How to upload summernote images to nodejs server - node.js

I have the following input for the picture above, Am getting an error for MulterError: Unexpected field anytime I upload an image on file field and on summernote but uploading an image only on file input i don't get an error here is the code for my route
const helpers = require("../../helpers/helpers");
const storage = multer.diskStorage({
destination: (req, file, cb) => {
cb(null, "public/uploads");
},
filename: (req, file, cb) => {
cb(null, file.fieldname + "-" + Date.now());
},
});
const upload = multer({ storage: storage, fileFilter: helpers.imageFilter });
const cpUpload = upload.fields([{ name: 'photo', maxCount: 1 },{ name: 'markdown',maxCount: 60 }])
router.post('/newpost',middleware.isLoggedInBlogger,cpUpload,blogController.newBlog);
How do one upload images while you both have a summernote editor and file input field?

Related

multipart file upload not working using multer's diskStorage

nodejs
I am using multer to upload file in nodejs. The below code seems to work fine.
const upload = multer({ dest: "uploads/" });
But the code below doesn't work.
const storage = multer.diskStorage({
destination: function (req, file, cb) {
cb(null, "./uploads/");
},
filename: function (req, file, cb) {
cb(null, new Date().toISOString() + file.originalname);
},
});
Any idea on how to solve it?

File upload via multer with security in uploads folder which is locked

I want to upload files via multer folder and it is working fine
var storage = multer.diskStorage({
destination: function (req, file, cb) {
cb(null, "./uploads");//storage location
},
filename: function (req, file, cb) {
cb(null, file.fieldname + "-" + Date.now() + path.extname(file.originalname));
},
});
var upload = multer({ storage: storage });
var uploadMultiple = upload.fields([{ name: 'data[w_1]', maxCount: 10 }])
But i want to lock the uploads file with password for security issues. How can i upload file via multer to a locked file.
Any suggestion to make my folder more secure are welcome

how to store images on heroku

I Am trying to store images on Heroku server ./public.uploades folder but when I try to get images I get 404 not found is there any way to store images in Heroku other AWS s3
const storage = multer.diskStorage({
destination:function(req,file,cb){
cb(null,"./public/uploades") //storage confg
},
filename: function (req, file, callback) {
callback(null, file.fieldname + '-' + Date.now() + path.extname(file.originalname));
}
})
const upload = multer({ storage:storage,limits: { fileSize: 5000000 }});
app.get("/fetchimage/", (req, res) => {
const file = req.query.file
const fileLocation = path.join('/public/uploades', file);
res.sendFile(__dirname +fileLocation)
})
Heroku dose not allow any file excluding git. However you can use https://cloudinary.com for image upload its free.

NodeJS multer filename for fields

I'm nodeJS beginner. How to get filenames for multer storage fields?
controller:
exports.createTruckDocs = (req, res, next) => {
console.log("tu");
Truck.findOneAndUpdate({ _id: req.body.truckId}, {$set: {TLic: /*issue*/}}).then(createdDocs => {
res.status(201).json(createdDocs);
})
};
middleware:
module.exports = multer({ storage: storage }).fields([
{ name: "TLIC"},
{ name: "LIC" },
{ name: "CMRLIC" }
]);
Thanks in advance!
So, this is how you should save the file with multer. I am not sure which steps is confusing, but this is how you should do:
const multer = require("multer");
const storage = multer.diskStorage({
destination: function(req, file, cb) {
cb(null, './uploads'); // you can name the destination make sure it exists
},
filename: function (req, file, cb) {
cb(null , file.originalname);
}
});
// to save single files
//const upload = multer({ storage: storage }).single('fieldName')
// to save multiple files, you can also set limit
const upload = multer({ storage: storage }).array('fieldName')
app.post("/upload_files", upload.array("fieldName"), uploadFiles);
const uploadFiles = (req, res) => {
console.log(req.body);
console.log(req.files);
res.json({ message: "Successfully uploaded files" });
}
You can check here for more details.

UPLOAD FILE VULNERABILITY with multer

I am using multer to upload file in my application.
like: https://github.com/expressjs/multer/blob/master/README.md
Can path traversal vulnerability possible ? If yes then tell us how we can stop this?
Currenlty, I am using below code. I just want to confirm, Is there any file vulnerable risk? Please comment.
var storage = multer.diskStorage({
destination: function(req, file, cb) {
cb(null, 'uploads/');
},
filename: function (req, file, cb) {
console.log(file);
var ext = file.originalname.split('.').pop();
cb(null, Date.now() + '_' + file.originalname);
}});
const fileFilter = (req, file, cb) => {
// Accept or reject the file based on if MIME type is found in accepted list
if (acceptedMimeTypes.indexOf(file.mimetype) < 0) {
return cb("エラー:このタイプのファイルはアップロードできません。ZIP形式とLZH形式のファイルのみアップロードしてください。", false) // Error: You can't upload files of this type. Please upload images and zips only.
}
else {
return cb(null, true);
}
}
var upload = multer({ storage: storage, fileFilter: fileFilter, limits: { fileSize: 1024 * 1024 * 1 } }).single('file');
If there is any risk then please suggest me a better approach with expressjs multer.
You can modify the fileName using this code so no one can threaten you :
const storage = multer.diskStorage({
destination: './public',
filename(req, file, cb) {
cb(null, 'Your File Name');
},
});
and also you can make it dynamic using randomatic and time like this :
const storage = multer.diskStorage({
destination: './public',
filename(req, file, cb) {
cb(null, `${new Date().getTime()}`);
},
});

Resources