito grandes ou arquivos relativamente pequenos em grande número muito rapidamente pode fazer com que o aplicativo fique sem memória quando o armazenamento de memória é usado. 233 | 234 | ### `limits` 235 | 236 | Um objeto que especifica os limites de tamanho das seguintes propriedades opcionais. O Multer passa diretamente o objeto para o busboy, e os detalhes das propriedades podem ser encontrados em [busboy's page](https://github.com/mscdex/busboy#busboy-methods). 237 | 238 | Os seguintes valores inteiros estão disponíveis: 239 | 240 | Key | Descrição | Padrão 241 | --- | --- | --- 242 | `fieldNameSize` | Tamanho máximo do nome de campo| 100 bytes 243 | `fieldSize` | Tamanho máximo do valor do campo (in bytes) | 1MB 244 | `fields` | Max number of non-file fields | Infinity 245 | `fileSize` | Para formulários multipart, o tamanho máximo do arquivo (in bytes) | Infinity 246 | `files` | Para formulários multipart, o número máximo de campos de arquivos | Infinity 247 | `parts` | Para formulários multipart, o número máximo de parts (fields + files) | Infinity 248 | `headerPairs` | Para formulários multipart, o número máximo do header key=>value, para analisar | 2000 249 | 250 | A especificação dos limites pode ajudar a proteger seu site contra ataques de negação de serviço (DoS). 251 | 252 | ### `fileFilter` 253 | 254 | Defina isso para uma função para controlar quais arquivos devem ser enviados e quais devem ser ignorados. 255 | 256 | A função deve ficar assim: 257 | 258 | ```javascript 259 | function fileFilter (req, file, cb) { 260 | 261 | // A função deve chamar `cb` com um booleano 262 | // para indicar se o arquivo deve ser aceito 263 | 264 | // Para rejeitar este arquivo passe `false`, assim: 265 | cb(null, false) 266 | 267 | // Para aceitar o arquivo passe `true`, assim: 268 | cb(null, true) 269 | 270 | // Você sempre pode passar um erro se algo der errado: 271 | cb(new Error('I don\'t have a clue!')) 272 | 273 | } 274 | ``` 275 | 276 | ## Error handling 277 | 278 | Quando encontrar um erro, Multer delegará o erro para Express. Você pode exibir uma boa página de erro usando [the standard express way](http://expressjs.com/guide/error-handling.html). 279 | 280 | Se você quer pegar erros especificamente do Multer, você pode enviar para o função de middleware. Além disso, se você quiser pegar apenas [os erros do Multer](https://github.com/expressjs/multer/blob/main/lib/multer-error.js), você pode usar a classe `MulterError` que está ligado ao objeto `multer` (e.g. `err instanceof multer.MulterError`). 281 | 282 | ```javascript 283 | const multer = require('multer') 284 | const upload = multer().single('avatar') 285 | 286 | app.post('/profile', function (req, res) { 287 | upload(req, res, function (err) { 288 | if (err instanceof multer.MulterError) { 289 | // Ocorreu um erro durante o upload. 290 | } else if (err) { 291 | // Ocorreu um erro durante o upload. 292 | } 293 | 294 | // Tudo correu bem. 295 | }) 296 | }) 297 | ``` 298 | 299 | ## Mecanismo de armazenamento personalizado 300 | 301 | Para obter informações sobre como criar seu próprio mecanismo de armazenamento, veja [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 302 | 303 | ## Licença 304 | 305 | [MIT](LICENSE) 306 | 307 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 308 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 309 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 310 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 311 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 312 | [npm-url]: https://npmjs.org/package/multer 313 | [npm-version-image]: https://badgen.net/npm/v/multer 314 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 315 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-ru.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer — это middleware для фреймворка express для обработки `multipart/form-data`, нужная в первую очередь при загрузке файлов. Написана как обертка над [busboy](https://github.com/mscdex/busboy) для ее максимально эффективного использования. 4 | 5 | **ВАЖНО**: Multer не обрабатывает никакой другой тип форм, кроме `multipart/form-data`. 6 | 7 | ## Переводы 8 | 9 | Это README также доступно на других языках: 10 | 11 | - [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) (арабский) 12 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (Английский) 13 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (Испанский) 14 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (Китайский) 15 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (Корейский) 16 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (бр Португальский) 17 | 18 | ## Установка 19 | 20 | ```sh 21 | $ npm install --save multer 22 | ``` 23 | 24 | ## Использование 25 | 26 | Multer добавляет объект `body` и объект `file` (или `files`) внутрь объекта `request`. Объект `body` содержит значения текстовых полей формы, объект `file` (`files`) содержит файл или файлы, загружаемые через форму. 27 | 28 | Простой пример использования: 29 | 30 | Не забывайте про `enctype="multipart/form-data"` в вашей форме. 31 | 32 | ```html 33 |
34 | 35 |
36 | ``` 37 | 38 | ```javascript 39 | const express = require('express') 40 | const multer = require('multer') 41 | const upload = multer({ dest: 'uploads/' }) 42 | 43 | const app = express() 44 | 45 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 46 | // req.file - файл `avatar` 47 | // req.body сохранит текстовые поля, если они будут 48 | }) 49 | 50 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 51 | // req.files - массив файлов `photos` 52 | // req.body сохранит текстовые поля, если они будут 53 | }) 54 | 55 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 56 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 57 | // req.files - объект (String -> Array), где fieldname - ключ, и значение - массив файлов 58 | // 59 | // например: 60 | // req.files['avatar'][0] -> File 61 | // req.files['gallery'] -> Array 62 | // 63 | // req.body сохранит текстовые поля, если они будут 64 | }) 65 | ``` 66 | 67 | Если вам нужно обработать multipart-форму, содержащую только текст, используйте метод `.none()`: 68 | 69 | ```javascript 70 | const express = require('express') 71 | const app = express() 72 | const multer = require('multer') 73 | const upload = multer() 74 | 75 | app.post('/profile', upload.none(), function (req, res, next) { 76 | // req.body содержит текстовые поля 77 | }) 78 | ``` 79 | 80 | ## API 81 | 82 | ### Информация о файлах 83 | 84 | Каждый файл содержит следующую информацию: 85 | 86 | Ключ | Описание | Замечания 87 | --- | --- | --- 88 | `fieldname` | Имя поля, заданное в форме | 89 | `originalname` | Имя файла на компьютере пользователя | 90 | `encoding` | Кодировка файла | 91 | `mimetype` | Mime-тип файла | 92 | `size` | Размер файла в байтах | 93 | `destination` | Каталог, где будет сохранен файл | `DiskStorage` 94 | `filename` | Имя файла без `destination` | `DiskStorage` 95 | `path` | Полный путь к загружаемому файлу | `DiskStorage` 96 | `buffer` | `Buffer` из всего файла | `MemoryStorage` 97 | 98 | ### `multer(opts)` 99 | 100 | Multer принимает объект с опциями. Базовая опция `dest` указывает Multer, куда загружать файлы. Если вы не указываете объект с опциями, файлы будут находиться в памяти и не будут записаны на диск. 101 | 102 | По умолчанию, Multer переименовывает файлы, чтобы избежать конфликтов. Это настраиваемо под ваши потребности. 103 | 104 | Следующие опции могут быть переданы Multer. 105 | 106 | Ключ | Описание 107 | --- | --- 108 | `dest` или `storage` | Где сохранять файлы 109 | `fileFilter` | Функция для контроля принятия файлов 110 | `limits` | Ограничения по загрузке 111 | `preservePath` | Сохранять полный путь к файлам вместо только базового имени 112 | 113 | Обычно для веб-приложения нужно обязательно переопределить `dest`, как показано в примере ниже. 114 | 115 | ```javascript 116 | const upload = multer({ dest: 'uploads/' }) 117 | ``` 118 | Если вам нужно больше возможностей для управления приложением, можно использовать `storage` вместо `dest`. Multer поставляется с двумя движками работы с памятью, `DiskStorage` и `MemoryStorage`, другие движки можно найти у сторонних разработчиков. 119 | 120 | #### `.single(fieldname)` 121 | 122 | Принимает один файл с именем `fieldname`. Файл будет сохранен в `req.file`. 123 | 124 | #### `.array(fieldname[, maxCount])` 125 | 126 | Принимает массив файлов с именем `fieldname`. Опционально можно задать ошибку при попытке загрузки более `maxCount` файлов. Массив файлов будет сохранен в `req.files`. 127 | 128 | #### `.fields(fields)` 129 | 130 | Принимает набор файлов, определенных в `fields`. Объект с массивом файлов будет сохранен в `req.files`. 131 | 132 | `fields` должен быть массивом объектов с полями `name` и опциональным `maxCount`. 133 | Например: 134 | 135 | ```javascript 136 | [ 137 | { name: 'avatar', maxCount: 1 }, 138 | { name: 'gallery', maxCount: 8 } 139 | ] 140 | ``` 141 | 142 | #### `.none()` 143 | 144 | Принимает только текстовые поля формы. При попытке загрузки файла падает с ошибкой "LIMIT\_UNEXPECTED\_FILE". 145 | 146 | #### `.any()` 147 | 148 | Принимает все переданные файлы. Массив файлов будет сохранен в `req.files`. 149 | 150 | **ПРЕДУПРЕЖДЕНИЕ:** Убедитесь в корректной обработке загрузки файлов вашим приложением. Никогда не используйте Multer как middleware глобально, если пользователь может загрузить вредоносные файлы, и тем самым нарушить работу вашего приложения. Используйте этот метод, только если вы полностью управляете процессом загрузки файлов. 151 | 152 | ### `storage` 153 | 154 | #### `DiskStorage` 155 | 156 | Движок дискового пространства. Дает полный контроль над размещением файлов на диск. 157 | 158 | ```javascript 159 | const storage = multer.diskStorage({ 160 | destination: function (req, file, cb) { 161 | cb(null, '/tmp/my-uploads') 162 | }, 163 | filename: function (req, file, cb) { 164 | cb(null, file.fieldname + '-' + Date.now()) 165 | } 166 | }) 167 | 168 | const upload = multer({ storage: storage }) 169 | ``` 170 | 171 | Доступно две опции, расположение `destination` и имя файла `filename`. Обе эти функции определяют, где будет находиться файл после загрузки. 172 | 173 | `destination` используется, чтобы задать каталог, в котором будут размещены файлы. Может быть задан строкой (например, `'/tmp/uploads'`). Если не задано расположение `destination`, операционная система воспользуется для сохранения каталогом для временных файлов. 174 | 175 | **Важно:** Вы должны создать каталог, когда используете `destination`. При передачи в качестве аргумента строки, Multer проверяет, что каталог создан. 176 | 177 | `filename` используется, чтобы определить, как будет назван файл внутри каталога. Если 178 | имя файла `filename` не задано, каждому файлу будет сконфигурировано случайное имя без расширения файла. 179 | 180 | **Важно:** Multer не добавляет никакого файлового расширения, ваша функция должна возвращать имя файла с необходимым расширением. 181 | 182 | В аргументах каждой функции прокидывается запрос (`req`) и набор информации о файле (`file`). 183 | 184 | Обратите внимание, что `req.body` может быть не полностью заполнено. Это зависит от порядка отправки клиентом полей и файлов на сервер. 185 | 186 | #### `MemoryStorage` 187 | 188 | Движок оперативной памяти сохраняет файлы в памяти как объекты типа `Buffer`. В этом случае нет никаких дополнительных опций. 189 | 190 | ```javascript 191 | const storage = multer.memoryStorage() 192 | const upload = multer({ storage: storage }) 193 | ``` 194 | Когда вы используете этот тип передачи, информация о файле будет содержать поле `buffer`, которое содержит весь файл. 195 | 196 | **ПРЕДУПРЕЖДЕНИЕ**: Загрузка очень больших файлов, или относительно небольших файлов в большом количестве может вызвать переполнение памяти. 197 | 198 | ### `limits` 199 | 200 | Объект, устанавливающий ограничения. Multer прокидывает этот объект напрямую в busboy, поэтому детали можно посмотреть 201 | [на странице с методами busboy](https://github.com/mscdex/busboy#busboy-methods). 202 | 203 | Доступны следующие целочисленные значения: 204 | 205 | Ключ | Описание | Значение по умолчанию 206 | --- | --- | --- 207 | `fieldNameSize` | Максимальный размер имени файла | 100 bytes 208 | `fieldSize` | Максимальный размер значения поля | 1MB 209 | `fields` | Максимальное количество не-файловых полей | Не ограничено 210 | `fileSize` | Максимальный размер файла в байтах для multipart-форм | Не ограничен 211 | `files` | Максимальное количество полей с файлами для multipart-форм | Не ограничено 212 | `parts` | Максимальное количество полей с файлами для multipart-форм (поля плюс файлы) | Не ограничено 213 | `headerPairs` | Максимальное количество пар ключ-значение key=>value для multipart-форм, которое обрабатывается | 2000 214 | 215 | Установка ограничений может помочь защитить ваш сайт от DoS-атак. 216 | 217 | ### `fileFilter` 218 | 219 | Задают функцию для того, чтобы решать, какие файлы будут загружены, а какие — нет. Функция может выглядеть так: 220 | 221 | ```javascript 222 | function fileFilter (req, file, cb) { 223 | 224 | // Функция должна вызывать `cb` с булевым значением, 225 | // которое показывает, следует ли принять файл 226 | 227 | // Чтобы отклонить, прокиньте в аргументы `false` так: 228 | cb(null, false) 229 | 230 | // Чтобы принять файл, используется как аргумент `true` таким образом: 231 | cb(null, true) 232 | 233 | // Вы можете всегда вернуть ошибку, если что-то пошло не так: 234 | cb(new Error('I don\'t have a clue!')) 235 | 236 | } 237 | ``` 238 | 239 | ## Обработка ошибок 240 | 241 | Когда выбрасывается исключение, Multer делегирует его обработку Express. Вы можете выводить страницу ошибки [стандартными для express способами](http://expressjs.com/guide/error-handling.html). 242 | 243 | Если вы хотите отлавливать ошибки конкретно от Multer, вам нужно вызывать собственную middleware для их обработки. Еще, если вы хотите отлавливать [исключительно ошибки Multer](https://github.com/expressjs/multer/blob/main/lib/make-error.js#L1-L9), вы можете использовать класс `MulterError`, который привязан к объекту `multer` (например, `err instanceof multer.MulterError`) 244 | 245 | ```javascript 246 | const multer = require('multer') 247 | const upload = multer().single('avatar') 248 | 249 | app.post('/profile', function (req, res) { 250 | upload(req, res, function (err) { 251 | if (err instanceof multer.MulterError) { 252 | // Случилась ошибка Multer при загрузке. 253 | } else { 254 | // При загрузке произошла неизвестная ошибка. 255 | } 256 | 257 | // Все прекрасно загрузилось. 258 | }) 259 | }) 260 | ``` 261 | 262 | ## Собственные движки для сохранения файлов 263 | 264 | Чтобы получить информацию, как создать собственный движок для обработки загрузки файлов, смотрите страницу [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 265 | 266 | ## Лицензия 267 | 268 | [MIT](LICENSE) 269 | 270 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 271 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 272 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 273 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 274 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 275 | [npm-url]: https://npmjs.org/package/multer 276 | [npm-version-image]: https://badgen.net/npm/v/multer 277 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 278 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-uz.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer - bu nodejs middleware bo'lib, asosan `multipart/form-data` shaklda yuborilgan fayllarni yuklashda ishlatiladi. Yuqori samaradorlikka erishish uchun [busboy](https://github.com/mscdex/busboy)ning ustiga yozilgan. 4 | 5 | **Muhim**: Multer `multipart` bo'lmagan har qanday formani qayta ishlamaydi. 6 | 7 | ## Tarjimalar 8 | 9 | Bu README boshqa tillarda ham mavjud: 10 | 11 | - [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) (arabcha) 12 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (inglizcha) 13 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (ispancha) 14 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (xitoycha) 15 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (korescha) 16 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (portugalcha) 17 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (ruscha) 18 | - [Français](https://github.com/expressjs/multer/blob/main/doc/README-fr.md) (fransuzcha) 19 | 20 | 21 | ## O'rnatish 22 | 23 | ```sh 24 | $ npm install --save multer 25 | ``` 26 | 27 | ## Foydalanish 28 | 29 | Multer - `request` ob'ektiga `body` va `file` yoki `files` ob'ektini qo'shadi. `body` ob'ekti formaning matn maydonlarining (fields) qiymatlarini o'z ichiga oladi, `file` yoki `files` ob'ekti forma orqali yuklangan fayllarni o'z ichiga oladi. 30 | 31 | Sodda ishlatish uchun namuna: 32 | 33 | Formada `enctype="multipart/form-data"` qo'shish esdan chiqmasin 34 | 35 | ```html 36 |
37 | 38 |
39 | ``` 40 | 41 | ```javascript 42 | const express = require('express') 43 | const multer = require('multer') 44 | const upload = multer({ dest: 'uploads/' }) 45 | 46 | const app = express() 47 | 48 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 49 | // req.file - fayl `avatar` 50 | // req.body agar matnli maydonlar (fields) bo'lsa, ularni saqlanadi 51 | }) 52 | 53 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 54 | // req.files - fayllar massivi `photos` 55 | // req.body agar matnli maydonlar (fields) bo'lsa, ularni saqlanadi 56 | }) 57 | 58 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 59 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 60 | // req.files - bu ob'ekt (String -> Array), matn maydoni(fieldname) - bu key, va qiymat - fayllar massivi 61 | // 62 | // misol: 63 | // req.files['avatar'][0] -> File 64 | // req.files['gallery'] -> Array 65 | // 66 | // req.body agar matnli maydonlar (fields) bo'lsa, ularni saqlanadi 67 | }) 68 | ``` 69 | 70 | Agarda siz faqat matndan iborat multipart form bilan ishlashingiz kerak bo'lsa, `.none()` ishlating: 71 | 72 | ```javascript 73 | const express = require('express') 74 | const app = express() 75 | const multer = require('multer') 76 | const upload = multer() 77 | 78 | app.post('/profile', upload.none(), function (req, res, next) { 79 | // req.body matnli maydonlar (fields)ni o'zida saqlaydi 80 | }) 81 | ``` 82 | 83 | ## API 84 | 85 | ### Fayl haqida ma'lumot 86 | 87 | Har bir fayl quyidagi ma'lumotlarni o'zida saqlaydi: 88 | 89 | Kalit(key) | Ta'rif | Eslatma 90 | --- |----------------------------------------| --- 91 | `fieldname` | Formada berilgan maxsus nom | 92 | `originalname` | Foydalanuvchi kompyuteridagi fayl nomi | 93 | `encoding` | Faylning kodlash turi | 94 | `mimetype` | Faylning `mime` turi | 95 | `size` | Fayl hajmi - baytda | 96 | `destination` | Fayl saqlangan papka | `DiskStorage` 97 | `filename` | `destination`ni ichidagi fayl nomi | `DiskStorage` 98 | `path` | Yuklangan faylning to'liq yo'li | `DiskStorage` 99 | `buffer` | Butun boshli fayl `Buffer` tipda | `MemoryStorage` 100 | 101 | ### `multer(opts)` 102 | 103 | Multer qo'shimcha ob'ekt qabul qiladi, ulardan eng asosiysi - `dest`, 104 | Multerga fayllarni qayerga yuklash kerakligini aytadigan xususiyat. Agarda siz qo'shimcha(`options`) ob'ektni tashlab ketsangiz, fayllar xotirada saqlanadi va hech qachon diskka yozilmaydi. 105 | 106 | Standart holatda - Multer nomlashda kelib chiqishi mumkin bo'lgan muammolarni oldini olish uchun fayllar nomini o'zgartiradi. O'z talablaringizga mos ravishda nomlash funksiyasini sozlay olashingiz mumkin. 107 | 108 | Quyidagilar Multerga qo'shimcha qiymat sifati berilishi mumkin: 109 | 110 | Kalit(key) | Ta'rif 111 | --- | --- 112 | `dest` yoki `storage` | Faylni qayerda saqlash 113 | `fileFilter` | Qaysi fayllar qabul qilinishini boshqarish funksiyasi 114 | `limits` | Yuklash chegarasi 115 | `preservePath` | Asosiy nom o'rniga fayllarning to'liq yo'lini saqlash 116 | 117 | O'rtacha veb-ilovada faqat `dest` kerak bo'lishi mumkin va quyidagicha sozlanishi mumkin 118 | 119 | ```javascript 120 | const upload = multer({ dest: 'uploads/' }) 121 | ``` 122 | Yuklamalaringizni boshqarishda ko'proq nazoratni xohlasangiz, `dest` o'rniga `storage` tanlovini ishlatishingiz kerak. Multer `DiskStorage` va `MemoryStorage` saqlash motorlari(engines) bilan keladi. Boshqa motorlar(engines) uchun uchinchi tomondan(third parties) ko'proq tanlovlar keladi. 123 | 124 | #### `.single(fieldname)` 125 | 126 | `fieldname` nomi bilan yagona faylni qabul qiladi. Yagona fayl `req.file` da saqlanadi. 127 | 128 | #### `.array(fieldname[, maxCount])` 129 | 130 | `fieldname` nomi bilan fayllar massivini qabul qiladi. Agar `maxCount` dan ko'p fayl yuklash urinishi bo'lsa, hatolikni aniqlash imkoniyatini berish mumkin. Fayllar massivi `req.files` da saqlanadi. 131 | 132 | #### `.fields(fields)` 133 | 134 | `fields`da aniqlangan fayllarni qabul qiladi. Fayllar massivini saqlash uchun `req.files` ichidagi massivda saqlanadi. 135 | 136 | `fields` ob'ektida `name` va `maxCount` kalitlar(keys)ni o'z ichiga olishi kerak. Misol: 137 | 138 | ```javascript 139 | [ 140 | { name: 'avatar', maxCount: 1 }, 141 | { name: 'gallery', maxCount: 8 } 142 | ] 143 | ``` 144 | 145 | #### `.none()` 146 | 147 | Faqatgina matnli maydonlar(fields)ni oladi. Agarda biror fayl yuklansa, "LIMIT\_UNEXPECTED\_FILE" xatoligi yuboriladi. 148 | 149 | #### `.any()` 150 | 151 | Ushbu so'rov barcha fayllarni qabul qiladi, fayllar `req.files` ichida saqlanadi. 152 | 153 | **OGOHLANTIRISH:** Foydalanuvchi yuklagan fayllarni doimo boshqarib turishni unutmang. Ularni boshqa yo'l(route)ni kutmagan holda fayllarini yuklash imkonini beradigan global middleware sifatida multerni sozlamang. Faqatgina yuklangan fayllarni boshqarish kerak bo'lgan yo'l(route)larda ushbu funksiyani ishlating. 154 | 155 | ### `storage` 156 | 157 | #### `DiskStorage` 158 | 159 | Diskka saqlash motori(engine) sizga fayllarni saqlashda to'liq nazorat qilish imkonini beradi. 160 | 161 | ```javascript 162 | const storage = multer.diskStorage({ 163 | destination: function (req, file, cb) { 164 | cb(null, '/tmp/my-uploads') 165 | }, 166 | filename: function (req, file, cb) { 167 | cb(null, file.fieldname + '-' + Date.now()) 168 | } 169 | }) 170 | 171 | const upload = multer({ storage: storage }) 172 | ``` 173 | 174 | `destination` va `filename` qo'shimcha tanlovlari mavjud, ular ikkala ham qaysi papkada faylni saqlash kerakligini aniqlab turadigan funksiyalardir. 175 | 176 | `destination` yuklangan fayllarni qaysi papkada saqlash kerakligini aniqlab turadi. Bu, `string` sifatida berilishi mumkin (masalan, `'/tmp/uploads'`). Agar `destination` berilmagan bo'lsa, operatsion tizimning vaqtinchalik fayllar uchun ishlatiladigan papkasini ishlatadi. 177 | 178 | **Diqqat:** `destination` ni funksiya sifatida berib bo'lganda papka ochilganligiga o'zingiz javobgar bo'lasiz. Agar `string` sifatida bersangiz, multer papkani o'zi uchun yaratishni ta'minlaydi. 179 | 180 | `filename` faylni papka ichida qanday nomlanganligini aniqlaydi. Agar `filename` berilmagan bo'lsa, har bir faylga fayl kengaytmasini o'z ichiga olmagan tasodifiy nom beriladi. 181 | 182 | **Diqqat:** Multer siz uchun fayl kengaytmasini qo'shmaydi, sizning funksiyangiz kengaytma bilan to'liq nomni qaytarishi kerak. 183 | 184 | Har bir funksiya `req` so'rovini va fayl haqida ma'lumotlarni (`file`) olish uchun o'tkaziladi. 185 | 186 | Diqqat qiling, `req.body` hali to'liq to'ldirilmagan bo'lishi mumkin. Bu mijozning maydon(field)larni va fayllarni serverga qanday yuborishiga bog'liq bo'ladi. 187 | 188 | Callback funktsiyasida ishlatiladigan chaqirish tartibini tushunish uchun (birinchi parametr sifatida null o‘tkazish talab etilishi) ko‘rish uchun quyidagi manzilga murojaat qiling: 189 | [Node.js da xatoliklarni ushlash](https://web.archive.org/web/20220417042018/https://www.joyent.com/node-js/production/design/errors) 190 | 191 | #### `MemoryStorage` 192 | 193 | Xotira saqlash motori fayllarni xotirada `Buffer` ob'ektlar sifatida saqlaydi. Uning qo'shimcha qiymatlari yo‘q. 194 | 195 | ```javascript 196 | const storage = multer.memoryStorage() 197 | const upload = multer({ storage: storage }) 198 | ``` 199 | Xotirada saqlash paytida, fayl ma'lumotlari `buffer` deb nomlanadigan maydonni o‘z ichiga oladi. 200 | 201 | **DIQQAT:** Juda katta fayllarni yuklash, yoki kichik fayllarni tez-tez yuklash, xotirada saqlash ishlatilganda, sizning ilovangizning xotirasini to'ldirib qo'yishi mumkin. 202 | 203 | ### `limits` 204 | 205 | Quyidagi xususiyatlar o'lchov(limit)larni aniqlaydigan obyekt. Multer ushbu obyektni to'g'ridan-to'g'ri busboy ga o'tkazadi va xususiyatlar tafsilotlari [busboy sahifasida](https://github.com/mscdex/busboy#busboy-methods)dan topishingiz mumkin. 206 | 207 | Quyidagi butun qiymatlar mavjud: 208 | 209 | Kalit(key) | Ta'rif | Odatiy qiymat 210 | --- |---------------------------------------------------------------------------------------------| --- 211 | `fieldNameSize` | Maksimal maydon nomi o'lchami | 100 bayt 212 | `fieldSize` | Maksimal maydon qiymati o'lchami (baytlarda) | 1MB 213 | `fields` | Fayl bo'lmagan maydonlarning maksimal soni | Cheklanmagan 214 | `fileSize` | Multipart form uchun faylning maksimal o'lchami (baytda) | Cheklanmagan 215 | `files` | Multipart form uchun fayllar sonining maksimal chegarasi | Cheklanmagan 216 | `parts` | Multipart form uchun fayllar sonining maksimal chegarasi (fieldlar va fayllar) | Cheklanmagan 217 | `headerPairs` | Multipart form uchun ma'lumotlar (kalit va qiymat juftliklari) sonining maksimal chegarasi | 2000 218 | 219 | Chegaralarni sozlash, DoS-hujumlariga qarshi saytingizni himoya qilishga yordam bera olishi mumkin 220 | 221 | ### `fileFilter` 222 | 223 | Bu, qaysi fayllarni yuklashi, qaysilarini o'tkazib yuborish kerakligini boshqarish uchun funksiya sifatida sozlasa bo'ladi. Funksiya quyidagi ko'rinishda bo'lishi kerak:" 224 | 225 | ```javascript 226 | function fileFilter (req, file, cb) { 227 | 228 | // Bu funksiya, faylni qabul qilish kerakligini anglatish uchun `cb` ni 229 | // boolean qiymat bilan chaqirish kerak. 230 | 231 | // Faylni qabul qilishni rad etish uchun false quyudagicha berilishi kerak: 232 | cb(null, false) 233 | 234 | // Faylni qabul qiilishni tasdiqlash uchun true quyudagicha berilishi kerak: 235 | cb(null, true) 236 | 237 | // Nimadir xato ketsa, siz har doim Error berishingiz mumkin: 238 | cb(new Error('I don\'t have a clue!')) 239 | 240 | } 241 | ``` 242 | 243 | ## Xatolar bilan ishlash 244 | 245 | Xatoga duch kelganda, Multer xatoni Expressga yuboradi. [standart express usuli](http://expressjs.com/guide/error-handling.html)dan foydalanib xatoni tartibliroq chiqarishingiz mumkin. 246 | 247 | Agar siz Multerdan chiqqan xatolarni aniqlamoqchi bo'lsangiz o'zingiz `middleware` funksiya yozishingiz mumkin. Shuningdek, agar siz faqat [Multer xatolarini](https://github.com/expressjs/multer/blob/main/lib/multer-error.js) ushlamoqchi bo'lsangiz, siz `multer` ob'ektiga yozilgan `MulterError` class ni ishlatishingiz mumkin (masalan, `err instanceof multer.MulterError`). 248 | 249 | 250 | ```javascript 251 | const multer = require('multer') 252 | const upload = multer().single('avatar') 253 | 254 | app.post('/profile', function (req, res) { 255 | upload(req, res, function (err) { 256 | if (err instanceof multer.MulterError) { 257 | // Yuklanishda Multerdan xatolik yuz berganda. 258 | } else { 259 | // Yuklanishda noma'lum xatolik yuz berganda. 260 | } 261 | 262 | // Hammasi muvaffaqqiyatli bo'lganda. 263 | }) 264 | }) 265 | ``` 266 | 267 | ## Maxsus saqlash mexanizmi 268 | 269 | O'zingizning saqlash dvigatelingizni qanday yaratish haqida ma'lumot olish: [Maxsus saqlash mexanizmi](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 270 | 271 | ## Litsenziya 272 | 273 | [MIT](LICENSE) 274 | 275 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 276 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 277 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 278 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 279 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 280 | [npm-url]: https://npmjs.org/package/multer 281 | [npm-version-image]: https://badgen.net/npm/v/multer 282 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 283 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-vi.md: -------------------------------------------------------------------------------- 1 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 2 | 3 | Multer là thư viện trung gian hỗ trợ việc xử lý `multipart/form-data`, mục đích chính cho việc upload file. Thư viện này dựa trên [busboy](https://github.com/mscdex/busboy) để hiệu quả hơn. 4 | 5 | **CHÚ Ý**: Multer sẽ không xử lý bất kỳ form nào ngoài multipart (`multipart/form-data`). 6 | 7 | ## Dịch: 8 | 9 | Các bạn có thể đọc ở các bản dịch ngôn ngữ khác: 10 | 11 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (Tiếng Anh) 12 | - [简体中文](https://github.com/expressjs/multer/blob/main/doc/README-zh-cn.md) (Chinese) 13 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (Korean) 14 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (Russian) 15 | 16 | ## Cài đặt 17 | 18 | ```sh 19 | $ npm install --save multer 20 | ``` 21 | 22 | ## Sử dụng 23 | 24 | Multer gắn thêm một object `body` và một object `file` (hoặc `files` trường hợp upload nhiều file) vào object `request`. Object `body` này sẽ chứa các biến text của form, còn object `file` (hoặc `files`) sẽ chứa các file được upload qua form. 25 | 26 | Cách sử sụng: 27 | 28 | Phải thêm `enctype="multipart/form-data"` vào form của bạn. 29 | 30 | ```html 31 |
32 | 33 |
34 | ``` 35 | 36 | ```javascript 37 | var express = require('express'); 38 | var multer = require('multer'); 39 | var upload = multer({ dest: 'uploads/' }); 40 | 41 | var app = express(); 42 | 43 | app.post('/profile', upload.single('avatar'), function(req, res, next) { 44 | // req.file là 1 file `avatar` được upload 45 | // req.body sẽ giữ thông tin gắn kèm (vd: text fields), nếu có 46 | }); 47 | 48 | app.post('/photos/upload', upload.array('photos', 12), function( 49 | req, 50 | res, 51 | next 52 | ) { 53 | // req.files là một mảng của các file `photos` 54 | // req.body sẽ giữ thông tin gắn kèm (vd: text fields), nếu có 55 | }); 56 | 57 | var uploadMiddleware = upload.fields([ 58 | { name: 'avatar', maxCount: 1 }, 59 | { name: 'gallery', maxCount: 8 }, 60 | ]); 61 | app.post('/cool-profile', uploadMiddleware, function(req, res, next) { 62 | // req.files là một object kiểu (String -> Array) mà fieldname là key, và value là mảng các files 63 | // 64 | // vd: 65 | // req.files['avatar'][0] -> File 66 | // req.files['gallery'] -> Array 67 | // 68 | // req.body sẽ giữ thông tin gắn kèm (vd: text fields), nếu có 69 | }); 70 | ``` 71 | 72 | Trong trường hợp bạn cần xử lý một multipart form chỉ chứa text, bạn nên sử dụng hàm `.none()`: 73 | 74 | ```javascript 75 | var express = require('express'); 76 | var app = express(); 77 | var multer = require('multer'); 78 | var upload = multer(); 79 | 80 | app.post('/profile', upload.none(), function(req, res, next) { 81 | // req.body sẽ giữ thông tin gắn kèm (vd: text fields) 82 | }); 83 | ``` 84 | 85 | ## API 86 | 87 | ### Thông tin File được upload 88 | 89 | Mỗi file sẽ chứa các thông tin sau: 90 | 91 | | Thuộc tính | Mô tả | Ghi chú | 92 | | -------------- | --------------------------------------------------------------- | ------------------------- | 93 | | `fieldname` | tên mỗi thuộc tính ở trong form | 94 | | `originalname` | Tên của file nằm trên máy của người dùng, trước khi được upload | 95 | | `encoding` | Kiểu Encoding của file | 96 | | `mimetype` | Mime type của file | `image/jpeg`, `image/png` | 97 | | `size` | Kích thước của file (theo bytes) | 98 | | `destination` | Đường dẫn tới thư mục file được lưu | `DiskStorage` | 99 | | `filename` | Tên của file (ở trong `destination`) | `DiskStorage` | 100 | | `path` | Đường dẫn đầy đủ tới file đã upload | `DiskStorage` | 101 | | `buffer` | Một `Buffer` của toàn bộ file | `MemoryStorage` | 102 | 103 | ### Tham số `multer(opts)` 104 | 105 | Multer chấp nhận một biến options. Cơ bản là thuộc tính `dest`, là nơi sẽ lưu 106 | file được uplaod. Trong trường hợp bỏ qua options này, file sẽ được giữ trong 107 | RAM và không được lưu trên ổ cứng. 108 | 109 | Mặc định, Multer sẽ đổi tên các file, vì vậy để tránh bị trùng lặp, bạn có thể 110 | tùy biến hàm đổi tên này. 111 | 112 | Dưới đây là các tùy chọn mà bạn có thể sử dụng: 113 | 114 | | Thuộc tính | Mô tả | 115 | | --------------------- | -------------------------------------------------- | 116 | | `dest` hoặc `storage` | Nơi lưu trữ file | 117 | | `fileFilter` | Hàm để xử lý chỉ những file nào mới được chấp nhận | 118 | | `limits` | Giới hạn dung lượng file được upload | 119 | | `preservePath` | Giữ đầy đủ đường dẫn tới file thay vì chỉ tên file | 120 | 121 | Nói chung với web app, chỉ `dest` mới cần khai báo, như bên dưới: 122 | 123 | ```javascript 124 | var upload = multer({ dest: 'uploads/' }); 125 | ``` 126 | 127 | Nếu bạn muốn tùy biến việc upload, bạn sẽ muốn dùng tùy chọn `storage` thay vì `dest`. 128 | Multer sẽ sử dụng 1 trong 2 cách `DiskStorage` và `MemoryStorage`; Hoặc các cách khác (với các thư viện ngoài). 129 | 130 | #### `.single(fieldname)` 131 | 132 | Chấp nhận chỉ một file với tên thuộc tính `fieldname`. File này truy cập qua `req.file`. 133 | 134 | #### `.array(fieldname[, maxCount])` 135 | 136 | Chấp nhận mảng các file, tất cả đều với tên `fieldname`. Một lỗi sẽ bắn ra nếu có 137 | nhiều hơn `maxCount` file được upload. Các file này được lưu ở `req.files`. 138 | 139 | #### `.fields(fields)` 140 | 141 | Chấp nhận nhiều file với thuộc tính `fields`. Một object với mảng các file được lưu ở `req.files`. 142 | 143 | `fields` là một mảng các object với thuộc tính `name` và có thể có thuộc tính `maxCount` hoặc không. 144 | 145 | Ví dụ: 146 | 147 | ```javascript 148 | [{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]; 149 | ``` 150 | 151 | #### `.none()` 152 | 153 | Chỉ chấp nhận các giá trị text trong form. Nếu bất kỳ file được đính 154 | kèm, một lỗi với mã "LIMIT_UNEXPECTED_FILE" sẽ bắn ra. 155 | 156 | #### `.any()` 157 | 158 | Chấp nhận tất cả file đến từ bất kỳ nguồn nào. Một mảng các file sẽ được lưu 159 | ở `req.files`. 160 | 161 | **CHÚ Ý:** Hãy chắc chắn bạn không bỏ qua bất kỳ file nào mà người dùng upload. 162 | Đừng bao giờ khai báo Multer như một middleware toàn cục, vì người dùng có thể upload 163 | các file tới một api nào đó mà bạn không biết. Chỉ sử dụng hàm này ở trên api mà bạn 164 | muốn xử lý việc upload file. 165 | 166 | ### `storage` 167 | 168 | #### `DiskStorage` 169 | 170 | Cơ chế lưu trữ trên ổ đĩa cho phép bạn có đầy đủ quyền để thao tác với file. 171 | 172 | ```javascript 173 | var storage = multer.diskStorage({ 174 | destination: function(req, file, cb) { 175 | cb(null, '/tmp/my-uploads'); 176 | }, 177 | filename: function(req, file, cb) { 178 | cb(null, file.fieldname + '-' + Date.now()); 179 | }, 180 | }); 181 | 182 | var upload = multer({ storage: storage }); 183 | ``` 184 | 185 | Có 2 tùy chọn, `destination` và `filename`. Chúng đều dùng để xác định nơi nào 186 | file sẽ được lưu trữ. 187 | 188 | `destination` được dùng để xác định thư mục nào file được upload. Có thể là một 189 | `string` (vd: `'/tmp/uploads'`). Nếu không khai báo `destination`, thư mục tạm 190 | (của hệ điều hành) sẽ được dùng để chứa các file đó. 191 | 192 | **Ghi chú:** Nếu bạn khai báo `destination` là một hàm, bạn phải tự tạo đường 193 | dẫn. Còn nếu truyền vào một string, multer sẽ đảm bảo việc tạo đường dẫn đó cho bạn. 194 | 195 | `filename` được dùng để xác định file nào sẽ được lưu trong thư mục. Nếu không 196 | có `filename` nào, mỗi file sẽ nhận tên ngẫu nhiên mà không bao gồm đuôi của file. 197 | 198 | **Ghi chú:** Multer sẽ không thêm bất kỳ đuôi file nào cho bạn, hàm của bạn nên 199 | trả về một file với đuôi của nó. 200 | 201 | Mỗi hàm được truyền cả ở request (`req`) và thông tin về file (`file`) để xử lý. 202 | 203 | Chú ý `req.body` có thể không chứa đầy đủ thông tin, phụ thuộc việc thứ tự các 204 | trường dữ liệu và file được gửi tới server lúc nào. 205 | 206 | #### `MemoryStorage` 207 | 208 | Memory storage lưu các file ở bộ nhớ máy dưới dạng một object `Buffer`. Nó không 209 | có bất kỳ tùy chọn nào. 210 | 211 | ```javascript 212 | var storage = multer.memoryStorage(); 213 | var upload = multer({ storage: storage }); 214 | ``` 215 | 216 | Khi sử dụng memory storage, thông tin file sẽ chứa một trường `buffer`, trường 217 | này chứa toàn bộ file. 218 | 219 | **CHÚ Ý**: Việc upload file rất lớn, hoặc tương tự việc nhiều file nhỏ, có thể 220 | gây ra tràn bộ nhớ khi memory storage được sử dụng. 221 | 222 | ### `limits` 223 | 224 | Một object mô tả giới hạn kích thước trong thuộc tính nên được sử dụng. Multer truyền object này trực tiếp vào busboy, và chi tiết của busboy có thể xem thêm ở [busboy's page](https://github.com/mscdex/busboy#busboy-methods). 225 | 226 | Các số dưới dây cũng có thể được dùng: 227 | 228 | | Thuộc tính | Mô tả | Giá trị mặc định | 229 | | --------------- | -------------------------------------------------------------------- | ---------------- | 230 | | `fieldNameSize` | Độ dài tối đa của tên field | 100 bytes | 231 | | `fieldSize` | Kích thước tối đa của mỗi field (theo bytes) | 1MB | 232 | | `fields` | Số lượng tối đa của các fields không phải là file | Infinity | 233 | | `fileSize` | Cho multipart forms, kích thước tối đa của file (theo bytes) | Infinity | 234 | | `files` | Cho multipart forms, số lượng file tối đa | Infinity | 235 | | `parts` | Cho multipart forms, số lượng tối đa của parts (gồm fields + files) | Infinity | 236 | | `headerPairs` | Cho multipart forms, số tối đa trong header cặp key=>value để truyền | 2000 | 237 | 238 | Khai báo các giới hạn này giúp cho site của bạn chống lại các tấn công nguy hiểm (DoS). 239 | 240 | ### `fileFilter` 241 | 242 | Dùng hàm này để xử lý các file nào cho phép và bị bỏ qua. Xem ví dụ dưới dây: 243 | 244 | ```javascript 245 | function fileFilter(req, file, cb) { 246 | // hàm này sẽ gọi callback `cb` với 1 biến boolean 247 | // để chỉ ra rằng file có được chấp nhận hay không 248 | 249 | // Để chặn file này, truyền `false` như sau: 250 | cb(null, false); 251 | 252 | // Để chấp nhận file này, truỳen `true`, như sau: 253 | cb(null, true); 254 | 255 | // Hoặc bạn có thể truyền vào 1 lỗi nếu có vấn đề xảy ra: 256 | cb(new Error("I don't have a clue!")); 257 | } 258 | ``` 259 | 260 | ## Error handling 261 | 262 | Khi một lỗi xảy ra, Multer sẽ gửi lỗi đó cho Express. Bạn có thể hiển thị 263 | đẹp hơn sử dụng [cách bắt lỗi chuẩn của Express](http://expressjs.com/guide/error-handling.html). 264 | 265 | Nếu bạn muốn bắt các lỗi cụ thể từ Multer, bạn có thể tự gọi hàm trung gian (middleware) này. Ngoài ra, nếu bạn chỉ muốn bắt [lỗi của Multer](https://github.com/expressjs/multer/blob/main/lib/multer-error.js), bạn có thể dùng class `MulterError` được đính kèm với chính object `multer` (vd: `err instanceof multer.MulterError`). 266 | 267 | ```javascript 268 | var multer = require('multer'); 269 | var upload = multer().single('avatar'); 270 | 271 | app.post('/profile', function(req, res) { 272 | upload(req, res, function(err) { 273 | if (err instanceof multer.MulterError) { 274 | // Một lỗi của Multer xảy ra khi upload. 275 | } else if (err) { 276 | // Một lỗi không xác định xảy ra khi upload. 277 | } 278 | 279 | // Mọi thứ khác chạy ok. 280 | }); 281 | }); 282 | ``` 283 | 284 | ## Tùy chọn storage engine 285 | 286 | Để làm sao tự xây dựng cơ chế lưu file riêng của mình, hãy xem [Multer Storage Engine](https://github.com/expressjs/multer/blob/main/StorageEngine.md). 287 | 288 | ## License 289 | 290 | [MIT](LICENSE) 291 | 292 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 293 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 294 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 295 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 296 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 297 | [npm-url]: https://npmjs.org/package/multer 298 | [npm-version-image]: https://badgen.net/npm/v/multer 299 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 300 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /doc/README-zh-cn.md: -------------------------------------------------------------------------------- 1 | **此文档于2016年10月3日翻译时multer的版本是1.2.0,它可能不是最新的!** 2 | **甚至可能存在翻译错误!你可能需要阅读原版英语[README](../README.md)** 3 | **此文档仅供参考!** 4 | 5 | # Multer [![NPM Version][npm-version-image]][npm-url] [![NPM Downloads][npm-downloads-image]][npm-url] [![Build Status][ci-image]][ci-url] [![Test Coverage][test-image]][test-url] [![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer] 6 | 7 | Multer 是一个 node.js 中间件,用于处理 `multipart/form-data` 类型的表单数据,它主要用于上传文件。它是写在 [busboy](https://github.com/mscdex/busboy) 之上非常高效。 8 | 9 | **注意**: Multer 不会处理任何非 `multipart/form-data` 类型的表单数据。 10 | 11 | ## 其它语言 12 | 13 | - [العربية](https://github.com/expressjs/multer/blob/main/doc/README-ar.md) (阿拉伯语) 14 | - [English](https://github.com/expressjs/multer/blob/main/README.md) (英语) 15 | - [Español](https://github.com/expressjs/multer/blob/main/doc/README-es.md) (西班牙文) 16 | - [한국어](https://github.com/expressjs/multer/blob/main/doc/README-ko.md) (朝鲜语) 17 | - [Русский язык](https://github.com/expressjs/multer/blob/main/doc/README-ru.md) (俄語) 18 | - [Português](https://github.com/expressjs/multer/blob/main/doc/README-pt-br.md) (巴西葡萄牙语) 19 | 20 | ## 安装 21 | 22 | ```sh 23 | $ npm install --save multer 24 | ``` 25 | 26 | ## 使用 27 | 28 | Multer 会添加一个 `body` 对象 以及 `file` 或 `files` 对象 到 express 的 `request` 对象中。 29 | `body` 对象包含表单的文本域信息,`file` 或 `files` 对象包含对象表单上传的文件信息。 30 | 31 | 基本使用方法: 32 | 33 | ```javascript 34 | const express = require('express') 35 | const multer = require('multer') 36 | const upload = multer({ dest: 'uploads/' }) 37 | 38 | const app = express() 39 | 40 | app.post('/profile', upload.single('avatar'), function (req, res, next) { 41 | // req.file 是 `avatar` 文件的信息 42 | // req.body 将具有文本域数据,如果存在的话 43 | }) 44 | 45 | app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { 46 | // req.files 是 `photos` 文件数组的信息 47 | // req.body 将具有文本域数据,如果存在的话 48 | }) 49 | 50 | const uploadMiddleware = upload.fields([{ name: 'avatar', maxCount: 1 }, { name: 'gallery', maxCount: 8 }]) 51 | app.post('/cool-profile', uploadMiddleware, function (req, res, next) { 52 | // req.files 是一个对象 (String -> Array) 键是文件名,值是文件数组 53 | // 54 | // 例如: 55 | // req.files['avatar'][0] -> File 56 | // req.files['gallery'] -> Array 57 | // 58 | // req.body 将具有文本域数据,如果存在的话 59 | }) 60 | ``` 61 | 62 | 如果你需要处理一个只有文本域的表单,你应当使用 `.none()`: 63 | 64 | ```javascript 65 | const express = require('express') 66 | const app = express() 67 | const multer = require('multer') 68 | const upload = multer() 69 | 70 | app.post('/profile', upload.none(), function (req, res, next) { 71 | // req.body 包含文本域 72 | }) 73 | ``` 74 | 75 | ## API 76 | 77 | ### 文件信息 78 | 79 | 每个文件具有下面的信息: 80 | 81 | Key | Description | Note 82 | --- | --- | --- 83 | `fieldname` | Field name 由表单指定 | 84 | `originalname` | 用户计算机上的文件的名称 | 85 | `encoding` | 文件编码 | 86 | `mimetype` | 文件的 MIME 类型 | 87 | `size` | 文件大小(字节单位) | 88 | `destination` | 保存路径 | `DiskStorage` 89 | `filename` | 保存在 `destination` 中的文件名 | `DiskStorage` 90 | `path` | 已上传文件的完整路径 | `DiskStorage` 91 | `buffer` | 一个存放了整个文件的 `Buffer` | `MemoryStorage` 92 | 93 | ### `multer(opts)` 94 | 95 | Multer 接受一个 options 对象,其中最基本的是 `dest` 属性,这将告诉 Multer 将上传文件保存在哪。如果你省略 options 对象,这些文件将保存在内存中,永远不会写入磁盘。 96 | 97 | 为了避免命名冲突,Multer 会修改上传的文件名。这个重命名功能可以根据您的需要定制。 98 | 99 | 以下是可以传递给 Multer 的选项。 100 | 101 | Key | Description 102 | --- | --- 103 | `dest` or `storage` | 在哪里存储文件 104 | `fileFilter` | 文件过滤器,控制哪些文件可以被接受 105 | `limits` | 限制上传的数据 106 | `preservePath` | 保存包含文件名的完整文件路径 107 | 108 | 通常,一般的网页应用,只需要设置 `dest` 属性,像这样: 109 | 110 | ```javascript 111 | const upload = multer({ dest: 'uploads/' }) 112 | ``` 113 | 114 | 如果你想在上传时进行更多的控制,你可以使用 `storage` 选项替代 `dest`。Multer 具有 `DiskStorage` 和 `MemoryStorage` 两个存储引擎;另外还可以从第三方获得更多可用的引擎。 115 | 116 | #### `.single(fieldname)` 117 | 118 | 接受一个以 `fieldname` 命名的文件。这个文件的信息保存在 `req.file`。 119 | 120 | #### `.array(fieldname[, maxCount])` 121 | 122 | 接受一个以 `fieldname` 命名的文件数组。可以配置 `maxCount` 来限制上传的最大数量。这些文件的信息保存在 `req.files`。 123 | 124 | #### `.fields(fields)` 125 | 126 | 接受指定 `fields` 的混合文件。这些文件的信息保存在 `req.files`。 127 | 128 | `fields` 应该是一个对象数组,应该具有 `name` 和可选的 `maxCount` 属性。 129 | 130 | Example: 131 | 132 | ```javascript 133 | [ 134 | { name: 'avatar', maxCount: 1 }, 135 | { name: 'gallery', maxCount: 8 } 136 | ] 137 | ``` 138 | 139 | #### `.none()` 140 | 141 | 只接受文本域。如果任何文件上传到这个模式,将发生 "LIMIT\_UNEXPECTED\_FILE" 错误。这和 `upload.fields([])` 的效果一样。 142 | 143 | #### `.any()` 144 | 145 | 接受一切上传的文件。文件数组将保存在 `req.files`。 146 | 147 | **警告:** 确保你总是处理了用户的文件上传。 148 | 永远不要将 multer 作为全局中间件使用,因为恶意用户可以上传文件到一个你没有预料到的路由,应该只在你需要处理上传文件的路由上使用。 149 | 150 | ### `storage` 151 | 152 | #### 磁盘存储引擎 (`DiskStorage`) 153 | 154 | 磁盘存储引擎可以让你控制文件的存储。 155 | 156 | ```javascript 157 | const storage = multer.diskStorage({ 158 | destination: function (req, file, cb) { 159 | cb(null, '/tmp/my-uploads') 160 | }, 161 | filename: function (req, file, cb) { 162 | cb(null, file.fieldname + '-' + Date.now()) 163 | } 164 | }) 165 | 166 | const upload = multer({ storage: storage }) 167 | ``` 168 | 169 | 有两个选项可用,`destination` 和 `filename`。他们都是用来确定文件存储位置的函数。 170 | 171 | `destination` 是用来确定上传的文件应该存储在哪个文件夹中。也可以提供一个 `string` (例如 `'/tmp/uploads'`)。如果没有设置 `destination`,则使用操作系统默认的临时文件夹。 172 | 173 | **注意:** 如果你提供的 `destination` 是一个函数,你需要负责创建文件夹。当提供一个字符串,multer 将确保这个文件夹是你创建的。 174 | 175 | `filename` 用于确定文件夹中的文件名的确定。 如果没有设置 `filename`,每个文件将设置为一个随机文件名,并且是没有扩展名的。 176 | 177 | **注意:** Multer 不会为你添加任何扩展名,你的程序应该返回一个完整的文件名。 178 | 179 | 每个函数都传递了请求对象 (`req`) 和一些关于这个文件的信息 (`file`),有助于你的决定。 180 | 181 | 注意 `req.body` 可能还没有完全填充,这取决于向客户端发送字段和文件到服务器的顺序。 182 | 183 | #### 内存存储引擎 (`MemoryStorage`) 184 | 185 | 内存存储引擎将文件存储在内存中的 `Buffer` 对象,它没有任何选项。 186 | 187 | ```javascript 188 | const storage = multer.memoryStorage() 189 | const upload = multer({ storage: storage }) 190 | ``` 191 | 192 | 当使用内存存储引擎,文件信息将包含一个 `buffer` 字段,里面包含了整个文件数据。 193 | 194 | **警告**: 当你使用内存存储,上传非常大的文件,或者非常多的小文件,会导致你的应用程序内存溢出。 195 | 196 | ### `limits` 197 | 一个对象,指定一些数据大小的限制。Multer 通过这个对象使用 busboy,详细的特性可以在 [busboy's page](https://github.com/mscdex/busboy#busboy-methods) 找到。 198 | 199 | 可以使用下面这些: 200 | 201 | Key | Description | Default 202 | --- | --- | --- 203 | `fieldNameSize` | field 名字最大长度 | 100 bytes 204 | `fieldSize` | field 值的最大长度 | 1MB 205 | `fields` | 非文件 field 的最大数量 | 无限 206 | `fileSize` | 在 multipart 表单中,文件最大长度 (字节单位) | 无限 207 | `files` | 在 multipart 表单中,文件最大数量 | 无限 208 | `parts` | 在 multipart 表单中,part 传输的最大数量(fields + files) | 无限 209 | `headerPairs` | 在 multipart 表单中,键值对最大组数 | 2000 210 | 211 | 设置 limits 可以帮助保护你的站点抵御拒绝服务 (DoS) 攻击。 212 | 213 | ### `fileFilter` 214 | 设置一个函数来控制什么文件可以上传以及什么文件应该跳过,这个函数应该看起来像这样: 215 | 216 | ```javascript 217 | function fileFilter (req, file, cb) { 218 | 219 | // 这个函数应该调用 `cb` 用boolean值来 220 | // 指示是否应接受该文件 221 | 222 | // 拒绝这个文件,使用`false`,像这样: 223 | cb(null, false) 224 | 225 | // 接受这个文件,使用`true`,像这样: 226 | cb(null, true) 227 | 228 | // 如果有问题,你可以总是这样发送一个错误: 229 | cb(new Error('I don\'t have a clue!')) 230 | 231 | } 232 | ``` 233 | 234 | ## 错误处理机制 235 | 236 | 当遇到一个错误,multer 将会把错误发送给 express。你可以使用一个比较好的错误展示页 ([express标准方式](http://expressjs.com/guide/error-handling.html))。 237 | 238 | 如果你想捕捉 multer 发出的错误,你可以自己调用中间件程序。如果你想捕捉 [Multer 错误](https://github.com/expressjs/multer/blob/main/lib/multer-error.js),你可以使用 `multer` 对象下的 `MulterError` 类 (即 `err instanceof multer.MulterError`)。 239 | 240 | ```javascript 241 | const multer = require('multer') 242 | const upload = multer().single('avatar') 243 | 244 | app.post('/profile', function (req, res) { 245 | upload(req, res, function (err) { 246 | if (err instanceof multer.MulterError) { 247 | // 发生错误 248 | } else if (err) { 249 | // 发生错误 250 | } 251 | 252 | // 一切都好 253 | }) 254 | }) 255 | ``` 256 | 257 | ## 定制存储引擎 258 | 259 | 如果你想要构建自己的存储引擎,请看 [这里](/StorageEngine.md) 。 260 | 261 | ## License 262 | 263 | [MIT](LICENSE) 264 | 265 | [ci-image]: https://github.com/expressjs/multer/actions/workflows/ci.yml/badge.svg 266 | [ci-url]: https://github.com/expressjs/multer/actions/workflows/ci.yml 267 | [test-url]: https://coveralls.io/r/expressjs/multer?branch=main 268 | [test-image]: https://badgen.net/coveralls/c/github/expressjs/multer/main 269 | [npm-downloads-image]: https://badgen.net/npm/dm/multer 270 | [npm-url]: https://npmjs.org/package/multer 271 | [npm-version-image]: https://badgen.net/npm/v/multer 272 | [ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/multer/badge 273 | [ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/multer -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | var makeMiddleware = require('./lib/make-middleware') 2 | 3 | var diskStorage = require('./storage/disk') 4 | var memoryStorage = require('./storage/memory') 5 | var MulterError = require('./lib/multer-error') 6 | 7 | function allowAll (req, file, cb) { 8 | cb(null, true) 9 | } 10 | 11 | function Multer (options) { 12 | if (options.storage) { 13 | this.storage = options.storage 14 | } else if (options.dest) { 15 | this.storage = diskStorage({ destination: options.dest }) 16 | } else { 17 | this.storage = memoryStorage() 18 | } 19 | 20 | this.limits = options.limits 21 | this.preservePath = options.preservePath 22 | this.fileFilter = options.fileFilter || allowAll 23 | } 24 | 25 | Multer.prototype._makeMiddleware = function (fields, fileStrategy) { 26 | function setup () { 27 | var fileFilter = this.fileFilter 28 | var filesLeft = Object.create(null) 29 | 30 | fields.forEach(function (field) { 31 | if (typeof field.maxCount === 'number') { 32 | filesLeft[field.name] = field.maxCount 33 | } else { 34 | filesLeft[field.name] = Infinity 35 | } 36 | }) 37 | 38 | function wrappedFileFilter (req, file, cb) { 39 | if ((filesLeft[file.fieldname] || 0) <= 0) { 40 | return cb(new MulterError('LIMIT_UNEXPECTED_FILE', file.fieldname)) 41 | } 42 | 43 | filesLeft[file.fieldname] -= 1 44 | fileFilter(req, file, cb) 45 | } 46 | 47 | return { 48 | limits: this.limits, 49 | preservePath: this.preservePath, 50 | storage: this.storage, 51 | fileFilter: wrappedFileFilter, 52 | fileStrategy: fileStrategy 53 | } 54 | } 55 | 56 | return makeMiddleware(setup.bind(this)) 57 | } 58 | 59 | Multer.prototype.single = function (name) { 60 | return this._makeMiddleware([{ name: name, maxCount: 1 }], 'VALUE') 61 | } 62 | 63 | Multer.prototype.array = function (name, maxCount) { 64 | return this._makeMiddleware([{ name: name, maxCount: maxCount }], 'ARRAY') 65 | } 66 | 67 | Multer.prototype.fields = function (fields) { 68 | return this._makeMiddleware(fields, 'OBJECT') 69 | } 70 | 71 | Multer.prototype.none = function () { 72 | return this._makeMiddleware([], 'NONE') 73 | } 74 | 75 | Multer.prototype.any = function () { 76 | function setup () { 77 | return { 78 | limits: this.limits, 79 | preservePath: this.preservePath, 80 | storage: this.storage, 81 | fileFilter: this.fileFilter, 82 | fileStrategy: 'ARRAY' 83 | } 84 | } 85 | 86 | return makeMiddleware(setup.bind(this)) 87 | } 88 | 89 | function multer (options) { 90 | if (options === undefined) { 91 | return new Multer({}) 92 | } 93 | 94 | if (typeof options === 'object' && options !== null) { 95 | return new Multer(options) 96 | } 97 | 98 | throw new TypeError('Expected object for argument options') 99 | } 100 | 101 | module.exports = multer 102 | module.exports.diskStorage = diskStorage 103 | module.exports.memoryStorage = memoryStorage 104 | module.exports.MulterError = MulterError 105 | -------------------------------------------------------------------------------- /lib/counter.js: -------------------------------------------------------------------------------- 1 | var EventEmitter = require('events').EventEmitter 2 | 3 | function Counter () { 4 | EventEmitter.call(this) 5 | this.value = 0 6 | } 7 | 8 | Counter.prototype = Object.create(EventEmitter.prototype) 9 | 10 | Counter.prototype.increment = function increment () { 11 | this.value++ 12 | } 13 | 14 | Counter.prototype.decrement = function decrement () { 15 | if (--this.value === 0) this.emit('zero') 16 | } 17 | 18 | Counter.prototype.isZero = function isZero () { 19 | return (this.value === 0) 20 | } 21 | 22 | Counter.prototype.onceZero = function onceZero (fn) { 23 | if (this.isZero()) return fn() 24 | 25 | this.once('zero', fn) 26 | } 27 | 28 | module.exports = Counter 29 | -------------------------------------------------------------------------------- /lib/file-appender.js: -------------------------------------------------------------------------------- 1 | var objectAssign = require('object-assign') 2 | 3 | function arrayRemove (arr, item) { 4 | var idx = arr.indexOf(item) 5 | if (~idx) arr.splice(idx, 1) 6 | } 7 | 8 | function FileAppender (strategy, req) { 9 | this.strategy = strategy 10 | this.req = req 11 | 12 | switch (strategy) { 13 | case 'NONE': break 14 | case 'VALUE': break 15 | case 'ARRAY': req.files = []; break 16 | case 'OBJECT': req.files = Object.create(null); break 17 | default: throw new Error('Unknown file strategy: ' + strategy) 18 | } 19 | } 20 | 21 | FileAppender.prototype.insertPlaceholder = function (file) { 22 | var placeholder = { 23 | fieldname: file.fieldname 24 | } 25 | 26 | switch (this.strategy) { 27 | case 'NONE': break 28 | case 'VALUE': break 29 | case 'ARRAY': this.req.files.push(placeholder); break 30 | case 'OBJECT': 31 | if (this.req.files[file.fieldname]) { 32 | this.req.files[file.fieldname].push(placeholder) 33 | } else { 34 | this.req.files[file.fieldname] = [placeholder] 35 | } 36 | break 37 | } 38 | 39 | return placeholder 40 | } 41 | 42 | FileAppender.prototype.removePlaceholder = function (placeholder) { 43 | switch (this.strategy) { 44 | case 'NONE': break 45 | case 'VALUE': break 46 | case 'ARRAY': arrayRemove(this.req.files, placeholder); break 47 | case 'OBJECT': 48 | if (this.req.files[placeholder.fieldname].length === 1) { 49 | delete this.req.files[placeholder.fieldname] 50 | } else { 51 | arrayRemove(this.req.files[placeholder.fieldname], placeholder) 52 | } 53 | break 54 | } 55 | } 56 | 57 | FileAppender.prototype.replacePlaceholder = function (placeholder, file) { 58 | if (this.strategy === 'VALUE') { 59 | this.req.file = file 60 | return 61 | } 62 | 63 | delete placeholder.fieldname 64 | objectAssign(placeholder, file) 65 | } 66 | 67 | module.exports = FileAppender 68 | -------------------------------------------------------------------------------- /lib/make-middleware.js: -------------------------------------------------------------------------------- 1 | var is = require('type-is') 2 | var Busboy = require('busboy') 3 | var extend = require('xtend') 4 | var appendField = require('append-field') 5 | 6 | var Counter = require('./counter') 7 | var MulterError = require('./multer-error') 8 | var FileAppender = require('./file-appender') 9 | var removeUploadedFiles = require('./remove-uploaded-files') 10 | 11 | function drainStream (stream) { 12 | stream.on('readable', () => { 13 | while (stream.read() !== null) {} 14 | }) 15 | } 16 | 17 | function makeMiddleware (setup) { 18 | return function multerMiddleware (req, res, next) { 19 | if (!is(req, ['multipart'])) return next() 20 | 21 | var options = setup() 22 | 23 | var limits = options.limits 24 | var storage = options.storage 25 | var fileFilter = options.fileFilter 26 | var fileStrategy = options.fileStrategy 27 | var preservePath = options.preservePath 28 | 29 | req.body = Object.create(null) 30 | 31 | req.on('error', function (err) { 32 | abortWithError(err) 33 | }) 34 | 35 | var busboy 36 | 37 | try { 38 | busboy = Busboy({ headers: req.headers, limits: limits, preservePath: preservePath }) 39 | } catch (err) { 40 | return next(err) 41 | } 42 | 43 | var appender = new FileAppender(fileStrategy, req) 44 | var isDone = false 45 | var readFinished = false 46 | var errorOccured = false 47 | var pendingWrites = new Counter() 48 | var uploadedFiles = [] 49 | 50 | function done (err) { 51 | if (isDone) return 52 | isDone = true 53 | req.unpipe(busboy) 54 | drainStream(req) 55 | req.resume() 56 | setImmediate(() => { 57 | busboy.removeAllListeners() 58 | }) 59 | next(err) 60 | } 61 | 62 | function indicateDone () { 63 | if (readFinished && pendingWrites.isZero() && !errorOccured) done() 64 | } 65 | 66 | function abortWithError (uploadError) { 67 | if (errorOccured) return 68 | errorOccured = true 69 | 70 | pendingWrites.onceZero(function () { 71 | function remove (file, cb) { 72 | storage._removeFile(req, file, cb) 73 | } 74 | 75 | removeUploadedFiles(uploadedFiles, remove, function (err, storageErrors) { 76 | if (err) return done(err) 77 | 78 | uploadError.storageErrors = storageErrors 79 | done(uploadError) 80 | }) 81 | }) 82 | } 83 | 84 | function abortWithCode (code, optionalField) { 85 | abortWithError(new MulterError(code, optionalField)) 86 | } 87 | 88 | // handle text field data 89 | busboy.on('field', function (fieldname, value, { nameTruncated, valueTruncated }) { 90 | if (fieldname == null) return abortWithCode('MISSING_FIELD_NAME') 91 | if (nameTruncated) return abortWithCode('LIMIT_FIELD_KEY') 92 | if (valueTruncated) return abortWithCode('LIMIT_FIELD_VALUE', fieldname) 93 | 94 | // Work around bug in Busboy (https://github.com/mscdex/busboy/issues/6) 95 | if (limits && Object.prototype.hasOwnProperty.call(limits, 'fieldNameSize')) { 96 | if (fieldname.length > limits.fieldNameSize) return abortWithCode('LIMIT_FIELD_KEY') 97 | } 98 | 99 | appendField(req.body, fieldname, value) 100 | }) 101 | 102 | // handle files 103 | busboy.on('file', function (fieldname, fileStream, { filename, encoding, mimeType }) { 104 | if (fieldname == null) return abortWithCode('MISSING_FIELD_NAME') 105 | 106 | // don't attach to the files object, if there is no file 107 | if (!filename) return fileStream.resume() 108 | 109 | // Work around bug in Busboy (https://github.com/mscdex/busboy/issues/6) 110 | if (limits && Object.prototype.hasOwnProperty.call(limits, 'fieldNameSize')) { 111 | if (fieldname.length > limits.fieldNameSize) return abortWithCode('LIMIT_FIELD_KEY') 112 | } 113 | 114 | var file = { 115 | fieldname: fieldname, 116 | originalname: filename, 117 | encoding: encoding, 118 | mimetype: mimeType 119 | } 120 | 121 | var placeholder = appender.insertPlaceholder(file) 122 | 123 | fileFilter(req, file, function (err, includeFile) { 124 | if (err) { 125 | appender.removePlaceholder(placeholder) 126 | return abortWithError(err) 127 | } 128 | 129 | if (!includeFile) { 130 | appender.removePlaceholder(placeholder) 131 | return fileStream.resume() 132 | } 133 | 134 | var aborting = false 135 | pendingWrites.increment() 136 | 137 | Object.defineProperty(file, 'stream', { 138 | configurable: true, 139 | enumerable: false, 140 | value: fileStream 141 | }) 142 | 143 | fileStream.on('error', function (err) { 144 | pendingWrites.decrement() 145 | abortWithError(err) 146 | }) 147 | 148 | fileStream.on('limit', function () { 149 | aborting = true 150 | abortWithCode('LIMIT_FILE_SIZE', fieldname) 151 | }) 152 | 153 | storage._handleFile(req, file, function (err, info) { 154 | if (aborting) { 155 | appender.removePlaceholder(placeholder) 156 | uploadedFiles.push(extend(file, info)) 157 | return pendingWrites.decrement() 158 | } 159 | 160 | if (err) { 161 | appender.removePlaceholder(placeholder) 162 | pendingWrites.decrement() 163 | return abortWithError(err) 164 | } 165 | 166 | var fileInfo = extend(file, info) 167 | 168 | appender.replacePlaceholder(placeholder, fileInfo) 169 | uploadedFiles.push(fileInfo) 170 | pendingWrites.decrement() 171 | indicateDone() 172 | }) 173 | }) 174 | }) 175 | 176 | busboy.on('error', function (err) { abortWithError(err) }) 177 | busboy.on('partsLimit', function () { abortWithCode('LIMIT_PART_COUNT') }) 178 | busboy.on('filesLimit', function () { abortWithCode('LIMIT_FILE_COUNT') }) 179 | busboy.on('fieldsLimit', function () { abortWithCode('LIMIT_FIELD_COUNT') }) 180 | busboy.on('close', function () { 181 | readFinished = true 182 | indicateDone() 183 | }) 184 | 185 | req.pipe(busboy) 186 | } 187 | } 188 | 189 | module.exports = makeMiddleware 190 | -------------------------------------------------------------------------------- /lib/multer-error.js: -------------------------------------------------------------------------------- 1 | var util = require('util') 2 | 3 | var errorMessages = { 4 | LIMIT_PART_COUNT: 'Too many parts', 5 | LIMIT_FILE_SIZE: 'File too large', 6 | LIMIT_FILE_COUNT: 'Too many files', 7 | LIMIT_FIELD_KEY: 'Field name too long', 8 | LIMIT_FIELD_VALUE: 'Field value too long', 9 | LIMIT_FIELD_COUNT: 'Too many fields', 10 | LIMIT_UNEXPECTED_FILE: 'Unexpected field', 11 | MISSING_FIELD_NAME: 'Field name missing' 12 | } 13 | 14 | function MulterError (code, field) { 15 | Error.captureStackTrace(this, this.constructor) 16 | this.name = this.constructor.name 17 | this.message = errorMessages[code] 18 | this.code = code 19 | if (field) this.field = field 20 | } 21 | 22 | util.inherits(MulterError, Error) 23 | 24 | module.exports = MulterError 25 | -------------------------------------------------------------------------------- /lib/remove-uploaded-files.js: -------------------------------------------------------------------------------- 1 | function removeUploadedFiles (uploadedFiles, remove, cb) { 2 | var length = uploadedFiles.length 3 | var errors = [] 4 | 5 | if (length === 0) return cb(null, errors) 6 | 7 | function handleFile (idx) { 8 | var file = uploadedFiles[idx] 9 | 10 | remove(file, function (err) { 11 | if (err) { 12 | err.file = file 13 | err.field = file.fieldname 14 | errors.push(err) 15 | } 16 | 17 | if (idx < length - 1) { 18 | handleFile(idx + 1) 19 | } else { 20 | cb(null, errors) 21 | } 22 | }) 23 | } 24 | 25 | handleFile(0) 26 | } 27 | 28 | module.exports = removeUploadedFiles 29 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "multer", 3 | "description": "Middleware for handling `multipart/form-data`.", 4 | "version": "2.0.1", 5 | "contributors": [ 6 | "Hage Yaapa (http://www.hacksparrow.com)", 7 | "Jaret Pfluger ", 8 | "Linus Unnebäck " 9 | ], 10 | "license": "MIT", 11 | "repository": "expressjs/multer", 12 | "keywords": [ 13 | "form", 14 | "post", 15 | "multipart", 16 | "form-data", 17 | "formdata", 18 | "express", 19 | "middleware" 20 | ], 21 | "dependencies": { 22 | "append-field": "^1.0.0", 23 | "busboy": "^1.6.0", 24 | "concat-stream": "^2.0.0", 25 | "mkdirp": "^0.5.6", 26 | "object-assign": "^4.1.1", 27 | "type-is": "^1.6.18", 28 | "xtend": "^4.0.2" 29 | }, 30 | "devDependencies": { 31 | "deep-equal": "^2.0.3", 32 | "express": "^4.21.2", 33 | "form-data": "^4.0.2", 34 | "fs-temp": "^1.2.1", 35 | "mocha": "^11.5.0", 36 | "nyc": "^15.1.0", 37 | "rimraf": "^2.4.1", 38 | "standard": "^14.3.3", 39 | "testdata-w3c-json-form": "^1.0.0" 40 | }, 41 | "engines": { 42 | "node": ">= 10.16.0" 43 | }, 44 | "files": [ 45 | "LICENSE", 46 | "index.js", 47 | "storage/", 48 | "lib/" 49 | ], 50 | "scripts": { 51 | "lint": "standard", 52 | "lint:fix": "standard --fix", 53 | "test": "mocha --reporter spec --exit --check-leaks test/", 54 | "test-ci": "nyc --reporter=lcov --reporter=text npm test", 55 | "test-cov": "nyc --reporter=html --reporter=text npm test" 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /storage/disk.js: -------------------------------------------------------------------------------- 1 | var fs = require('fs') 2 | var os = require('os') 3 | var path = require('path') 4 | var crypto = require('crypto') 5 | var mkdirp = require('mkdirp') 6 | 7 | function getFilename (req, file, cb) { 8 | crypto.randomBytes(16, function (err, raw) { 9 | cb(err, err ? undefined : raw.toString('hex')) 10 | }) 11 | } 12 | 13 | function getDestination (req, file, cb) { 14 | cb(null, os.tmpdir()) 15 | } 16 | 17 | function DiskStorage (opts) { 18 | this.getFilename = (opts.filename || getFilename) 19 | 20 | if (typeof opts.destination === 'string') { 21 | mkdirp.sync(opts.destination) 22 | this.getDestination = function ($0, $1, cb) { cb(null, opts.destination) } 23 | } else { 24 | this.getDestination = (opts.destination || getDestination) 25 | } 26 | } 27 | 28 | DiskStorage.prototype._handleFile = function _handleFile (req, file, cb) { 29 | var that = this 30 | 31 | that.getDestination(req, file, function (err, destination) { 32 | if (err) return cb(err) 33 | 34 | that.getFilename(req, file, function (err, filename) { 35 | if (err) return cb(err) 36 | 37 | var finalPath = path.join(destination, filename) 38 | var outStream = fs.createWriteStream(finalPath) 39 | 40 | file.stream.pipe(outStream) 41 | outStream.on('error', cb) 42 | outStream.on('finish', function () { 43 | cb(null, { 44 | destination: destination, 45 | filename: filename, 46 | path: finalPath, 47 | size: outStream.bytesWritten 48 | }) 49 | }) 50 | }) 51 | }) 52 | } 53 | 54 | DiskStorage.prototype._removeFile = function _removeFile (req, file, cb) { 55 | var path = file.path 56 | 57 | delete file.destination 58 | delete file.filename 59 | delete file.path 60 | 61 | fs.unlink(path, cb) 62 | } 63 | 64 | module.exports = function (opts) { 65 | return new DiskStorage(opts) 66 | } 67 | -------------------------------------------------------------------------------- /storage/memory.js: -------------------------------------------------------------------------------- 1 | var concat = require('concat-stream') 2 | 3 | function MemoryStorage (opts) {} 4 | 5 | MemoryStorage.prototype._handleFile = function _handleFile (req, file, cb) { 6 | file.stream.pipe(concat({ encoding: 'buffer' }, function (data) { 7 | cb(null, { 8 | buffer: data, 9 | size: data.length 10 | }) 11 | })) 12 | } 13 | 14 | MemoryStorage.prototype._removeFile = function _removeFile (req, file, cb) { 15 | delete file.buffer 16 | cb(null) 17 | } 18 | 19 | module.exports = function (opts) { 20 | return new MemoryStorage(opts) 21 | } 22 | -------------------------------------------------------------------------------- /test/_util.js: -------------------------------------------------------------------------------- 1 | var fs = require('fs') 2 | var path = require('path') 3 | var stream = require('stream') 4 | 5 | exports.file = function file (name) { 6 | return fs.createReadStream(path.join(__dirname, 'files', name)) 7 | } 8 | 9 | exports.fileSize = function fileSize (path) { 10 | return fs.statSync(path).size 11 | } 12 | 13 | exports.submitForm = function submitForm (multer, form, cb) { 14 | form.getLength(function (err, length) { 15 | if (err) return cb(err) 16 | 17 | var req = new stream.PassThrough() 18 | 19 | form.pipe(req) 20 | req.headers = { 21 | 'content-type': 'multipart/form-data; boundary=' + form.getBoundary(), 22 | 'content-length': length 23 | } 24 | 25 | multer(req, null, function (err) { 26 | cb(err, req) 27 | }) 28 | }) 29 | } 30 | -------------------------------------------------------------------------------- /test/disk-storage.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | var deepEqual = require('deep-equal') 5 | 6 | var fs = require('fs') 7 | var path = require('path') 8 | var util = require('./_util') 9 | var multer = require('../') 10 | var temp = require('fs-temp') 11 | var rimraf = require('rimraf') 12 | var FormData = require('form-data') 13 | 14 | describe('Disk Storage', function () { 15 | var uploadDir, upload 16 | 17 | beforeEach(function (done) { 18 | temp.mkdir(function (err, path) { 19 | if (err) return done(err) 20 | 21 | uploadDir = path 22 | upload = multer({ dest: path }) 23 | done() 24 | }) 25 | }) 26 | 27 | afterEach(function (done) { 28 | rimraf(uploadDir, done) 29 | }) 30 | 31 | it('should process parser/form-data POST request', function (done) { 32 | var form = new FormData() 33 | var parser = upload.single('small0') 34 | 35 | form.append('name', 'Multer') 36 | form.append('small0', util.file('small0.dat')) 37 | 38 | util.submitForm(parser, form, function (err, req) { 39 | assert.ifError(err) 40 | 41 | assert.strictEqual(req.body.name, 'Multer') 42 | 43 | assert.strictEqual(req.file.fieldname, 'small0') 44 | assert.strictEqual(req.file.originalname, 'small0.dat') 45 | assert.strictEqual(req.file.size, 1778) 46 | assert.strictEqual(util.fileSize(req.file.path), 1778) 47 | 48 | done() 49 | }) 50 | }) 51 | 52 | it('should process empty fields and an empty file', function (done) { 53 | var form = new FormData() 54 | var parser = upload.single('empty') 55 | 56 | form.append('empty', util.file('empty.dat')) 57 | form.append('name', 'Multer') 58 | form.append('version', '') 59 | form.append('year', '') 60 | form.append('checkboxfull', 'cb1') 61 | form.append('checkboxfull', 'cb2') 62 | form.append('checkboxhalfempty', 'cb1') 63 | form.append('checkboxhalfempty', '') 64 | form.append('checkboxempty', '') 65 | form.append('checkboxempty', '') 66 | 67 | util.submitForm(parser, form, function (err, req) { 68 | assert.ifError(err) 69 | 70 | assert.strictEqual(req.body.name, 'Multer') 71 | assert.strictEqual(req.body.version, '') 72 | assert.strictEqual(req.body.year, '') 73 | 74 | assert(deepEqual(req.body.checkboxfull, ['cb1', 'cb2'])) 75 | assert(deepEqual(req.body.checkboxhalfempty, ['cb1', ''])) 76 | assert(deepEqual(req.body.checkboxempty, ['', ''])) 77 | 78 | assert.strictEqual(req.file.fieldname, 'empty') 79 | assert.strictEqual(req.file.originalname, 'empty.dat') 80 | assert.strictEqual(req.file.size, 0) 81 | assert.strictEqual(util.fileSize(req.file.path), 0) 82 | 83 | done() 84 | }) 85 | }) 86 | 87 | it('should process multiple files', function (done) { 88 | var form = new FormData() 89 | var parser = upload.fields([ 90 | { name: 'empty', maxCount: 1 }, 91 | { name: 'tiny0', maxCount: 1 }, 92 | { name: 'tiny1', maxCount: 1 }, 93 | { name: 'small0', maxCount: 1 }, 94 | { name: 'small1', maxCount: 1 }, 95 | { name: 'medium', maxCount: 1 }, 96 | { name: 'large', maxCount: 1 } 97 | ]) 98 | 99 | form.append('empty', util.file('empty.dat')) 100 | form.append('tiny0', util.file('tiny0.dat')) 101 | form.append('tiny1', util.file('tiny1.dat')) 102 | form.append('small0', util.file('small0.dat')) 103 | form.append('small1', util.file('small1.dat')) 104 | form.append('medium', util.file('medium.dat')) 105 | form.append('large', util.file('large.jpg')) 106 | 107 | util.submitForm(parser, form, function (err, req) { 108 | assert.ifError(err) 109 | 110 | assert(deepEqual(req.body, {})) 111 | 112 | assert.strictEqual(req.files.empty[0].fieldname, 'empty') 113 | assert.strictEqual(req.files.empty[0].originalname, 'empty.dat') 114 | assert.strictEqual(req.files.empty[0].size, 0) 115 | assert.strictEqual(util.fileSize(req.files.empty[0].path), 0) 116 | 117 | assert.strictEqual(req.files.tiny0[0].fieldname, 'tiny0') 118 | assert.strictEqual(req.files.tiny0[0].originalname, 'tiny0.dat') 119 | assert.strictEqual(req.files.tiny0[0].size, 122) 120 | assert.strictEqual(util.fileSize(req.files.tiny0[0].path), 122) 121 | 122 | assert.strictEqual(req.files.tiny1[0].fieldname, 'tiny1') 123 | assert.strictEqual(req.files.tiny1[0].originalname, 'tiny1.dat') 124 | assert.strictEqual(req.files.tiny1[0].size, 7) 125 | assert.strictEqual(util.fileSize(req.files.tiny1[0].path), 7) 126 | 127 | assert.strictEqual(req.files.small0[0].fieldname, 'small0') 128 | assert.strictEqual(req.files.small0[0].originalname, 'small0.dat') 129 | assert.strictEqual(req.files.small0[0].size, 1778) 130 | assert.strictEqual(util.fileSize(req.files.small0[0].path), 1778) 131 | 132 | assert.strictEqual(req.files.small1[0].fieldname, 'small1') 133 | assert.strictEqual(req.files.small1[0].originalname, 'small1.dat') 134 | assert.strictEqual(req.files.small1[0].size, 315) 135 | assert.strictEqual(util.fileSize(req.files.small1[0].path), 315) 136 | 137 | assert.strictEqual(req.files.medium[0].fieldname, 'medium') 138 | assert.strictEqual(req.files.medium[0].originalname, 'medium.dat') 139 | assert.strictEqual(req.files.medium[0].size, 13196) 140 | assert.strictEqual(util.fileSize(req.files.medium[0].path), 13196) 141 | 142 | assert.strictEqual(req.files.large[0].fieldname, 'large') 143 | assert.strictEqual(req.files.large[0].originalname, 'large.jpg') 144 | assert.strictEqual(req.files.large[0].size, 2413677) 145 | assert.strictEqual(util.fileSize(req.files.large[0].path), 2413677) 146 | 147 | done() 148 | }) 149 | }) 150 | 151 | it('should remove uploaded files on error', function (done) { 152 | var form = new FormData() 153 | var parser = upload.single('tiny0') 154 | 155 | form.append('tiny0', util.file('tiny0.dat')) 156 | form.append('small0', util.file('small0.dat')) 157 | 158 | util.submitForm(parser, form, function (err, req) { 159 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 160 | assert.strictEqual(err.field, 'small0') 161 | assert(deepEqual(err.storageErrors, [])) 162 | 163 | var files = fs.readdirSync(uploadDir) 164 | assert(deepEqual(files, [])) 165 | 166 | done() 167 | }) 168 | }) 169 | 170 | it('should report error when directory doesn\'t exist', function (done) { 171 | var directory = path.join(temp.mkdirSync(), 'ghost') 172 | function dest ($0, $1, cb) { cb(null, directory) } 173 | 174 | var storage = multer.diskStorage({ destination: dest }) 175 | var upload = multer({ storage: storage }) 176 | var parser = upload.single('tiny0') 177 | var form = new FormData() 178 | 179 | form.append('tiny0', util.file('tiny0.dat')) 180 | 181 | util.submitForm(parser, form, function (err, req) { 182 | assert.strictEqual(err.code, 'ENOENT') 183 | assert.strictEqual(path.dirname(err.path), directory) 184 | 185 | done() 186 | }) 187 | }) 188 | }) 189 | -------------------------------------------------------------------------------- /test/error-handling.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var os = require('os') 6 | var util = require('./_util') 7 | var multer = require('../') 8 | var stream = require('stream') 9 | var FormData = require('form-data') 10 | 11 | function withLimits (limits, fields) { 12 | var storage = multer.memoryStorage() 13 | return multer({ storage: storage, limits: limits }).fields(fields) 14 | } 15 | 16 | describe('Error Handling', function () { 17 | it('should be an instance of both `Error` and `MulterError` classes in case of the Multer\'s error', function (done) { 18 | var form = new FormData() 19 | var storage = multer.diskStorage({ destination: os.tmpdir() }) 20 | var upload = multer({ storage: storage }).fields([ 21 | { name: 'small0', maxCount: 1 } 22 | ]) 23 | 24 | form.append('small0', util.file('small0.dat')) 25 | form.append('small0', util.file('small0.dat')) 26 | 27 | util.submitForm(upload, form, function (err, req) { 28 | assert.strictEqual(err instanceof Error, true) 29 | assert.strictEqual(err instanceof multer.MulterError, true) 30 | done() 31 | }) 32 | }) 33 | 34 | it('should respect parts limit', function (done) { 35 | var form = new FormData() 36 | var parser = withLimits({ parts: 1 }, [ 37 | { name: 'small0', maxCount: 1 } 38 | ]) 39 | 40 | form.append('field0', 'BOOM!') 41 | form.append('small0', util.file('small0.dat')) 42 | 43 | util.submitForm(parser, form, function (err, req) { 44 | assert.strictEqual(err.code, 'LIMIT_PART_COUNT') 45 | done() 46 | }) 47 | }) 48 | 49 | it('should respect file size limit', function (done) { 50 | var form = new FormData() 51 | var parser = withLimits({ fileSize: 1500 }, [ 52 | { name: 'tiny0', maxCount: 1 }, 53 | { name: 'small0', maxCount: 1 } 54 | ]) 55 | 56 | form.append('tiny0', util.file('tiny0.dat')) 57 | form.append('small0', util.file('small0.dat')) 58 | 59 | util.submitForm(parser, form, function (err, req) { 60 | assert.strictEqual(err.code, 'LIMIT_FILE_SIZE') 61 | assert.strictEqual(err.field, 'small0') 62 | done() 63 | }) 64 | }) 65 | 66 | it('should respect file count limit', function (done) { 67 | var form = new FormData() 68 | var parser = withLimits({ files: 1 }, [ 69 | { name: 'small0', maxCount: 1 }, 70 | { name: 'small1', maxCount: 1 } 71 | ]) 72 | 73 | form.append('small0', util.file('small0.dat')) 74 | form.append('small1', util.file('small1.dat')) 75 | 76 | util.submitForm(parser, form, function (err, req) { 77 | assert.strictEqual(err.code, 'LIMIT_FILE_COUNT') 78 | done() 79 | }) 80 | }) 81 | 82 | it('should respect file key limit', function (done) { 83 | var form = new FormData() 84 | var parser = withLimits({ fieldNameSize: 4 }, [ 85 | { name: 'small0', maxCount: 1 } 86 | ]) 87 | 88 | form.append('small0', util.file('small0.dat')) 89 | 90 | util.submitForm(parser, form, function (err, req) { 91 | assert.strictEqual(err.code, 'LIMIT_FIELD_KEY') 92 | done() 93 | }) 94 | }) 95 | 96 | it('should respect field key limit', function (done) { 97 | var form = new FormData() 98 | var parser = withLimits({ fieldNameSize: 4 }, []) 99 | 100 | form.append('ok', 'SMILE') 101 | form.append('blowup', 'BOOM!') 102 | 103 | util.submitForm(parser, form, function (err, req) { 104 | assert.strictEqual(err.code, 'LIMIT_FIELD_KEY') 105 | done() 106 | }) 107 | }) 108 | 109 | it('should respect field value limit', function (done) { 110 | var form = new FormData() 111 | var parser = withLimits({ fieldSize: 16 }, []) 112 | 113 | form.append('field0', 'This is okay') 114 | form.append('field1', 'This will make the parser explode') 115 | 116 | util.submitForm(parser, form, function (err, req) { 117 | assert.strictEqual(err.code, 'LIMIT_FIELD_VALUE') 118 | assert.strictEqual(err.field, 'field1') 119 | done() 120 | }) 121 | }) 122 | 123 | it('should respect field count limit', function (done) { 124 | var form = new FormData() 125 | var parser = withLimits({ fields: 1 }, []) 126 | 127 | form.append('field0', 'BOOM!') 128 | form.append('field1', 'BOOM!') 129 | 130 | util.submitForm(parser, form, function (err, req) { 131 | assert.strictEqual(err.code, 'LIMIT_FIELD_COUNT') 132 | done() 133 | }) 134 | }) 135 | 136 | it('should respect fields given', function (done) { 137 | var form = new FormData() 138 | var parser = withLimits(undefined, [ 139 | { name: 'wrongname', maxCount: 1 } 140 | ]) 141 | 142 | form.append('small0', util.file('small0.dat')) 143 | 144 | util.submitForm(parser, form, function (err, req) { 145 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 146 | assert.strictEqual(err.field, 'small0') 147 | done() 148 | }) 149 | }) 150 | 151 | it('should notify of missing field name', function (done) { 152 | var req = new stream.PassThrough() 153 | var storage = multer.memoryStorage() 154 | var upload = multer({ storage: storage }).single('tiny0') 155 | var boundary = 'AaB03x' 156 | var body = [ 157 | '--' + boundary, 158 | 'Content-Disposition: form-data', 159 | '', 160 | 'test content', 161 | '--' + boundary, 162 | '' 163 | ].join('\r\n') 164 | 165 | req.headers = { 166 | 'content-type': 'multipart/form-data; boundary=' + boundary, 167 | 'content-length': body.length 168 | } 169 | 170 | req.end(body) 171 | 172 | upload(req, null, function (err) { 173 | assert.strictEqual(err.code, 'MISSING_FIELD_NAME') 174 | done() 175 | }) 176 | }) 177 | 178 | it('should notify of missing field name', function (done) { 179 | var form = new FormData() 180 | var storage = multer.memoryStorage() 181 | var parser = multer({ storage: storage }).single('small0') 182 | 183 | form.append('', util.file('small0.dat')) 184 | 185 | util.submitForm(parser, form, function (err, req) { 186 | assert.strictEqual(err.code, 'MISSING_FIELD_NAME') 187 | done() 188 | }) 189 | }) 190 | 191 | it('should report errors from storage engines', function (done) { 192 | var storage = multer.memoryStorage() 193 | 194 | storage._removeFile = function _removeFile (req, file, cb) { 195 | var err = new Error('Test error') 196 | err.code = 'TEST' 197 | cb(err) 198 | } 199 | 200 | var form = new FormData() 201 | var upload = multer({ storage: storage }) 202 | var parser = upload.single('tiny0') 203 | 204 | form.append('tiny0', util.file('tiny0.dat')) 205 | form.append('small0', util.file('small0.dat')) 206 | 207 | util.submitForm(parser, form, function (err, req) { 208 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 209 | assert.strictEqual(err.field, 'small0') 210 | 211 | assert.strictEqual(err.storageErrors.length, 1) 212 | assert.strictEqual(err.storageErrors[0].code, 'TEST') 213 | assert.strictEqual(err.storageErrors[0].field, 'tiny0') 214 | assert.strictEqual(err.storageErrors[0].file, req.file) 215 | 216 | done() 217 | }) 218 | }) 219 | 220 | it('should report errors from busboy constructor', function (done) { 221 | var req = new stream.PassThrough() 222 | var storage = multer.memoryStorage() 223 | var upload = multer({ storage: storage }).single('tiny0') 224 | var body = 'test' 225 | 226 | req.headers = { 227 | 'content-type': 'multipart/form-data', 228 | 'content-length': body.length 229 | } 230 | 231 | req.end(body) 232 | 233 | upload(req, null, function (err) { 234 | assert.strictEqual(err.message, 'Multipart: Boundary not found') 235 | done() 236 | }) 237 | }) 238 | 239 | it('should report errors from busboy parsing', function (done) { 240 | var req = new stream.PassThrough() 241 | var storage = multer.memoryStorage() 242 | var upload = multer({ storage: storage }).single('tiny0') 243 | var boundary = 'AaB03x' 244 | var body = [ 245 | '--' + boundary, 246 | 'Content-Disposition: form-data; name="tiny0"; filename="test.txt"', 247 | 'Content-Type: text/plain', 248 | '', 249 | 'test without end boundary' 250 | ].join('\r\n') 251 | 252 | req.headers = { 253 | 'content-type': 'multipart/form-data; boundary=' + boundary, 254 | 'content-length': body.length 255 | } 256 | 257 | req.end(body) 258 | 259 | upload(req, null, function (err) { 260 | assert.strictEqual(err.message, 'Unexpected end of form') 261 | done() 262 | }) 263 | }) 264 | 265 | it('should gracefully handle more than one error at a time', function (done) { 266 | var form = new FormData() 267 | var storage = multer.diskStorage({ destination: os.tmpdir() }) 268 | var upload = multer({ storage: storage, limits: { fileSize: 1, files: 1 } }).fields([ 269 | { name: 'small0', maxCount: 1 } 270 | ]) 271 | 272 | form.append('small0', util.file('small0.dat')) 273 | form.append('small0', util.file('small0.dat')) 274 | 275 | util.submitForm(upload, form, function (err, req) { 276 | assert.strictEqual(err.code, 'LIMIT_FILE_SIZE') 277 | done() 278 | }) 279 | }) 280 | }) 281 | -------------------------------------------------------------------------------- /test/expected-files.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | describe('Expected files', function () { 10 | var upload 11 | 12 | before(function (done) { 13 | upload = multer() 14 | done() 15 | }) 16 | 17 | it('should reject single unexpected file', function (done) { 18 | var form = new FormData() 19 | var parser = upload.single('butme') 20 | 21 | form.append('notme', util.file('small0.dat')) 22 | 23 | util.submitForm(parser, form, function (err, req) { 24 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 25 | assert.strictEqual(err.field, 'notme') 26 | done() 27 | }) 28 | }) 29 | 30 | it('should reject array of multiple files', function (done) { 31 | var form = new FormData() 32 | var parser = upload.array('butme', 4) 33 | 34 | form.append('notme', util.file('small0.dat')) 35 | form.append('notme', util.file('small1.dat')) 36 | 37 | util.submitForm(parser, form, function (err, req) { 38 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 39 | assert.strictEqual(err.field, 'notme') 40 | done() 41 | }) 42 | }) 43 | 44 | it('should reject overflowing arrays', function (done) { 45 | var form = new FormData() 46 | var parser = upload.array('butme', 1) 47 | 48 | form.append('butme', util.file('small0.dat')) 49 | form.append('butme', util.file('small1.dat')) 50 | 51 | util.submitForm(parser, form, function (err, req) { 52 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 53 | assert.strictEqual(err.field, 'butme') 54 | done() 55 | }) 56 | }) 57 | 58 | it('should accept files with expected fieldname', function (done) { 59 | var form = new FormData() 60 | var parser = upload.fields([ 61 | { name: 'butme', maxCount: 2 }, 62 | { name: 'andme', maxCount: 2 } 63 | ]) 64 | 65 | form.append('butme', util.file('small0.dat')) 66 | form.append('butme', util.file('small1.dat')) 67 | form.append('andme', util.file('empty.dat')) 68 | 69 | util.submitForm(parser, form, function (err, req) { 70 | assert.ifError(err) 71 | 72 | assert.strictEqual(req.files.butme.length, 2) 73 | assert.strictEqual(req.files.andme.length, 1) 74 | 75 | done() 76 | }) 77 | }) 78 | 79 | it('should reject files with unexpected fieldname', function (done) { 80 | var form = new FormData() 81 | var parser = upload.fields([ 82 | { name: 'butme', maxCount: 2 }, 83 | { name: 'andme', maxCount: 2 } 84 | ]) 85 | 86 | form.append('butme', util.file('small0.dat')) 87 | form.append('butme', util.file('small1.dat')) 88 | form.append('andme', util.file('empty.dat')) 89 | form.append('notme', util.file('empty.dat')) 90 | 91 | util.submitForm(parser, form, function (err, req) { 92 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 93 | assert.strictEqual(err.field, 'notme') 94 | done() 95 | }) 96 | }) 97 | 98 | it('should allow any file to come thru', function (done) { 99 | var form = new FormData() 100 | var parser = upload.any() 101 | 102 | form.append('butme', util.file('small0.dat')) 103 | form.append('butme', util.file('small1.dat')) 104 | form.append('andme', util.file('empty.dat')) 105 | 106 | util.submitForm(parser, form, function (err, req) { 107 | assert.ifError(err) 108 | assert.strictEqual(req.files.length, 3) 109 | assert.strictEqual(req.files[0].fieldname, 'butme') 110 | assert.strictEqual(req.files[1].fieldname, 'butme') 111 | assert.strictEqual(req.files[2].fieldname, 'andme') 112 | done() 113 | }) 114 | }) 115 | }) 116 | -------------------------------------------------------------------------------- /test/express-integration.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | var http = require('http') 5 | 6 | var multer = require('../') 7 | var util = require('./_util') 8 | 9 | var express = require('express') 10 | var FormData = require('form-data') 11 | var concat = require('concat-stream') 12 | 13 | var port = 34279 14 | 15 | describe('Express Integration', function () { 16 | var app 17 | 18 | before(function (done) { 19 | app = express() 20 | app.listen(port, done) 21 | }) 22 | 23 | function submitForm (form, path, cb) { 24 | var req = form.submit('http://localhost:' + port + path) 25 | 26 | req.on('error', cb) 27 | req.on('response', function (res) { 28 | res.on('error', cb) 29 | res.pipe(concat({ encoding: 'buffer' }, function (body) { 30 | cb(null, res, body) 31 | })) 32 | }) 33 | } 34 | 35 | it('should work with express error handling', function (done) { 36 | var limits = { fileSize: 200 } 37 | var upload = multer({ limits: limits }) 38 | var router = new express.Router() 39 | var form = new FormData() 40 | 41 | var routeCalled = 0 42 | var errorCalled = 0 43 | 44 | form.append('avatar', util.file('large.jpg')) 45 | 46 | router.post('/profile', upload.single('avatar'), function (req, res, next) { 47 | routeCalled++ 48 | res.status(200).end('SUCCESS') 49 | }) 50 | 51 | router.use(function (err, req, res, next) { 52 | assert.strictEqual(err.code, 'LIMIT_FILE_SIZE') 53 | 54 | errorCalled++ 55 | res.status(500).end('ERROR') 56 | }) 57 | 58 | app.use('/t1', router) 59 | submitForm(form, '/t1/profile', function (err, res, body) { 60 | assert.ifError(err) 61 | 62 | assert.strictEqual(routeCalled, 0) 63 | assert.strictEqual(errorCalled, 1) 64 | assert.strictEqual(body.toString(), 'ERROR') 65 | assert.strictEqual(res.statusCode, 500) 66 | 67 | done() 68 | }) 69 | }) 70 | 71 | it('should work when receiving error from fileFilter', function (done) { 72 | function fileFilter (req, file, cb) { 73 | cb(new Error('TEST')) 74 | } 75 | 76 | var upload = multer({ fileFilter: fileFilter }) 77 | var router = new express.Router() 78 | var form = new FormData() 79 | 80 | var routeCalled = 0 81 | var errorCalled = 0 82 | 83 | form.append('avatar', util.file('large.jpg')) 84 | 85 | router.post('/profile', upload.single('avatar'), function (req, res, next) { 86 | routeCalled++ 87 | res.status(200).end('SUCCESS') 88 | }) 89 | 90 | router.use(function (err, req, res, next) { 91 | assert.strictEqual(err.message, 'TEST') 92 | 93 | errorCalled++ 94 | res.status(500).end('ERROR') 95 | }) 96 | 97 | app.use('/t2', router) 98 | submitForm(form, '/t2/profile', function (err, res, body) { 99 | assert.ifError(err) 100 | 101 | assert.strictEqual(routeCalled, 0) 102 | assert.strictEqual(errorCalled, 1) 103 | assert.strictEqual(body.toString(), 'ERROR') 104 | assert.strictEqual(res.statusCode, 500) 105 | 106 | done() 107 | }) 108 | }) 109 | 110 | it('should not crash on malformed request', function (done) { 111 | var upload = multer() 112 | 113 | app.post('/upload', upload.single('file'), function (req, res) { 114 | res.status(500).end('Request should not be processed') 115 | }) 116 | 117 | app.use(function (err, req, res, next) { 118 | assert.strictEqual(err.message, 'Unexpected end of form') 119 | res.status(200).end('Correct error') 120 | }) 121 | 122 | var boundary = 'AaB03x' 123 | var body = [ 124 | '--' + boundary, 125 | 'Content-Disposition: form-data; name="file"; filename="test.txt"', 126 | 'Content-Type: text/plain', 127 | '', 128 | 'test without end boundary' 129 | ].join('\r\n') 130 | var options = { 131 | hostname: 'localhost', 132 | port, 133 | path: '/upload', 134 | method: 'POST', 135 | headers: { 136 | 'content-type': 'multipart/form-data; boundary=' + boundary, 137 | 'content-length': body.length 138 | } 139 | } 140 | 141 | var req = http.request(options, (res) => { 142 | assert.strictEqual(res.statusCode, 200) 143 | done() 144 | }) 145 | 146 | req.on('error', (err) => { 147 | done(err) 148 | }) 149 | 150 | req.write(body) 151 | req.end() 152 | }) 153 | 154 | it('should not crash on malformed request that causes two errors to be emitted by busboy', function (done) { 155 | var upload = multer() 156 | 157 | app.post('/upload2', upload.single('file'), function (req, res) { 158 | res.status(500).end('Request should not be processed') 159 | }) 160 | 161 | app.use(function (err, req, res, next) { 162 | assert.strictEqual(err.message, 'Malformed part header') 163 | res.status(200).end('Correct error') 164 | }) 165 | 166 | var boundary = 'AaB03x' 167 | // this payload causes two errors to be emitted by busboy: `Malformed part header` and `Unexpected end of form` 168 | var body = [ 169 | '--' + boundary, 170 | 'Content-Disposition: form-data; name="file"; filename="test.txt"', 171 | 'Content-Type: text/plain', 172 | '', 173 | '--' + boundary + '--', 174 | '' 175 | ].join('\r\n') 176 | var options = { 177 | hostname: 'localhost', 178 | port, 179 | path: '/upload2', 180 | method: 'POST', 181 | headers: { 182 | 'content-type': 'multipart/form-data; boundary=' + boundary, 183 | 'content-length': body.length 184 | } 185 | } 186 | 187 | var req = http.request(options, (res) => { 188 | assert.strictEqual(res.statusCode, 200) 189 | done() 190 | }) 191 | 192 | req.on('error', (err) => { 193 | done(err) 194 | }) 195 | 196 | req.write(body) 197 | req.end() 198 | }) 199 | }) 200 | -------------------------------------------------------------------------------- /test/fields.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | var deepEqual = require('deep-equal') 5 | var stream = require('stream') 6 | 7 | var util = require('./_util') 8 | var multer = require('../') 9 | var FormData = require('form-data') 10 | var testData = require('testdata-w3c-json-form') 11 | 12 | describe('Fields', function () { 13 | var parser 14 | 15 | before(function () { 16 | parser = multer().fields([]) 17 | }) 18 | 19 | it('should process multiple fields', function (done) { 20 | var form = new FormData() 21 | 22 | form.append('name', 'Multer') 23 | form.append('key', 'value') 24 | form.append('abc', 'xyz') 25 | 26 | util.submitForm(parser, form, function (err, req) { 27 | assert.ifError(err) 28 | assert(deepEqual(req.body, { 29 | name: 'Multer', 30 | key: 'value', 31 | abc: 'xyz' 32 | })) 33 | done() 34 | }) 35 | }) 36 | 37 | it('should process empty fields', function (done) { 38 | var form = new FormData() 39 | 40 | form.append('name', 'Multer') 41 | form.append('key', '') 42 | form.append('abc', '') 43 | form.append('checkboxfull', 'cb1') 44 | form.append('checkboxfull', 'cb2') 45 | form.append('checkboxhalfempty', 'cb1') 46 | form.append('checkboxhalfempty', '') 47 | form.append('checkboxempty', '') 48 | form.append('checkboxempty', '') 49 | 50 | util.submitForm(parser, form, function (err, req) { 51 | assert.ifError(err) 52 | assert(deepEqual(req.body, { 53 | name: 'Multer', 54 | key: '', 55 | abc: '', 56 | checkboxfull: ['cb1', 'cb2'], 57 | checkboxhalfempty: ['cb1', ''], 58 | checkboxempty: ['', ''] 59 | })) 60 | done() 61 | }) 62 | }) 63 | 64 | it('should not process non-multipart POST request', function (done) { 65 | var req = new stream.PassThrough() 66 | 67 | req.end('name=Multer') 68 | req.method = 'POST' 69 | req.headers = { 70 | 'content-type': 'application/x-www-form-urlencoded', 71 | 'content-length': 11 72 | } 73 | 74 | parser(req, null, function (err) { 75 | assert.ifError(err) 76 | assert.strictEqual(Object.prototype.hasOwnProperty.call(req, 'body'), false) 77 | assert.strictEqual(Object.prototype.hasOwnProperty.call(req, 'files'), false) 78 | done() 79 | }) 80 | }) 81 | 82 | it('should not process non-multipart GET request', function (done) { 83 | var req = new stream.PassThrough() 84 | 85 | req.end('name=Multer') 86 | req.method = 'GET' 87 | req.headers = { 88 | 'content-type': 'application/x-www-form-urlencoded', 89 | 'content-length': 11 90 | } 91 | 92 | parser(req, null, function (err) { 93 | assert.ifError(err) 94 | assert.strictEqual(Object.prototype.hasOwnProperty.call(req, 'body'), false) 95 | assert.strictEqual(Object.prototype.hasOwnProperty.call(req, 'files'), false) 96 | done() 97 | }) 98 | }) 99 | 100 | testData.forEach(function (test) { 101 | it('should handle ' + test.name, function (done) { 102 | var form = new FormData() 103 | 104 | test.fields.forEach(function (field) { 105 | form.append(field.key, field.value) 106 | }) 107 | 108 | util.submitForm(parser, form, function (err, req) { 109 | assert.ifError(err) 110 | assert(deepEqual(req.body, test.expected)) 111 | done() 112 | }) 113 | }) 114 | }) 115 | 116 | it('should convert arrays into objects', function (done) { 117 | var form = new FormData() 118 | 119 | form.append('obj[0]', 'a') 120 | form.append('obj[2]', 'c') 121 | form.append('obj[x]', 'yz') 122 | 123 | util.submitForm(parser, form, function (err, req) { 124 | assert.ifError(err) 125 | assert(deepEqual(req.body, { 126 | obj: { 127 | 0: 'a', 128 | 2: 'c', 129 | x: 'yz' 130 | } 131 | })) 132 | done() 133 | }) 134 | }) 135 | }) 136 | -------------------------------------------------------------------------------- /test/file-filter.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | function withFilter (fileFilter) { 10 | return multer({ fileFilter: fileFilter }) 11 | } 12 | 13 | function skipSpecificFile (req, file, cb) { 14 | cb(null, file.fieldname !== 'notme') 15 | } 16 | 17 | function reportFakeError (req, file, cb) { 18 | cb(new Error('Fake error')) 19 | } 20 | 21 | describe('File Filter', function () { 22 | it('should skip some files', function (done) { 23 | var form = new FormData() 24 | var upload = withFilter(skipSpecificFile) 25 | var parser = upload.fields([ 26 | { name: 'notme', maxCount: 1 }, 27 | { name: 'butme', maxCount: 1 } 28 | ]) 29 | 30 | form.append('notme', util.file('tiny0.dat')) 31 | form.append('butme', util.file('tiny1.dat')) 32 | 33 | util.submitForm(parser, form, function (err, req) { 34 | assert.ifError(err) 35 | assert.strictEqual(req.files.notme, undefined) 36 | assert.strictEqual(req.files.butme[0].fieldname, 'butme') 37 | assert.strictEqual(req.files.butme[0].originalname, 'tiny1.dat') 38 | assert.strictEqual(req.files.butme[0].size, 7) 39 | assert.strictEqual(req.files.butme[0].buffer.length, 7) 40 | done() 41 | }) 42 | }) 43 | 44 | it('should report errors from fileFilter', function (done) { 45 | var form = new FormData() 46 | var upload = withFilter(reportFakeError) 47 | var parser = upload.single('test') 48 | 49 | form.append('test', util.file('tiny0.dat')) 50 | 51 | util.submitForm(parser, form, function (err, req) { 52 | assert.strictEqual(err.message, 'Fake error') 53 | done() 54 | }) 55 | }) 56 | }) 57 | -------------------------------------------------------------------------------- /test/file-ordering.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | describe('File ordering', function () { 10 | it('should present files in same order as they came', function (done) { 11 | var storage = multer.memoryStorage() 12 | var upload = multer({ storage: storage }) 13 | var parser = upload.array('themFiles', 2) 14 | 15 | var i = 0 16 | var calls = [{}, {}] 17 | var pending = 2 18 | var _handleFile = storage._handleFile 19 | storage._handleFile = function (req, file, cb) { 20 | var id = (i++) 21 | 22 | _handleFile.call(this, req, file, function (err, info) { 23 | if (err) return cb(err) 24 | 25 | calls[id].cb = cb 26 | calls[id].info = info 27 | 28 | if (--pending === 0) { 29 | calls[1].cb(null, calls[1].info) 30 | calls[0].cb(null, calls[0].info) 31 | } 32 | }) 33 | } 34 | 35 | var form = new FormData() 36 | 37 | form.append('themFiles', util.file('small0.dat')) 38 | form.append('themFiles', util.file('small1.dat')) 39 | 40 | util.submitForm(parser, form, function (err, req) { 41 | assert.ifError(err) 42 | assert.strictEqual(req.files.length, 2) 43 | assert.strictEqual(req.files[0].originalname, 'small0.dat') 44 | assert.strictEqual(req.files[1].originalname, 'small1.dat') 45 | done() 46 | }) 47 | }) 48 | }) 49 | -------------------------------------------------------------------------------- /test/files/empty.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/expressjs/multer/e259a7ee2141f5c89fd3d3e7d6825e706754340e/test/files/empty.dat -------------------------------------------------------------------------------- /test/files/large.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/expressjs/multer/e259a7ee2141f5c89fd3d3e7d6825e706754340e/test/files/large.jpg -------------------------------------------------------------------------------- /test/files/medium.dat: -------------------------------------------------------------------------------- 1 | ########################################################################## 2 | ########################################################################## 3 | ########################################################################## 4 | ########################################################################## 5 | ########################################################################## 6 | 7 | .M 8 | .:AMMO: 9 | .:AMMMMMHIIIHMMM. 10 | .... .AMMMMMMMMMMMHHHMHHMMMML:AMF" 11 | .:MMMMMLAMMMMMMMHMMMMMMHHIHHIIIHMMMML. 12 | "WMMMMMMMMMMMMMMMMMMH:::::HMMMMMMHII:. 13 | .AMMMMMMMHHHMMMMMMMMMMHHHHHMMMMMMMMMAMMMHHHHL. 14 | .MMMMMMMMMMHHMMMMMMMMHHHHMMMMMMMMMMMMMHTWMHHHHHML 15 | .MMMMMMMMMMMMMMMMMMMHHHHHHHHHMHMMHHHHIII:::HMHHHHMM. 16 | .MMMMMMMMMMMMMMMMMMMMMMHHHHHHMHHHHHHIIIIIIIIHMHHHHHM. 17 | MMMMMMMMMMMMMMMMMHHMMHHHHHIIIHHH::IIHHII:::::IHHHHHHHL 18 | "MMMMMMMMMMMMMMMMHIIIHMMMMHHIIHHLI::IIHHHHIIIHHHHHHHHML 19 | .MMMMMMMMMMMMMM"WMMMHHHMMMMMMMMMMMLHHHMMMMMMHHHHHHHHHHH 20 | .MMMMMMMMMMMWWMW ""YYHMMMMMMMMMMMMF""HMMMMMMMMMHHHHHHHH. 21 | .MMMMMMMMMM W" V W"WMMMMMHHHHHHHHHH 22 | "MMMMMMMMMM". "WHHHMH"HHHHHHL 23 | MMMMMMMMMMF . IHHHHH. 24 | MMMMMMMMMM . . HHHHHHH 25 | MMMMMMMMMF. . . . HHHHHHH. 26 | MMMMMMMMM . ,AWMMMMML. .. . . HHHHHHH. 27 | :MMMMMMMMM". . F"' 'WM:. ,::HMMA, . . HHHHMMM 28 | :MMMMMMMMF. . ." WH.. AMM"' " . . HHHMMMM 29 | MMMMMMMM . . ,;AAAHHWL".. .:' HHHHHHH 30 | MMMMMMM:. . . -MK"OTO L :I.. ...:HMA-. "HHHHHH 31 | ,:IIIILTMMMMI::. L,,,,. ::I.. .. K"OTO"ML 'HHHHHH 32 | LHT::LIIIIMMI::. . '""'.IHH:.. .. :.,,,, ' HMMMH: HLI' 33 | ILTT::"IIITMII::. . .IIII. . '"""" ' MMMFT:::. 34 | HML:::WMIINMHI:::.. . .:I. . . . . ' .M"'.....I. 35 | "HWHINWI:.'.HHII::.. .HHI .II. . . . . :M.',, ..I: 36 | "MLI"ML': :HHII::... MMHHL ::::: . :.. .'.'.'HHTML.II: 37 | "MMLIHHWL:IHHII::....:I:" :MHHWHI:...:W,," '':::. ..' ":.HH:II: 38 | "MMMHITIIHHH:::::IWF" """T99"' '"" '.':II:..'.'..' I'.HHIHI' 39 | YMMHII:IHHHH:::IT.. . . ... . . ''THHI::.'.' .;H.""."H" 40 | HHII:MHHI"::IWWL . . . . . HH"HHHIIHHH":HWWM" 41 | """ MMHI::HY""ML, ... . .. :" :HIIIIIILTMH" 42 | MMHI:.' 'HL,,,,,,,,..,,,......,:" . ''::HH "HWW 43 | 'MMH:.. . 'MMML,: """MM""""MMM" .'.IH'"MH" 44 | "MMHL.. .. "MMMMMML,MM,HMMMF . .IHM" 45 | "MMHHL .. "MMMMMMMMMMMM" . . '.IHF' 46 | 'MMMML .. "MMMMMMMM" . .'HMF 47 | HHHMML. .'MMF" 48 | IHHHHHMML. .'HMF" 49 | HHHHHHITMML. .'IF.. 50 | "HHHHHHIITML,. ..:F... 51 | 'HHHHHHHHHMMWWWWWW::"...... 52 | HHHHHHHMMMMMMF"'........ 53 | HHHHHHHHHH............ 54 | HHHHHHHH........... 55 | HHHHIII.......... 56 | HHIII.......... 57 | HII......... 58 | "H........ 59 | ...... 60 | 61 | ########################################################################## 62 | ########################################################################## 63 | ########################################################################## 64 | ########################################################################## 65 | ########################################################################## 66 | 67 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 68 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!` `4!!!!!!!!!!~4!!!!!!!!!!!!!!!!! 69 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! <~: ~!!!~ .. 4!!!!!!!!!!!!!!! 70 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ~~~~~~~ ' ud$$$$$ !!!!!!!!!!!!!!! 71 | !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ~~~~~~~~~: ?$$$$$$$$$ !!!!!!!!!!!!!! 72 | !!!!!!!!!!!` ``~!!!!!!!!!!!!!! ~~~~~ "*$$$$$k `!!!!!!!!!!!!! 73 | !!!!!!!!!! $$$$$bu. '~!~` . '~~~~ :~~~~ `4!!!!!!!!!!! 74 | !!!!!!!!! $$$$$$$$$$$c .zW$$$$$E ~~~~ ~~~~~~~~ ~~~~~: '!!!!!!!!!! 75 | !!!!!!!!! d$$$$$$$$$$$$$$$$$$$$$$E ~~~~~ '~~~~~~~~ ~~~~~ !!!!!!!!!! 76 | !!!!!!!!> 9$$$$$$$$$$$$$$$$$$$$$$$ '~~~~~~~ '~~~~~~~~ ~~~~ !!!!!!!!!! 77 | !!!!!!!!> $$$$$$$$$$$$$$$$$$$$$$$$b ~~~ '~~~~~~~ '~~~ '!!!!!!!!!! 78 | !!!!!!!!> $$$$$$$$$$$$$$$$$$$$$$$$$$$cuuue$$N. ~ ~~~ !!!!!!!!!!! 79 | !!!!!!!!! **$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$Ne ~~~~~~~~ `!!!!!!!!!!! 80 | !!!!!!!!! J$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$N ~~~~~ zL '!!!!!!!!!! 81 | !!!!!!!! d$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$c z$$$c `!!!!!!!!! 82 | !!!!!!!> <$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$> 4!!!!!!!! 83 | !!!!!!! $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ !!!!!!!! 84 | !!!!!!! <$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$*" ....:!! 85 | !!!!!!~ 9$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$e@$N '!!!!!!! 86 | !!!!!! 9$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ !!!!!!! 87 | !!!!!! $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$""$$$$$$$$$$$~ ~~4!!!! 88 | !!!!!! 9$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$Lue :::!!!! 89 | !!!!!!> 9$$$$$$$$$$$$" '$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$ !!!!!!! 90 | !!!!!!! '$$*$$$$$$$$E '$$$$$$$$$$$$$$$$$$$$$$$$$$$u.@$$$$$$$$$E '!!!!!!! 91 | !!!!~` .eeW$$$$$$$$ :$$$$$$$$$$$$$***$$$$$$$$$$$$$$$$$$$$u. `~!!!!! 92 | !!> .:!h '$$$$$$$$$$$$ed$$$$$$$$$$$$Fz$$b $$$$$$$$$$$$$$$$$$$$$F '!h. !!! 93 | !!!!!!!!L '$**$$$$$$$$$$$$$$$$$$$$$$ *$$$ $$$$$$$$$$$$$$$$$$$$F !!!!!!!!! 94 | !!!!!!!!! d$$$$$$$$$$$$$$$$$$$$$$$$buud$$$$$$$$$$$$$$$$$$$$" !!!!!!!!!! 95 | !!!!!!! . | 11 | . \ \ | | / /__\ \ . | _/ . 12 | . ________> | | | . / \ | |\ \_______ . 13 | | / | | / ______ \ | | \ | 14 | |___________/ |___| /____/ \____\ |___| \__________| . 15 | . ____ __ . _____ ____ . __________ . _________ 16 | \ \ / \ / / / \ | \ / | . 17 | \ \/ \/ / / \ | ___ | / ______| . 18 | \ / / /\ \ . | |___> | \ \ 19 | . \ / / /__\ \ | _/. \ \ + 20 | \ /\ / / \ | |\ \______> | . 21 | \ / \ / / ______ \ | | \ / . 22 | . . \/ \/ /____/ \____\ |___| \____________/ LS 23 | . . 24 | . . . . . 25 | . . . 26 | -------------------------------------------------------------------------------- /test/files/small1.dat: -------------------------------------------------------------------------------- 1 | ____ 2 | \__/ # ## 3 | `( `^=_ p _###_ 4 | c / ) | / 5 | _____- //^---~ _c 3 6 | / ----^\ /^_\ / --,- 7 | ( | | O_| \\_/ ,/ 8 | | | | / \| `-- / 9 | (((G |-----| 10 | //-----\\ 11 | // \\ 12 | / | | ^| 13 | | | | | 14 | |____| |____| 15 | /______) (_____\ -------------------------------------------------------------------------------- /test/files/tiny0.dat: -------------------------------------------------------------------------------- 1 | ROFL:ROFL:ROFL:ROFL 2 | _^___ 3 | L __/ [] \ 4 | LOL===__ \ 5 | L \________] 6 | I I 7 | --------/ -------------------------------------------------------------------------------- /test/files/tiny1.dat: -------------------------------------------------------------------------------- 1 | = 0) 133 | assert.ok(req.files[1].path.indexOf('/testforme-') >= 0) 134 | done() 135 | }) 136 | }) 137 | }) 138 | -------------------------------------------------------------------------------- /test/issue-232.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var temp = require('fs-temp') 8 | var rimraf = require('rimraf') 9 | var FormData = require('form-data') 10 | 11 | describe('Issue #232', function () { 12 | var uploadDir, upload 13 | 14 | before(function (done) { 15 | temp.mkdir(function (err, path) { 16 | if (err) return done(err) 17 | 18 | uploadDir = path 19 | upload = multer({ dest: path, limits: { fileSize: 100 } }) 20 | done() 21 | }) 22 | }) 23 | 24 | after(function (done) { 25 | rimraf(uploadDir, done) 26 | }) 27 | 28 | it('should report limit errors', function (done) { 29 | var form = new FormData() 30 | var parser = upload.single('file') 31 | 32 | form.append('file', util.file('large.jpg')) 33 | 34 | util.submitForm(parser, form, function (err, req) { 35 | assert.ok(err, 'an error was given') 36 | 37 | assert.strictEqual(err.code, 'LIMIT_FILE_SIZE') 38 | assert.strictEqual(err.field, 'file') 39 | 40 | done() 41 | }) 42 | }) 43 | }) 44 | -------------------------------------------------------------------------------- /test/memory-storage.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | var deepEqual = require('deep-equal') 5 | 6 | var util = require('./_util') 7 | var multer = require('../') 8 | var FormData = require('form-data') 9 | 10 | describe('Memory Storage', function () { 11 | var upload 12 | 13 | before(function (done) { 14 | upload = multer() 15 | done() 16 | }) 17 | 18 | it('should process multipart/form-data POST request', function (done) { 19 | var form = new FormData() 20 | var parser = upload.single('small0') 21 | 22 | form.append('name', 'Multer') 23 | form.append('small0', util.file('small0.dat')) 24 | 25 | util.submitForm(parser, form, function (err, req) { 26 | assert.ifError(err) 27 | 28 | assert.strictEqual(req.body.name, 'Multer') 29 | 30 | assert.strictEqual(req.file.fieldname, 'small0') 31 | assert.strictEqual(req.file.originalname, 'small0.dat') 32 | assert.strictEqual(req.file.size, 1778) 33 | assert.strictEqual(req.file.buffer.length, 1778) 34 | 35 | done() 36 | }) 37 | }) 38 | 39 | it('should process empty fields and an empty file', function (done) { 40 | var form = new FormData() 41 | var parser = upload.single('empty') 42 | 43 | form.append('empty', util.file('empty.dat')) 44 | form.append('name', 'Multer') 45 | form.append('version', '') 46 | form.append('year', '') 47 | form.append('checkboxfull', 'cb1') 48 | form.append('checkboxfull', 'cb2') 49 | form.append('checkboxhalfempty', 'cb1') 50 | form.append('checkboxhalfempty', '') 51 | form.append('checkboxempty', '') 52 | form.append('checkboxempty', '') 53 | 54 | util.submitForm(parser, form, function (err, req) { 55 | assert.ifError(err) 56 | 57 | assert.strictEqual(req.body.name, 'Multer') 58 | assert.strictEqual(req.body.version, '') 59 | assert.strictEqual(req.body.year, '') 60 | 61 | assert(deepEqual(req.body.checkboxfull, ['cb1', 'cb2'])) 62 | assert(deepEqual(req.body.checkboxhalfempty, ['cb1', ''])) 63 | assert(deepEqual(req.body.checkboxempty, ['', ''])) 64 | 65 | assert.strictEqual(req.file.fieldname, 'empty') 66 | assert.strictEqual(req.file.originalname, 'empty.dat') 67 | assert.strictEqual(req.file.size, 0) 68 | assert.strictEqual(req.file.buffer.length, 0) 69 | assert.strictEqual(Buffer.isBuffer(req.file.buffer), true) 70 | 71 | done() 72 | }) 73 | }) 74 | 75 | it('should process multiple files', function (done) { 76 | var form = new FormData() 77 | var parser = upload.fields([ 78 | { name: 'empty', maxCount: 1 }, 79 | { name: 'tiny0', maxCount: 1 }, 80 | { name: 'tiny1', maxCount: 1 }, 81 | { name: 'small0', maxCount: 1 }, 82 | { name: 'small1', maxCount: 1 }, 83 | { name: 'medium', maxCount: 1 }, 84 | { name: 'large', maxCount: 1 } 85 | ]) 86 | 87 | form.append('empty', util.file('empty.dat')) 88 | form.append('tiny0', util.file('tiny0.dat')) 89 | form.append('tiny1', util.file('tiny1.dat')) 90 | form.append('small0', util.file('small0.dat')) 91 | form.append('small1', util.file('small1.dat')) 92 | form.append('medium', util.file('medium.dat')) 93 | form.append('large', util.file('large.jpg')) 94 | 95 | util.submitForm(parser, form, function (err, req) { 96 | assert.ifError(err) 97 | 98 | assert(deepEqual(req.body, {})) 99 | 100 | assert.strictEqual(req.files.empty[0].fieldname, 'empty') 101 | assert.strictEqual(req.files.empty[0].originalname, 'empty.dat') 102 | assert.strictEqual(req.files.empty[0].size, 0) 103 | assert.strictEqual(req.files.empty[0].buffer.length, 0) 104 | 105 | assert.strictEqual(req.files.tiny0[0].fieldname, 'tiny0') 106 | assert.strictEqual(req.files.tiny0[0].originalname, 'tiny0.dat') 107 | assert.strictEqual(req.files.tiny0[0].size, 122) 108 | assert.strictEqual(req.files.tiny0[0].buffer.length, 122) 109 | 110 | assert.strictEqual(req.files.tiny1[0].fieldname, 'tiny1') 111 | assert.strictEqual(req.files.tiny1[0].originalname, 'tiny1.dat') 112 | assert.strictEqual(req.files.tiny1[0].size, 7) 113 | assert.strictEqual(req.files.tiny1[0].buffer.length, 7) 114 | 115 | assert.strictEqual(req.files.small0[0].fieldname, 'small0') 116 | assert.strictEqual(req.files.small0[0].originalname, 'small0.dat') 117 | assert.strictEqual(req.files.small0[0].size, 1778) 118 | assert.strictEqual(req.files.small0[0].buffer.length, 1778) 119 | 120 | assert.strictEqual(req.files.small1[0].fieldname, 'small1') 121 | assert.strictEqual(req.files.small1[0].originalname, 'small1.dat') 122 | assert.strictEqual(req.files.small1[0].size, 315) 123 | assert.strictEqual(req.files.small1[0].buffer.length, 315) 124 | 125 | assert.strictEqual(req.files.medium[0].fieldname, 'medium') 126 | assert.strictEqual(req.files.medium[0].originalname, 'medium.dat') 127 | assert.strictEqual(req.files.medium[0].size, 13196) 128 | assert.strictEqual(req.files.medium[0].buffer.length, 13196) 129 | 130 | assert.strictEqual(req.files.large[0].fieldname, 'large') 131 | assert.strictEqual(req.files.large[0].originalname, 'large.jpg') 132 | assert.strictEqual(req.files.large[0].size, 2413677) 133 | assert.strictEqual(req.files.large[0].buffer.length, 2413677) 134 | 135 | done() 136 | }) 137 | }) 138 | }) 139 | -------------------------------------------------------------------------------- /test/none.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | describe('None', function () { 10 | var parser 11 | 12 | before(function () { 13 | parser = multer().none() 14 | }) 15 | 16 | it('should not allow file uploads', function (done) { 17 | var form = new FormData() 18 | 19 | form.append('key1', 'val1') 20 | form.append('key2', 'val2') 21 | form.append('file', util.file('small0.dat')) 22 | 23 | util.submitForm(parser, form, function (err, req) { 24 | assert.ok(err) 25 | assert.strictEqual(err.code, 'LIMIT_UNEXPECTED_FILE') 26 | assert.strictEqual(req.files, undefined) 27 | assert.strictEqual(req.body.key1, 'val1') 28 | assert.strictEqual(req.body.key2, 'val2') 29 | done() 30 | }) 31 | }) 32 | 33 | it('should handle text fields', function (done) { 34 | var form = new FormData() 35 | 36 | form.append('key1', 'val1') 37 | form.append('key2', 'val2') 38 | 39 | util.submitForm(parser, form, function (err, req) { 40 | assert.ifError(err) 41 | assert.strictEqual(req.files, undefined) 42 | assert.strictEqual(req.body.key1, 'val1') 43 | assert.strictEqual(req.body.key2, 'val2') 44 | done() 45 | }) 46 | }) 47 | }) 48 | -------------------------------------------------------------------------------- /test/reuse-middleware.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | describe('Reuse Middleware', function () { 10 | var parser 11 | 12 | before(function (done) { 13 | parser = multer().array('them-files') 14 | done() 15 | }) 16 | 17 | it('should accept multiple requests', function (done) { 18 | var pending = 8 19 | 20 | function submitData (fileCount) { 21 | var form = new FormData() 22 | 23 | form.append('name', 'Multer') 24 | form.append('files', '' + fileCount) 25 | 26 | for (var i = 0; i < fileCount; i++) { 27 | form.append('them-files', util.file('small0.dat')) 28 | } 29 | 30 | util.submitForm(parser, form, function (err, req) { 31 | assert.ifError(err) 32 | 33 | assert.strictEqual(req.body.name, 'Multer') 34 | assert.strictEqual(req.body.files, '' + fileCount) 35 | assert.strictEqual(req.files.length, fileCount) 36 | 37 | req.files.forEach(function (file) { 38 | assert.strictEqual(file.fieldname, 'them-files') 39 | assert.strictEqual(file.originalname, 'small0.dat') 40 | assert.strictEqual(file.size, 1778) 41 | assert.strictEqual(file.buffer.length, 1778) 42 | }) 43 | 44 | if (--pending === 0) done() 45 | }) 46 | } 47 | 48 | submitData(9) 49 | submitData(1) 50 | submitData(5) 51 | submitData(7) 52 | submitData(2) 53 | submitData(8) 54 | submitData(3) 55 | submitData(4) 56 | }) 57 | }) 58 | -------------------------------------------------------------------------------- /test/select-field.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var util = require('./_util') 6 | var multer = require('../') 7 | var FormData = require('form-data') 8 | 9 | function generateForm () { 10 | var form = new FormData() 11 | 12 | form.append('CA$|-|', util.file('empty.dat')) 13 | form.append('set-1', util.file('tiny0.dat')) 14 | form.append('set-1', util.file('empty.dat')) 15 | form.append('set-1', util.file('tiny1.dat')) 16 | form.append('set-2', util.file('tiny1.dat')) 17 | form.append('set-2', util.file('tiny0.dat')) 18 | form.append('set-2', util.file('empty.dat')) 19 | 20 | return form 21 | } 22 | 23 | function assertSet (files, setName, fileNames) { 24 | var len = fileNames.length 25 | 26 | assert.strictEqual(files.length, len) 27 | 28 | for (var i = 0; i < len; i++) { 29 | assert.strictEqual(files[i].fieldname, setName) 30 | assert.strictEqual(files[i].originalname, fileNames[i]) 31 | } 32 | } 33 | 34 | describe('Select Field', function () { 35 | var parser 36 | 37 | before(function () { 38 | parser = multer().fields([ 39 | { name: 'CA$|-|', maxCount: 1 }, 40 | { name: 'set-1', maxCount: 3 }, 41 | { name: 'set-2', maxCount: 3 } 42 | ]) 43 | }) 44 | 45 | it('should select the first file with fieldname', function (done) { 46 | util.submitForm(parser, generateForm(), function (err, req) { 47 | assert.ifError(err) 48 | 49 | var file 50 | 51 | file = req.files['CA$|-|'][0] 52 | assert.strictEqual(file.fieldname, 'CA$|-|') 53 | assert.strictEqual(file.originalname, 'empty.dat') 54 | 55 | file = req.files['set-1'][0] 56 | assert.strictEqual(file.fieldname, 'set-1') 57 | assert.strictEqual(file.originalname, 'tiny0.dat') 58 | 59 | file = req.files['set-2'][0] 60 | assert.strictEqual(file.fieldname, 'set-2') 61 | assert.strictEqual(file.originalname, 'tiny1.dat') 62 | 63 | done() 64 | }) 65 | }) 66 | 67 | it('should select all files with fieldname', function (done) { 68 | util.submitForm(parser, generateForm(), function (err, req) { 69 | assert.ifError(err) 70 | 71 | assertSet(req.files['CA$|-|'], 'CA$|-|', ['empty.dat']) 72 | assertSet(req.files['set-1'], 'set-1', ['tiny0.dat', 'empty.dat', 'tiny1.dat']) 73 | assertSet(req.files['set-2'], 'set-2', ['tiny1.dat', 'tiny0.dat', 'empty.dat']) 74 | 75 | done() 76 | }) 77 | }) 78 | }) 79 | -------------------------------------------------------------------------------- /test/unicode.js: -------------------------------------------------------------------------------- 1 | /* eslint-env mocha */ 2 | 3 | var assert = require('assert') 4 | 5 | var multer = require('../') 6 | var temp = require('fs-temp') 7 | var rimraf = require('rimraf') 8 | var stream = require('stream') 9 | 10 | describe('Unicode', function () { 11 | var uploadDir, upload 12 | 13 | beforeEach(function (done) { 14 | temp.mkdir(function (err, path) { 15 | if (err) return done(err) 16 | 17 | var storage = multer.diskStorage({ 18 | destination: path, 19 | filename: function (req, file, cb) { 20 | cb(null, file.originalname) 21 | } 22 | }) 23 | 24 | uploadDir = path 25 | upload = multer({ storage: storage }) 26 | done() 27 | }) 28 | }) 29 | 30 | afterEach(function (done) { 31 | rimraf(uploadDir, done) 32 | }) 33 | 34 | it('should handle unicode filenames', function (done) { 35 | var req = new stream.PassThrough() 36 | var boundary = 'AaB03x' 37 | var body = [ 38 | '--' + boundary, 39 | 'Content-Disposition: form-data; name="small0"; filename="poo.dat"; filename*=utf-8\'\'%F0%9F%92%A9.dat', 40 | 'Content-Type: text/plain', 41 | '', 42 | 'test with unicode filename', 43 | '--' + boundary + '--' 44 | ].join('\r\n') 45 | 46 | req.headers = { 47 | 'content-type': 'multipart/form-data; boundary=' + boundary, 48 | 'content-length': body.length 49 | } 50 | 51 | req.end(body) 52 | 53 | upload.single('small0')(req, null, function (err) { 54 | assert.ifError(err) 55 | 56 | assert.strictEqual(req.file.originalname, '\ud83d\udca9.dat') 57 | assert.strictEqual(req.file.fieldname, 'small0') 58 | 59 | done() 60 | }) 61 | }) 62 | }) 63 | --------------------------------------------------------------------------------