cffile action = "uploadAll"

Last update:

May 18, 2026

Description

Copies all files sent to the page in an HTTP request to a directory on the server.

Syntax

<cffile 

action = "uploadAll" 

allowedExtensions="comma-separated list of file extensions"

destination = "full pathname" 

accept = "list of MIME types" 

attributes = "file attribute or list" 

mode = "permission" 

nameConflict = "behavior" 

result = "result name"

ContinueOnError = "true|false"

Errors = Variable in which the file upload errors will be stored."

strict="true|false"

>

Note:

You can specify this tag's attributes in an attributeCollection attribute whose value is a structure. Specify the structure name in the attributeCollection attribute and use the tag's attribute names as structure keys.

History

ColdFusion (2018 release) Update 3, ColdFusion (2016 release) Update 10, ColdFusion 11 Update 18: Added the attribute allowedExtensions.

ColdFusion 11: Added the attributes ContinueOnError and Errors.

See the History section of the main cffile tag page.

Attributes

Attribute	Req/Opt	Default	Description
action	Required		Type of file manipulation that the tag performs.
allowedExtensions	Optional		A comma-separated list of file extensions, which will be allowed for upload. For example, .png, .jpg, or, .jpeg. You can use "*" (star) to allow all files, except where you specify the MIME type in the accept attribute. Values specified in the attribute allowedExtensions override the list of blocked extensions in the server or application settings.
destination	Required		Pathname of directory in which to upload the file. If not an absolute path (starting with a drive letter and a colon, or a forward or backward slash), it is relative to the ColdFusion temporary directory, which is returned by the GetTempDirectory function.
accept	Optional		Limits the MIME types to accept. It is a comma-delimited list. For example, the following code permits JPEG and Microsoft Word file uploads:"image/jpg,application/msword". When strict="true" If the mime type is specified in the accept attribute, the file does not get uploaded if the extension is blocked in the server or application settings. When strict="false" If you provide a file extension in the attribute accept, the extension overrides the blocked extension list in the server or application settings. The file then gets uploaded. If you provide a MIME type in the attribute accept, and the extension of the file you are trying to upload is blocked in the Administrator/Application-level settings, the file does not get uploaded. For example, If you have blocked file type CFM in the ColdFusion Administrator and specified accept=".cfm" in the tag, and when you try uploading a CFM file, the file gets uploaded. If you have blocked file type CFM in the ColdFusion Administrator and specified accept=”text/x-coldfusion” in the tag, and when you try uploading a CFM file, the file gets blocked. Values specified in the attribute allowedExtensions overrides the list of blocked extensions in the server or application settings.
attributes	Optional		Applies to Windows. A comma-delimited list of attributes to set on the file. If omitted, the file's attributes are maintained .Each value must be specified explicitly. For example, if you specify attributes = "readOnly", all other attributes are overwritten. readOnly hidden normal (if you use this option with other attributes, it is overridden by them)
mode	Optional		Applies only to UNIX and Linux. Permissions. Octal values of chmod command. Assigned to owner , group, and other, respectively, for example: 644: assigns read/write permission to owner ; read permission to group and other. 777: assigns read/write/execute permission to all.
nameConflict	Optional	Error	Action to take if filename is the same as that of a file in the directory. Error: file is not saved. ColdFusion stops processing the page and returns an error. Skip: file is not saved. This option permits custom behavior based on file properties. Overwrite: replaces file . MakeUnique: forms a unique filename for the upload. The name is stored in the serverFile field of the result structure for the file.
ContinueOnError	Optional	False	By default, when uploading one of the files fail, the remaining files will not be uploaded. If this value is set to true, file upload continues evern after encountering an upload error. A file upload error happens due to the following reasons: 1. Empty file 2. Invalid file type 3. Invalid MIME or extension 4. File already exists In the case of an upload failure, the error details will be stored in the errors attribute.
Errors	Optional	cffile .uploadAllErrors	The name of the variable in which the file upload errors will be stored. Errors will be populated in the specfied variable name when continueOnError is true .After the file upload is completed, this tag creates an array of structures that contains upload failure information for each upload failure. The upload failure information error structure contains the following fields: REASON - The reason for the failure DETAIL - File upload failure detail MESSAGE - A detailed message depicting the failure CLIENTFILE - Name of the file uploaded from the client's system CLIENTFILEEXT - Extension of the uploaded file on the client system (without a period) CLIENTFILENAME - Name of the uploaded file on the client system (without an extension) INVALID_FILE_TYPE - If the file mime type or extension is not in the specified accept attribute. If the reason is INVALID_FILE_TYPE, two additional keys will be available in the structure. ACCEPT: list of mime types or file extensions given in the tag MIMETYPE: mime type of the uploaded file EMPTY_FILE - If the uploaded file is an empty file FILE_EXISTS - If any file with the given name already exists in the destination and the overwritepolicy is error . DEST - The destination where file is copied FORM_FILE_NOT_FOUND - If the uploaded file is not found on the server
result	Optional		Lets you specify a name for the variable in which cffile returns the result (or status) parameters. If you do not specify a value for this attribute, cffile uses the prefix cffile . For more information, see Usage.
strict	Optional	True	strict="false" If you provide a file extension in the attribute accept, the extension overrides the blocked extension list in the server or application settings. The file then gets uploaded. If you provide a MIME type in the attribute accept, and the extension of the file you are trying to upload is blocked in the Administrator/Application-level settings, the file does not get uploaded. For example, If you have blocked file type CFM in the ColdFusion Administrator and specified accept=".cfm" in the tag, and when you try uploading a CFM file, the file gets uploaded. If you have blocked file type CFM in the ColdFusion Administrator and specified accept=”text/x-coldfusion” in the tag, and when you try uploading a CFM file, the file gets blocked. strict="true" If the mime type is specified in the accept attribute, the file does not get uploaded if the extension is blocked in the server or application settings. For example, if you have blocked file type CFM in the ColdFusion Administrator and specified accept=”text/x-coldfusion” and strict=”true”, and you try uploading a cfm file, the file does not get uploaded. Values specified in the attribute allowedExtensions overrides the list of blocked extensions in the server or application settings.

Usage

Unlike cffile action="upload", which uploads only one file at a time cf fileaction="uploadall" uploads multiple files thereby eliminating the need to code multiple cffile action="upload" statements. Use this tag in the page specified by the action attribute of a cffileupload control. This tag uploads save the files that the cffileupload control sends when the user clicks the Save File button. After a file upload is completed, this tag creates an array of structures specified by the result parameter. Each structure in the array contains upload result information for one file. For information on the result structure contents, see cffile action = "upload".

Note:

You can control the maximum file size of the upload by specifying the server Request Throttle Threshold or the Settings page of the Administrator Server Settings section.

Example

The following example copies files uploaded by a cffileupload tag to a temp directory.

<cfform action="#cgi.script_name#" enctype="multipart/form-data"> 

              <cfinput type="file" name="attachment1"> 

              <cfinput type="file" name="attachment2"> 

              <cfinput type="file" name="attachment3"> 

              <cfinput type="submit" name=" submit" value="submit"> 

</cfform>

<cfif isdefined("form.submit")> 

              <cffile 

                           action="uploadall" 

                           destination="#expandpath(".")#" 

                           nameconflict="MakeUnique" 

                           accept="image/png,image/gif,.png,.gif"                

                           strict="true"

                           result="fileUploaded"

                           allowedextensions=".png,.gif,.cfm" 

              >

              <cfloop array="#fileUploaded#" item="item">

                           <br><cfdump var="#filegetmimetype(item.serverdirectory&'/'&item.serverfile)#">

                           <br><a href="<cfoutput>#item.serverfile#</cfoutput>"><cfoutput>#item.serverfile#</cfoutput></a>

              </cfloop>

</cfif>

Was this page helpful?

We're glad. Tell us how this page helped.

Found the answer to my problem Understood the instructions Liked the feature

Other suggestions

We're sorry. Can you tell us what didn't work for you?

Didn't find the answer to my problem Couldn't understand the instructions Didn't like the feature

Other suggestions

Thank you for your feedback. Your response will help improve this page.

Was this helpful?

We are sorry the content didn't meet your needs.

Share additional feedback to help us improve.

0/255 | Character limit exceeded.

Thank you so much for sharing your feedback!