Let the platform do the work

Uploads

Overview

The upload directory is used to store files uploaded for imports, attachments, documents, and module loadable packages.

Uploads

The upload directory is used to store any files uploaded to Sugar. By default, anything uploaded to Sugar is stored in the ./upload/ directory. You can change this directory by updating the upload_dir configuration variable. Once uploaded, each file is stored in a subdirectory derived from the UUID filename. For example, the file 3657325a-bdd6-11eb-9a6c-08002723a3b8 will now be stored in the ./upload/25a/ subdirectory. These UID character locations were selected to ensure even distribution of files across the new subdirectories.

There are several file-size limits that affect uploads to Sugar:

Setting Name Location Description Default
upload_max_filesize php.ini Maximum allowed size for uploaded files 2 MB
post_max_size php.ini Maximum size of POST data that PHP will accept 8 MB
upload_maxsize config.php The maximum individual file size that users can upload to modules that support file uploads 30 MB
max_aggregate_email_attachments_bytes config.php The maximum allowed size of all uploaded attachments added together for a single email message 10 MB

The lowest of the first three values above will be respected when an oversized file is uploaded to Sugar. The first two settings are the PHP server's upload_max_filesize and post_max_size, which are configured in your system's php.ini file. The third setting is the Sugar configuration for upload_maxsize, which will restrict the upload limit from within Sugar without affecting any other applications that may be running on your server. This limit can be easily adjusted in Sugar via Admin > System Settings but is only useful if it is set to a size smaller than the php.ini limits.

Finally, the max_aggregate_email_attachments_bytes setting will permit users to upload files as email attachments according to the previous size limits but restrict users from uploading more files to a single message than its configuration permits.

Note: PHP-defined file size settings and the upload directory cannot be modified for instances hosted on Sugar's cloud service.

Upload Extensions

By default, several extension types are restricted due to security issues. Any files uploaded with these extensions will have '.txt' appended to it. The restricted extensions are listed below:

  • php
  • php3
  • php4
  • php5
  • pl
  • cgi
  • py
  • asp
  • cfm
  • js
  • vbs
  • html
  • htm

You can add or remove extensions to this list by modifying sugar configuration setting for upload_badext. You should note that this setting cannot be modified for instances hosted on Sugar's cloud service.

How Files Are Stored

Note Attachments

When a file is uploaded to Sugar attached to a note, the file will be moved to the upload directory with a GUID name matching that of the notes id. The attributes of the file, such as filename and file_mime_type, will be stored in the note record.

The SQL to fetch information about a notes attachment is shown below:

    SELECT filename, file_mime_type FROM notes;

Email Attachments

Email attachments are stored the same way as note attachments. When an email is imported to Sugar, the file will be moved to the upload directory with a GUID file name matching that of the notes id. The attributes of the file, such as filename and file_mime_type, will be stored in the note record and the note will have a parent_type of 'Emails'. This relates the attachment to the content of the email.

The SQL to fetch information about an emails attachment is shown below:

    SELECT filename, file_mime_type FROM notes INNER JOIN emails ON notes.parent_type = 'Emails' AND notes.parent_id = emails.id INNER JOIN emails_text ON emails.id = emails_text.email_id;

Picture Fields

Picture fields will upload the image to the upload directory with a GUID name and store the GUID in the database field on the record. An example of picture field can be found on the Contacts module.

For a contact, the id of the picture attachment can be found with the SQL below:

    SELECT picture FROM contacts;

Knowledge Base Attachments

When working with the Knowledge Base, files and images attached to the form will be created as a record in the /#EmbeddedFiles module. These files will be stored as <GUID> of EmbbededFiles record in the upload folder.
All other file enclosed to attachments field of KBContents will be also saved as Notes record in the upload folder.

The SQL to fetch information about a knowledge base attachment is shown below:

    select kb.id, kb.name, kb.revision, n.filename, n.file_mime_type, n.file_ext from notes n, kbcontents kb where n.parent_type = "KBContents" and n.parent_id = kb.id order by kb.name, kb.revision;

Module Loadable Packages

Module Loader packages are stored in the system differently than other uploads. They are uploaded to the ./upgrades/module/ directory with their original file name. The details of the package, such as installation status and description, are stored in the upgrade_history table.

The SQL to fetch information about an installed package is shown below:

    SELECT * FROM upgrade_history;

CSV Imports

When importing records into Sugar, the most recent uploaded CSV file is stored in the upload directory as IMPORT_<module>_<user id>. Once the import has been run, the results of the import are stored in ./upload/import/ directory using a predefined format using the current user's id. The files created will be as follows:

  • dupes_<user id>.csv : The list of duplicate records found during the import
  • dupesdisplay_<user_id>.csv : The HTML formatted CSV for display to the user after import
  • error_<user id>.csv : The list of errors encountered during the import
  • errorrecords_<user_id>.csv : The HTML formatted CSV for display to the user after import
  • errorrecordsonly_<user id>.csv : The list of records that encountered an error
  • status_<user id>.csv : Determines the status of the users import

Topics

The UploadFile class handles the various tasks when uploading a file.