Upload1.2

Uploading Concepts

All MediaFire Upload APIs conform to the Multipart MIME standard. As such, the file name is specified in the filename field of the Content-Disposition header. An example for such a header can be found below:

Request

POST http://www.mediafire.com/api/unversioned/upload/simple.php?uploadkey=5bb66g94blnnk&session_token=aa22f5a968f827daf69fd6b3515110c43e036bc5d2ed8b81657dd1bdfe4b4c3e3ea6757d1f47bc3d6a001a16bc6f25abb486c5e779328a5769bd9ed6064edb69 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
X-Filehash:564dc5e9541a494e966066da8b2392e2e70e2438e4fcf4b0058cd9249abc4e1d
X-Filesize:29278
X-Filetype:text/plain
Content-Type: multipart/form-data; boundary=---------------------------41184676334
Content-Length: 29278

-----------------------------41184676334


Summer vacation
-----------------------------41184676334
Content-Disposition: form-data; name="image1"; filename="GrandCanyon.jpg"
Content-Type: image/jpeg

(Binary data not shown)
-----------------------------41184676334--

In the example above, the custom headers X-Filesize and X-Filehash are supplied. While these headers are not required for all upload scenarios, their inclusion is strongly recommended as it will ensure a higher level of upload data integrity. Although it is not shown in this example, the custom header X-Filename is also supported. This will override the filename specified in the Content-Disposition header when Content-Type is application/octet-stream.

Upload Scenarios

Uploading a Small File
Any size file can be uploaded either as a single unit or as a "resumable" upload, likely split into chunks. Resumable uploading is highly recommended for larger files, especially when connectivity problems are expected (as with mobile devices). However, since the smallest possible chunk size is 4 MB, resumable uploads offer no real benefit for files under that size. Follow the instructions in this section to upload a file as a single unbroken unit, a "simple" upload.

Pass filename to upload/check to look for naming conflicts. A destination path will also need to be specified via folder_key or filedrop_key for the base, as well as an optional relative path including any subfolders that may need to be created.
If storage_limit_exceeded is returned as "yes", then the upload cannot be completed because the user lacks sufficient storage space.
If file_exists is returned as "yes", then there is a naming conflict that must be settled, probably by passing a user-specified value of action_on_duplicate to upload/simple.
Call upload/simple. An upload key should be returned under doupload.
Pass the upload key to upload/poll_upload every few seconds until it returns the quickkey of your newly uploaded file.

Uploading a Large File

The basic premise of a resumable upload is that a large file is broken up into several uniform chunks. Each of these units is essentially treated as a separate file for the purpose of uploading. When all of the units have been uploaded successfully, they are reassembled on the server side. If the upload is interrupted at some point, only the chunk(s) in the process of uploading at that moment will need to be restarted.

Pass filename to upload/check to look for naming conflicts. A destination path will also need to be specified via folder_key or filedrop_key for the base, as well as an optional relative path including any subfolders that may need to be created.
If storage_limit_exceeded is returned as "yes", then the upload cannot be completed because the user lacks sufficient storage space.
If file_exists is returned as "yes", then there is a naming conflict that must be settled, probably by passing a user-specified value of action_on_duplicate to upload/resumable.
Use the data returned under resumable_upload to split your file up into number_of_units chunks of unit_size bytes each.
For each chunk, call upload/resumable with appropriate header data. An upload key should be returned under doupload.
Pass the file's SHA-256 hash and size in bytes with resumable="yes" to ensure that all_units_ready is returned as "yes".
If all_units_ready is returned as "no", analyze bitmap to determine which units failed to upload. Repeat the last two steps until all_units_ready is returned as "yes".
Pass the upload key to upload/poll_upload every few seconds until it returns the quickkey of your newly uploaded file.

Resuming an Upload

If a resumable upload is not completed within three days, it will expire. If connectivity is lost during an upload, it can be resumed anytime within that three-day window by following these steps::

Pass the filename and path information to upload/check with resumable="yes". all_units_ready should be returned as "no".
If necessary, use the data returned under resumable_upload to split your file up into number_of_units chunks of unit_size bytes each.
Analyze bitmap to determine which units still need to be uploaded. This field is an array of 16-bit values. each value represents 16 chunks. Each bit indicates whether a unit is uploaded or not. For example, a value of 19, which is 10011 in binary, indicates that units 0, 1, and 4 are uploaded.
For each chunk, call upload/resumable with appropriate header data. An upload key should be returned under doupload.
Pass the file's SHA-256 hash and size in bytes to upload/check with resumable="yes" to ensure that all_units_ready is returned as "yes".
If all_units_ready is returned as "no", analyze bitmap to determine which units failed to upload. Repeat the last two steps until all_units_ready is returned as "yes".
Pass the upload key to upload/poll_upload every few seconds until it returns the quickkey of your newly uploaded file.

Decoding the Bitmap

Below is a JavaScript function that can be used to decode the bitmap returned by upload/check API :

/**

 * Decodes the bitmap returned by the upload/pre_upload api call (response.resumable_upload.bitmap)
 * Returns an array of units, the index being the unit's id and the value being a boolean indicating
 * whether the unit is uploaded or not
 */
function decodeBitmap(bitmap) {
    var uploadUnits = [];
    for (var i = 0; i < bitmap.count; i++) {
        var word = parseInt(bitmap.words[i], 10);
        var bin = word.toString(2);
        while(bin.length < 16) {
            bin = '0' + bin;
        }
        for (var b = 0; b < bin.length; b++) {
            uploadUnits[i*16 + b] = (bin[15 - b] == '1');
        }
    }<
    return uploadUnits;
}

// Let's assume the API returned a JSON response which contains a bitmap under (response.resumable_upload.bitmap) having 2 words with values 17 and 32.
bitmap = {count: 2, words: [17, 32]};

var unitUploaded = decodeBitmap(bitmap);

alert(unitUploaded[0]); // true
alert(unitUploaded[3]); // false
alert(unitUploaded[4]); // true
alert(unitUploaded[21]); // true
alert(unitUploaded[22]); // false

"Instant" Uploads
Before choosing between performing a simple upload or a resumable upload, a third possibility should be explored, which is highly preferable, but not always possible. If a file has been uploaded before, by any user, then it already exists in the cloud and there is no need to repeat the upload in full. In order to check the file to be uploaded against all the files in the cloud, a hash of the file must be computed client-side and sent along with the exact file size. This may be a time-consuming process for very large files, but the benefit of performing an instant upload is also proportionally greater.

On the initial call to upload/check, include a SHA-256 hash of the file and its size in bytes.
If hash_exists is returned as "yes", then call upload/instant.

Legacy MD5 hash
After calling upload/poll_upload API, you will receive the file data information including the hash. Although MD5 hash is deprecated, you may still get MD5 hash for certain files that already exist in our system. For these files, it is not possible to perform future instant uploads at this time. The reason for this discrepancy is the upload/instant API only accepts SHA256 hashes.

Updating an Existing File
If your upload is meant to overwrite a file that already exists in the cloud, you'll be referencing the file by quickkey instead of name and location. The technique varies depending on whether simple or resumable uploading is used.
For simple uploads:

Pass the file's SHA-256 hash and size in bytes to upload/check.
If hash_exists is returned as "yes", then pass the file's hash and size to upload/instant.
Otherwise, pass the file's quickkey to upload/update. An upload key should be returned under doupload.
Pass the upload key to upload/poll_upload every few seconds until it returns a result of '0' (success).

For resumable uploads:

Pass the file's SHA-256 hash and size in bytes to upload/check with resumable="yes".
If hash_exists is returned as "yes", then pass the file's hash and size to upload/instant.
Otherwise, use the data returned under resumable_upload to split your file up into number_of_units chunks of unit_size bytes each.
For each chunk, call upload/resumable with appropriate header data. An upload key should be returned under doupload.
Pass the file's SHA-256 hash and size in bytes to upload/check with resumable="yes" to ensure that all_units_ready is returned as "yes".
If all_units_ready is returned as "no", analyze bitmap to determine which units failed to upload. Repeat the last two steps until all_units_ready is returned as "yes".
Pass the upload key to upload/poll_upload every few seconds until it returns a result of '0' (success).

Applying a Patch to a File
If you have a delta file "diff" patch to apply to a file in the cloud, you'll need to hash the original file before the patch, the patch itself, and the complete file after the patch.

Pass the file's quickkey to upload/patch, along with the original file's hash ('source_hash'), the patched file's hash ('target_hash'), and the patched file's size in bytes ('target_size'). An upload key should be returned under doupload.
Pass the upload key to upload/poll_upload every few seconds until it returns a result of '0' (success).

For resumable uploads:

Pass the complete file's SHA-256 hash and size in bytes to upload/check.
If hash_exists is returned as "yes", then pass the file's hash and sizeto upload/instant.
Otherwise, pass the patch file's SHA-256 hash and size in bytes to upload/check.
Use the data returned under resumable_upload to split your patch file up into number_of_units chunks of unit_size bytes each.
For each chunk, call upload/resumable with appropriate header data, along with the original file's hash ('source_hash'), the patched file's hash ('target_hash'), and the patched file's size in bytes ('target_size'). An upload key should be returned under doupload.
Pass the patch file's SHA-256 hash and size in bytes to upload/check with resumable="yes" to ensure that all_units_ready is returned as "yes".
If all_units_ready is returned as "no", analyze bitmap to determine which units failed to upload. Repeat the last two steps until all_units_ready is returned as "yes".
Pass the upload key to upload/poll_upload every few seconds until it returns a result of '0' (success).

Patch uploads allow the client to upload a delta file (patch) to update the content of an existing file instead of uploading the entire file. To update a file with a patch, four additional GET arguments need to be passed:

quick_key : The quickkey of the file being patched/updated.
source_hash : The hash of the file being patched/updated.
target_hash : A SHA-256 check-sum of the target file.
target_size : The size of the target file.

The patch file should be created on the client-side using the same algorithm used by xdelta 3. Please check http://xdelta.org/ for more details.

Add Web Upload

GET http://www.mediafire.com/api/1.2/upload/add_web_upload.php

POST http://www.mediafire.com/api/1.2/upload/add_web_upload.php

Description : Adds a new web upload and returns the Upload Key on success.

Required Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).
url : The URL of the file you wish to be placed into your MediaFire account.
filename : The name you want MediaFire to assign to the file from the given URL.

Relative Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

folder_key : The key that identifies the destination folder. If not passed, then it will return the root folder (session token is then required).
response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
upload_key	An alpha-numeric key used with upload/poll_upload to determine the status of the file upload.	string
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/1.2/upload/add_web_upload.php?session_token=0123456789012345678901234567890123456789&url=http%3A%2F%2Fwww.website.com%2Frevenue_2013.doc&filename=mydocument.doc

Response

<response>
  <action>upload/add_web_upload</action>
  <upload_key>kf94jf5ndp</upload_key>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 2 (Success with JSON):

Request

http://www.mediafire.com/api/upload/add_web_upload.php?url=http%3A%2F%2Fwww.website.com%2Frevenue_2013.doc&filename=mydocument.doc&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response:

{
  "response": {
    "action": "upload/add_web_upload",
    "upload_key": "kf94jf5ndp",
    "result": "Success",
    "current_api_version": "2.14"
  }
}

Check

GET http://www.mediafire.com/api/1.2/upload/check.php

POST http://www.mediafire.com/api/1.2/upload/check.php

Description: Checks if a duplicate filename exists in the destination folder and verifies folder permissions for non-owner uploads. When a hash is supplied, hash_exists is returned to indicate whether an instant upload is possible. Several flags are returned, which can be "yes" or "no": file_exists (with the same name and location), different_hash (if file_exists), hash_exists (somewhere in the cloud), in_account (if hash_exists), and in_folder (if hash_exists). If a path is supplied, a folder_key will also be returned to be used for a subsequent upload. If resumable is supplied as "yes", a resumable upload will be initiated, and resumable_upload will be returned containing the relevant data.

Note: Added a upload_key property which appears if a resumable upload is in progress.

Required Parameters:

filename : File name is required to be UTF-8 encoded. Filename is not required if both hash and size are passed.

Relative Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).
signature : This is the call signature that is required to authenticate a type 2 session token transaction.
size : File size in bytes. This needs to be passed if hash is passed. Required if resumable="yes".
hash : SHA-256 hash of the file. If not passed, no content checks can be made. Required if resumable="yes".

Optional Parameters:

folder_key: The destination folder to store the file. If it's not passed, then the file will be stored in the root folder.
filedrop_key : This is the key of the file drop to upload to. This parameter is honored only if folder_key is not passed.
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will not be created by this call.
resumable : Indicates whether this upload can be resumed. 'yes' or 'no' (default 'no').
response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
hash_exists	The file already exists, by hash, somewhere in the cloud and can be instant uploaded. Returned only if hash was passed to the API.	yes/no flag
in_account	The file already exists, by hash, in the account. Returned only if hash_exists=yes.	yes/no flag
in_folder	The file already exists, by hash, in the folder. Returned only if hash_exists=yes.	yes/no flag
file_exists	The file already exists, by name, in the target destination.	yes/no flag
different_hash	The file already exists, by name, in the target destination but has a different hash. Returned only if file_exists=yes.	yes/no flag
duplicate_quickkey	The quickkey of the duplicate file.	string
available_space	The amount of available space in the user's account	string
used_storage_size	The amount of storage used	string
storage_limit	The storage limit for the user's account	string
storage_limit_exceeded	'yes' or 'no'	yes/no flag
all_units_ready	Appears if a resumable upload is in progress under the subheading "resumable_upload". Indicates if the upload is ready for a resumable upload. 'yes' or 'no'	yes/no flag
number_of_units	Appears if a resumable upload is in progress under the subheading "resumable upload". Indicates the number of units that will upload.	integer
unit_size	Appears if a resumable upload is in progress under the subheading "resumable upload". Indicates the size of each unit that will upload.	integer
count	Appears if a resumable upload is in progress under subheading "bitmap". Indicates the number of words in the words property.	integer
word	Appears if a resumable upload is in progress under subheading "words" which is under subheading "bitmap". Contains a set of integers, each of which represent a 16-bit word.	list of integers
upload_key	Appears if a resumable upload is in progress. An alpha-numeric key used with upload/poll_upload to determine the status of the file upload.	string
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (The file already exists with XML):

Request

http://www.mediafire.com/api/upload/check.php?filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1

Response

<response>
  <action>upload/check</action>
  <hash_exists>yes</hash_exists>
  <in_account>yes</in_account>
  <in_folder>yes</in_folder>
  <file_exists>yes</file_exists>
  <different_hash>no</different_hash>
  <duplicate_quickkey>32d392v90o3pvd3</duplicate_quickkey>
  <available_space>205819035105</available_space>
  <used_storage_size>70132613663</used_storage_size>
  <storage_limit>275951648768</storage_limit>
  <storage_limit_exceeded>no</storage_limit_exceeded>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 2 (The file already exists with JSON):

Request

http://www.mediafire.com/api/upload/check.php?filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/check",
    "hash_exists": "yes",
    "in_account": "yes",
    "in_folder": "yes",
    "file_exists": "yes",
    "different_hash": "no",
    "duplicate_quickkey": "32d392v90o3pvd3",
    "available_space": "205819035105",
    "used_storage_size": "70132613663",
    "storage_limit": "275951648768",
    "storage_limit_exceeded": "no",
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Example 3 (The user has run out of storage space with XML):

Request

http://www.mediafire.com/api/1.2/upload/check.php?session_token=123456789012345678901234567890123456789012345678901234567890&filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221

Response

<response>
  <action>upload/check</action>
  <hash_exists>no</hash_exists>
  <file_exists>no</file_exists>
  <available_space>0</available_space>
  <used_storage_size>54882441579</used_storage_size>
  <storage_limit>53687091200</storage_limit>
  <storage_limit_exceeded>yes</storage_limit_exceeded>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 4 (The user has run out of storage space with JSON):

Request

http://www.mediafire.com/api/upload/check.php?filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/check",
    "hash_exists": "no",
    "file_exists": "no",
    "available_space": "0",
    "used_storage_size": "54882441579",
    "storage_limit": "53687091200",
    "storage_limit_exceeded": "yes",
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Example 5 (This is a resumable upload with XML):

Request

http://www.mediafire.com/api/1.2/upload/check.php?session_token=123456789012345678901234567890123456789012345678901234567890&filename=my_document.doc&hash=68dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&resumable=yes

Response

<response>
  <action>upload/check</action>
  <hash_exists>no</hash_exists>
  <file_exists>no</file_exists>
  <resumable_upload>
    <all_units_ready>no</all_units_ready>
    <number_of_units>28</number_of_units>
    <unit_size>2097152</unit_size>
    <bitmap>
      <count>2</count>
      <words>
        <word>0</word>
        <word>0</word>
      </words>
    </bitmap>
    <upload_key>w3f7gsd7f6g</upload_key>
  </resumable_upload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 6 (This is a resumable upload with JSON):

Request

http://www.mediafire.com/api/upload/check.php?filename=my_document.doc&hash=68dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&resumable=yes&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/check",
    "hash_exists": "no",
    "file_exists": "no",
    "resumable_upload": {
      "all_units_ready": "no",
      "number_of_units": "28",
      "unit_size": "2097152",
      "bitmap": {
        "count": "2",
        "words": [
          "0",
          "0"
        ]
      },
      "upload_key":"0slhjrkkmst"
    },
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Example 7 (A resumable upload that is in progress with XML; It will also return an uploadkey.):

Request

http://www.mediafire.com/api/upload/check.php?filename=my_document.doc&hash=68dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=2097152&resumable=yes&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1

Response

<response>
  <action>upload/check</action>
  <hash_exists>no</hash_exists>
  <file_exists>no</file_exists>
  <resumable_upload>
    <all_units_ready>no</all_units_ready>
    <number_of_units>28</number_of_units>
    <unit_size>2097152</unit_size>
    <bitmap>
      <count>2</count>
      <words>
        <word>0</word>
        <word>0</word>
      </words>
    </bitmap>
    <upload_key>w3f7gsd7f6g</upload_key>
  </resumable_upload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 8 (A resumable upload that is in progress with JSON; It will also return an uploadkey.):

Request

http://www.mediafire.com/api/upload/check.php?filename=my_document.doc&hash=68dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=2097152&resumable=yes&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/check",
    "hash_exists": "no",
    "file_exists": "no",
    "resumable_upload": {
      "all_units_ready": "no",
      "number_of_units": "28",
      "unit_size": "2097152",
      "bitmap": {
        "count": "2",
        "words": [
          "1258",
          "495"
        ]
      },
      "upload_key":"w3f7gsd7f6g"
    },
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Get Options

GET http://www.mediafire.com/api/1.2/upload/get_options.php

POST http://www.mediafire.com/api/1.2/upload/get_options.php

Description: Get upload preferences. Preferences include the following data: disable_flash, disable_html5, disable_instant, action_on_duplicate, used_storage_size, storage_limit, and storage_limit_exceeded.

Required Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).

Relative Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
disable_flash	Indicates the availability of using the Adobe flash based client-side uploader. 'yes' or 'no'.	yes/no flag
disable_html5	Indicates the availability of using the HTML5 based client-side uploader. 'yes' or 'no'.	yes/no flag
disable_instant	Indicates the availability of performing "instant" uploads. 'yes' or 'no'.	yes/no flag
action_on_duplicate	Specifies the default action to take when the file already exists, by name, in the destination folder. skip, keep, replace.	string
used_storage_size	The amount of storage space, in bytes, the session user's files are currently occupying.	integer
storage_limit	The total amount of storage space, in bytes, available to the session user.	integer
storage_limit_exceeded	Indicates if the session user's files are occupying more space than is available to the user. 'yes' or 'no'.	yes/no flag
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/1.2/upload/get_options.php?session_token=0123456789012345678901234567890123456789

Response

<response>
  <action>upload/get_options</action>
  <disable_flash>no</disable_flash>
  <disable_html5>yes</disable_html5>
  <disable_instant>yes</disable_instant>
  <action_on_duplicate>keep</action_on_duplicate>
  <used_storage_size>2917435403</used_storage_size>
  <storage_limit>268435456000</storage_limit>
  <storage_limit_exceeded>no</storage_limit_exceeded>
  <result>Success</result>
  <current_api_version>2.12</current_api_version>
</response>

Example 2 (Success with JSON):

Request

http://www.mediafire.com/api/upload/get_options.php?session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/get_options",
    "disable_flash": "no",
    "disable_html5": "yes",
    "disable_instant": "yes",
    "action_on_duplicate": "keep",
    "used_storage_size": "2917435403",
    "storage_limit": "268435456000",
    "storage_limit_exceeded": "no",
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Get Web Uploads

GET http://www.mediafire.com/api/1.2/upload/get_web_uploads.php

POST http://www.mediafire.com/api/1.2/upload/get_web_uploads.php

Description: Returns a list of web uploads currently in progress or all web uploads.

Note: Quickkey is now returned in the response.

Required Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).

Relative Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

all_web_uploads : Whether to return all web uploads in the queue, both in progress and completed. Returns all available file information for the uploads. If not set to yes, only active uploads will be returned. Values: no (default) or yes.
upload_key : The upload key for the current upload obtained in the response from upload/add_web_upload, upload/get_web_uploads, upload/patch, upload/resumable, upload/simple, upload/update.
response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
upload_key	An alpha-numeric key used with upload/poll_upload to determine the status of the file upload.	string
active	Indicates if the web upload is active: 'yes' or 'no'	yes/no flag
quickkey	The quickkey of the web upload	string
filename	The file name of the web upload	string
created	The date and time of the web upload	string timestamp
status_code	A numerical code indicating the upload's status	integer
status	A description of the upload's status	string
url	The url of the web upload	string
eta	The amount of time left for the web upload to complete uploading	string
size	The size of the web upload in bytes	integer
percentage	The amount, in percent, of the web upload which has uploaded	integer
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/1.2/upload/get_web_uploads.php?session_token=0123456789012345678901234567890123456789&all_web_uploads=yes

Response

<response>
  <action>upload/get_web_uploads</action>
  <web_uploads>
    <web_upload>
      <uploadkey>1buf74mkf8</uploadkey>
      <active>yes</active>
      <quickkey>94nh8c985029cn2</quickkey>
      <filename>presentation_2013.ppt</filename>
      <created>2013-03-04 01:30:12</created>
      <status_code>3</status_code>
      <status>Transfer is in progress</status>
      <url>https://plsx.google.com/pl/us/en/dd?f=mnv45kj23vm52nbm52b45vm245&sr=s611</url>
      <eta>1.27 minutes</eta>
      <size>350852621</size>
      <percentage>36</percentage>
    </web_upload>
    <web_upload>
      <uploadkey>podf2b4yiz</uploadkey>
      <active>no</active>
      <quickkey>xmscvth3nc394y5</quickkey>
      <filename>FireFox.4.0.rar</filename>
      <created>2013-03-05 15:37:20</created>
      <status_code>6</status_code>
      <status>Verifying transfer</status>
      <url>https://www.download.com/xyd2h7pni897omy/dl.php?to=dR09BH3UYQPuYHsWefdFu2IReu2DtWOkKO7g&rand=6987641</url>
      <eta>Transfer completed</eta>
      <size>310597201</size>
      <percentage>100</percentage>
    </web_upload>
  </web_uploads>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 2 (Success with JSON):

Request

http://www.mediafire.com/api/1.2/upload/get_web_uploads.php?all_web_uploads=yes&session_token=e6829fe5892012154097c19ed0635741a6269cbe5dec2a5ae600b2d70e64b45afd03e00cd15ca0d8d17c2348933894db1ef00dda21bd098d6ba1f51f5e82f7a1a28b454f1bd399ae&response_format=json

Response:

{
  "response": {
    "action": "upload/get_web_uploads",
    "web_uploads": [
      {
        "uploadkey": "1buf74mkf8",
        "active": "yes",
        "quickkey": "94nh8c985029cn2",
        "filename": "presentation_2013.ppt",
        "created": "2013-03-04 01:30:12",
        "status_code": "3",
        "status": "Transfer is in progress",
        "url": "https://plsx.google.com/pl/us/en/dd?f=mnv45kj23vm52nbm52b45vm245&sr=s611",
        "eta": "1.27 minutes",
        "size": "350852621",
        "percentage": "36"
      },
      {
        "uploadkey": "podf2b4yiz",
        "active": "no",
        "quickkey": "xmscvth3nc394y5",
        "filename": "FireFox.4.0.rar",
        "created": "2013-03-05 15:37:20",
        "status_code": "6",
        "status": "Verifying transfer",
        "url": "https://www.download.com/xyd2h7pni897omy/dl.php?to=dR09BH3UYQPuYHsWefdFu2IReu2DtWOkKO7g&rand=6987641",
        "eta": "Transfer completed",
        "size": "310597201",
        "percentage": "100"
      }
    ],
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Instant

POST http://www.mediafire.com/api/1.2/upload/instant.php

Description: Attempts to match the hash and size of a file with an existing file in the could and "upload" to the user's account by copying this already uploaded file. Returns a quickkey on successful instant upload.

Required Parameters:

size : File size in bytes. This needs to be passed if hash is passed. Required if resumable="yes".
hash : SHA-256 hash of the file. If not passed, no content checks can be made. Required if resumable="yes".

Relative Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).
filename : File name is required to be UTF-8 encoded. Filename is not required if both hash and size are passed.
signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

quick_key : To update an existing file, pass its quickkey.
folder_key: The destination folder to store the file. If it's not passed, then the file will be stored in the root folder.
filedrop_key : This is the key of the file drop to upload to. This parameter is honored only if folder_key is not passed.
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will not be created by this call.
action_on_duplicate : When a file with the same name is encountered in the same folder, this determines how the conflict is resolved. Possible values are "skip" to ignore the upload (default), "keep" to keep both files with a new one with a number appended, and "replace" to overwrite the old file adding to its version history.
mtime : Date-time used as the creation time of the file. If not passed the current server time is used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php
version_control : Specify version control. This takes effect only on a file update. Can take the following values: "keep_revision" (default), to keep the version being updated, and "none", to overwrite the version being updated.
previous_hash : This is the hash of the last known version of the file before it was modified. This parameter can only be used on update uploads, that is, when passing quickkey to overwrite an existing file on the cloud. If the previous hash is different from the current version on the cloud, then there is a conflict, and the file will be uploaded as a new file with a new quickkey and filename.
response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
quickkey	The quickkey of the web upload	string
filename	The file name of the web upload	string
revision	The revision number of the file	integer
epoch	[DEPRECATED]	integer
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Uploading a new file with XML):

Request

http://www.mediafire.com/api/1.2/upload/instant.php?session_token=6b6476c0c4f100310f0ae0a9800b8ba839341e6767c3c1a6290a8da3f8a9023d091775c72ad536d9ef4017f990c5fb3d1d242b1b53debe54a0dcf51d931ec0a2af425480d9f74758&filename=whatever.gif&hash=48e1d9e64608ec4d720e5d325b8ddbfcda82edc10a347c3307fedd464f39cee7&size=271228&folder_key=1m5v2f6hdtsa9

Response

<response>
  <action>upload/instant</action>
  <quickkey>32d392v90o3pvd3</quickkey>
  <filename>whatever.gif</filename>
  <newrevision>
    <revision>456222</revision>
    <epoch>1392312822</epoch>
  </newrevision>
  <newfolderrevision>
    <revision>123</revision>
    <epoch>1392670667</epoch>
  </newfolderrevision>
  <result>Success</result>
  <device_revision>22551</device_revision>
  <current_api_version>1.2</current_api_version>
</response>

Example 2 (Uploading a new file with JSON):

Request

http://www.mediafire.com/api/upload/instant.php?filename=whatever.gif&hash=48e1d9e64608ec4d720e5d325b8ddbfcda82edc10a347c3307fedd464f39cee7&size=271228&folder_key=1m5v2f6hdtsa9&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/instant",
    "quickkey": "32d392v90o3pvd3",
    "filename": "whatever.gif",
    "newrevision": {
      "revision": "456222",
      "epoch": "1392312822"
    },
    "newfolderrevision": {
      "revision": "123",
      "epoch": "1392670667"
    },
    "result": "Success",
    "device_revision": "22551",
    "current_api_version": "1.2"
  }
}

Example 3 (Updating an existing file with XML):

Request

http://www.mediafire.com/api/1.2/upload/instant.php?session_token=6b6476c0c4f100310f0ae0a9800b8ba839341e6767c3c1a6290a8da3f8a9023d091775c72ad536d9ef4017f990c5fb3d1d242b1b53debe54a0dcf51d931ec0a2af425480d9f74758&hash=a342ebb034db724498457f0fab9d9336eb8cd2acd9e11c6502ca614f74a7de69&size=728508&quickkey=32d392v90o3pvd3&folder_key=1m5v2f6hdtsa9

Response

<response>
  <action>upload/instant</action>
  <quickkey>32d392v90o3pvd3</quickkey>
  <filename>whatever.gif</filename>
  <newrevision>
    <revision>456222</revision>
    <epoch>1392312822</epoch>
  </newrevision>
  <newfolderrevision>
    <revision>123</revision>
    <epoch>1392670667</epoch>
  </newfolderrevision>
  <result>Success</result>
  <device_revision>22554</device_revision>
  <current_api_version>1.2</current_api_version>
</response>

Example 4 (Updating an existing file with JSON):

Request

http://www.mediafire.com/api/upload/instant.php?hash=a342ebb034db724498457f0fab9d9336eb8cd2acd9e11c6502ca614f74a7de69&size=728508&quick_key=32d392v90o3pvd3&folder_key=1m5v2f6hdtsa9&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/instant",
    "quickkey": "32d392v90o3pvd3",
    "filename": "whatever.gif",
    "newrevision": {
      "revision": "456222",
      "epoch": "1392312822"
    },
    "newfolderrevision": {
      "revision": "123",
      "epoch": "1392670667"
    },
    "result": "Success",
    "device_revision": "22554",
    "current_api_version": "1.2"
  }
}

Example 5 (Uploading a new file when a file already exists with that name with XML):

Request

http://www.mediafire.com/api/1.2/upload/instant.php?session_token=0123456789012345678901234567890123456789&all_web_uploads=yes

Response

<response>
  <action>upload/instant</action>
  <quickkey>u4azx8jq238p75l</quickkey>
  <filename>whatever(2).gif</filename>
  <newrevision>
    <revision>456222</revision>
    <epoch>1392312822</epoch>
  </newrevision>
  <newfolderrevision>
    <revision>124</revision>
    <epoch>1392670667</epoch>
  </newfolderrevision>
  <result>Success</result>
  <device_revision>22559</device_revision>
  <current_api_version>1.2</current_api_version>
</response>

Example 6 (Uploading a new file when a file already exists with that name with JSON):

Request

http://www.mediafire.com/api/upload/instant.php?filename=whatever.gif&hash=48e1d9e64608ec4d720e5d325b8ddbfcda82edc10a347c3307fedd464f39cee7&size=271228&folder_key=1m5v2f6hdtsa9&action_on_duplicate=keep&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/instant",
    "quickkey": "u4azx8jq238p75l",
    "filename": "whatever(2).gif",
    "newrevision": {
      "revision": "456222",
      "epoch": "1392312822"
    },
    "newfolderrevision": {
      "revision": "124",
      "epoch": "1392670667"
    },
    "result": "Success",
    "device_revision": "22559",
    "current_api_version": "1.2"
  }
}

Patch

POST http://www.mediafire.com/api/1.2/upload/patch.php

Description: Update an existing file in the user's account with a patch. The uploaded patch will be used to patch the existing file to generate a new file that will override the patched file. This API returns the upload key when successful. You will have to pass this key to upload/poll_upload.php to check the final result of the patch update upload. Please refer to the documentation about the API upload/poll_upload for more details.

Note: This API currently returns a Content-Type=text/xml header even when the response is in JSON format.

Required Parameters:

POST Body
The content(binary data) of the patch file to upload. The patch file should be created on the client-side using the same algorithm used by xdelta 3. Please check http://xdelta.org/ for more details.

URL Query Data

session_token : A session access token to authenticate the user's current session.
quick_key : The file key of a file already in the session user's account. This file will be updated utilizing the uploaded patch file.
source_hash : The hash of the file to be patched.
target_hash : The expected hash of the target file. A SHA256 check-sum of the target file.
target_size : The expected size of the target file.

Header Data

Content-Type : Either "application/octet-stream" or "multipart/form-data + boundary".

Relative Parameters:

URL Query Data

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Header Data

x-filename : The name plus extension of the patch file being uploaded. The name should be 3 to 255 characters in length and UTF-8 encoded. Required and only used for Content-Type: "application/octet-stream".
x-filesize : The size, in bytes, of the patch file being uploaded. Required and only used for Content-Type: "application/octet-stream".

Optional Parameters:

URL Query Data

mtime : The date/time of the update. If not set, the current server time will be used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php
version_control : Specifies if file versions are made and, if so, what type. If quickkey is not passed or action_on_duplicate is not replace this parameter is ignored. create_patches creates the new version and maintains patches to the updated version, keep_revision creates the new version and maintains the updated version as a full file, none creates the new version and maintains no patches or full files of the updated version. create_patches(default), keep_revision, none.
previous_hash : The hash of the last known version of the file before it was modified. If quickkey is not passed or action_on_duplicate is not replace this parameter is ignored. If previous_hash does not match the cloud file's hash the file will be uploaded as a new file with a new quickkey and file name. DEPRECATED
response_format : xml(default) or json.

Response Properties

Name	Description	Type
key	The upload key of the file. (this appears under the subheading 'doupload')	string
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string
result	Indicates the success or failure of calling this API: '0' = Success. See note below for additional result responses (this appears under the subheading 'doupload')	integer

Additional Result Responses

-14: Upload failed because the folder specified does not exist.
-31, -40: Unknown upload error.
-32: Missing file data.
-41: The uploaded file exceeds the upload_max_filesize.
-42: The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
-43: The uploaded file was only partially uploaded.
-44: No file was uploaded.
-45: Missing a temporary folder.
-46: Failed to write file to disk.
-47: A PHP extension stopped the file upload.
-48: Invalid file size.
-49: Missing file name.
-51: File size does not match size on disk.
-90: The supplied hash does not match the actual hash of the file.
-99: Missing or invalid session token.
-203: Invalid quickkey or file does not belong to session user.
-204: User does not have write permissions to this file.
-205: User does not have write permissions to the destination folder.
-206: The destination folder has been moved to the Trash.
-701, -881: Maximum file size for free users exceeded.
-700, -882: Maximum file size exceeded.
-10, -12, -26, -50, -52, -53, -54, -70, -71, -80, -120, -122, -124, -140, -200: Internal server error.

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Request using an HTML form XML)

Request

<form method="POST" enctype="multipart/form-data" encoding="multipart/form-data" action="http://www.mediafire.com/api/1.2/upload/patch.php?quickkey=d48npvto349n5vp&source_hash=db0db0d90bcfd98b087b03720d70d987bc0987bc02e97b0220db70d297bc29b9&target_hash=c61098bfe4e40dc5bd3643d3cb4d95cdbdfb22dfc2dc7f64527d6fcdfcbd7fcb&target_size=64522&session_token=123456789012345678901234567890123456789012345678901234567890">
    <input type="file" name="Filedata" />
    <input type="submit" />
</form>

Response

<response>
  <action>upload/patch</action>
  <doupload>
    <result>0</result>
    <key>5gpwdo7p59g</key>
  </doupload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Poll Upload

GET http://www.mediafire.com/api/1.2/upload/poll_upload.php

POST http://www.mediafire.com/api/1.2/upload/poll_upload.php

Description: Check for the status of a current Upload. This can be called after using any of the upload family of APIs which return an upload key. Use the key returned (response.doupload.key) to request the status of the current upload. Keep calling this API every few seconds until you get the status value 99 which means that the upload is complete. The quickkey of the file and other related information is also returned when the upload is complete.

Required Parameters:

key : The key from the current upload, returned after using any of the upload family of APIs which return an upload key.

Relative Parameters:

none

Optional Parameters:

response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
result	This appears under the subheading "doupload". Indicates the success or failure of calling this API: '0' = Success, '-20' = Invalid Upload Key, & '-80' = Upload Key not Found.	integer
status	This appears under the subheading "doupload". Indicates the success or failure of the file data transfer(upload): '2' = Key is ready for use, '3' : Upload is in progress, '4' = Upload is completed, '5' = Waiting for verification, '6' = Verifying File, '11' = Finished verification, '17' = Upload is in progress, '18' = Waiting for assembly, '19' = Assembling File, '99' = No more requests for this key, '0' - Unknown or no status available for this key	integer
description	This appears under subheading the "doupload". This is a descriptive status of the poll upload.	string
quickkey	This appears under the subheading "doupload". The quickkey of the file.	string
size	This appears under the subheading "doupload". The size of the file.	string
revision	This appears under the subheading "doupload". The revision of the file.	string
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string
fileerror	see note below for more information	integer

Note: Fileerror specifies a problem with the uploaded file or a process after the upload completed. Below are the bit meanings:

1 : File is larger than the maximum filesize allowed
2 : File size cannot be 0
3 : Found a bad RAR file
4 : Found a bad RAR file
5 : Virus found
6 : Unknown internal error
7 : File hash or size mismatch
8 : Unknown internal error
9 : Found a bad RAR file
10 : Unknown internal error
12 : Failed to insert data into database
13 : File name already exists in the same parent folder, skipping
14 : Destination folder does not exist
15 : Account storage limit is reached
16 : There was a file update revision conflict
17 : Error patching delta file
18 : Account is blocked
19 : Failure to create path

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/upload/poll_upload.php?key=cl66s5mhas6

Response

<response>
    <action>upload/poll_upload</action>
    <doupload>
        <result>0</result>
        <status>99</status>
        <description>No more requests for this key</description>
        <fileerror/>
        <quickkey>l86be19e1nrla8p</quickkey>
        <size>1334903</size>
        <revision>456222</revision>
    </doupload>
    <result>Success</result>
    <current_api_version>1.2</current_api_version>
</response>

Example 2 (Success with JSON):

Request

http://www.mediafire.com/api/upload/poll_upload.php?key=cl66s5mhas6&response_format=json

Response

{
  "response": {
    "action": "upload/poll_upload",
    "doupload": {
      "result": "0",
      "status": "99",
      "description": "No more requests for this key",
      "quickkey": "l86be19e1nrla8p",
      "size": "1334903",
      "revision": "456222"
    },
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Pre Upload (deprecated)

GET http://www.mediafire.com/api/1.2/upload/pre_upload.php

POST http://www.mediafire.com/api/1.2/upload/pre_upload.php

Deprecated. Use upload/check and upload/instant instead.

Description: Determines if instant upload is possible, if a duplicate filename exists in the destination folder, and also verifies folder permissions for non-owner uploads. This returns a 'quickkey' on successful instant upload. Otherwise, 'new_hash' and 'duplicate_name' are returned, which can be 'yes' or 'no'. Based on those values, the uploader performs a regular upload or resends the same pre_upload request with the desired action. If 'path' is specified and an instant upload was not possible, the 'folder_key' will also be returned to be used for a regular upload.View a flow chart of the upload process.

Note: This API returns text/xml content-type regardless of whether you request 'XML' or a 'JSON' response format. It is important to note that even though the content-type field is incorrect, the payload will conform to the requested type."

Required Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).
filename : File name UTF-8 encoded. This is not required if quick_key and hash are passed.

Optional Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.
hash : SHA256 hash of file, if not passed, only duplicate name is checked.
size : File size. This must passed if hash is passed.
mtime : The date/time of the update. If not set, the current server time will be used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php
upload_folder_key : The folderkey of the folder you wish to upload your file to. If not passed, the destination folder is the root folder.
quick_key : To update an existing file, pass the quickkey of that file. A file update requires hash to be passed too, otherwise quick_key is ignored.
filedrop_key : This is the key of the file drop to upload to. This parameter is honored only if upload_folder_key is not passed.
action_on_duplicate : This is used in the case where there are duplicate file names in the same upload folder. The values are 'keep' (default) (to keep both files with the same name, the new file will have a numeric digit added to it), 'skip' (this will ignore the upload), and 'replace' (this will override the original file with the new file).
resumable : In the circumstance of the upload being interrupted, this indicates whether this upload can be resumed. 'yes' or 'no' (default 'no').
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will not be created by this call.
response_format : 'xml' or 'json' (default 'xml')

Errors:

114 - Non-owner upload does not have write permissions to the folder.

Example 1:

Request

http://www.mediafire.com/api/1.2/upload/pre_upload.php?session_token=123456789012345678901234567890123456789012345678901234567890&filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&upload_folder_key=f7a1ec50dcbbe&action_on_duplicate=replace

Response

<response>
  <action>upload/pre_upload</action>
  <newrevision>
      <revision>12</revision>
      <epoch>1352305437</epoch>
  </newrevision>
  <newfolderrevision>
      <revision>79</revision>
      <epoch>1352305451</epoch>
  </newfolderrevision>
  <quickkey>276hrbqba55zz7h</quickkey>
  <device_revision>123</device_revision>
     <deprecated>yes</deprecated>
  <result>Success</result>
  <current_api_version>2.12</current_api_version>
</response>

Example 2:

Request

http://www.mediafire.com/api/1.2/upload/pre_upload.php?session_token=123456789012345678901234567890123456789012345678901234567890&filename=my_document.doc&hash=68dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221&resumable=yes

Response

<response>
  <action>upload/pre_upload</action>
  <new_hash>yes</new_hash>
  <duplicate_name>no</duplicate_name>
  <resumable_upload>
    lt;all_units_ready>no</all_units_ready>
    <number_of_units>28</number_of_units>
    <unit_size>2097152</unit_size>
    <bitmap>
        <count>2</count>
        <words>
            <word>1258</word>
            <word>495</word>
        </words>
    </bitmap>
  </resumable_upload>
  <deprecated>yes</deprecated>
  <result>Success</result>
  <current_api_version>2.12</current_api_version>
</response>

Example 3 (In this example, we assume that the user has run out of storage space):

Request

http://www.mediafire.com/api/1.2/upload/pre_upload.php?session_token=123456789012345678901234567890123456789012345678901234567890&filename=uploaded%5fby%5fhash%2ezip&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&size=34221

Response

<response>
  <action>upload/pre_upload</action>
  <duplicate_name>no</duplicate_name>
  <used_storage_size>54882441579</used_storage_size>
  <storage_limit>53687091200</storage_limit>
  <storage_limit_exceeded>yes</storage_limit_exceeded>
  <deprecated>yes</deprecated>
  <result>Success</result>
  <current_api_version>2.12</current_api_version>
</response>

Resumable

POST http://www.mediafire.com/api/1.2/upload/resumable.php

Definition: Uploading large files through upload/simple can take a long time. Additionally, if it fails, re-uploading the file starts from the beginning. With a resumable upload you can upload the file in small units or chunks. Therefore, if one unit fails to upload, only that unit is re-uploaded. upload/resumable can only be called after a call to upload/check which will then initiate the resumable upload. This API returns the upload key when successful. After you upload all the units, you can pass the key to upload/poll_upload to get the quickkey. Please refer to the documentation about the API upload/poll_upload for more details.

Note: This API currently returns a Content-Type=text/xml header even when the response is in JSON format.

Required Parameters:

POST Body

The content(binary data) of the file to upload.

(see Uploading Concepts for more details)

Header Data

x-filesize : The size, in bytes, of the binary file data.
x-filehash : A SHA256 hash of the file. Hash must be supplied in lower-case.
x-unit-hash : A SHA256 hash of the unit being uploaded.
x-unit-id : An ID of the unit. Can be 0 through Number of units - 1
x-unit-size : The size of the unit being uploaded.
Content-Type : Either "application/octet-stream" or "multipart/form-data + boundary".

Relative Parameters:

URL Query Data

session_token : session_token: A session access token to authenticate the user's current session. Required if filedrop_key is not passed. Alternatively, a valid action token may be used instead.
filedrop_key : A key representing a filedrop folder. Required if session_token is not passed. Ignored if folder_key is passed.
source_hash : The hash of the target file to be patched. Required if quickkey is passed.
target_hash : The expected hash of the target file after it is patched. A SHA256 check-sum of the target file. Required if quickkey is passed.
target_size : The expected size of the target file after is is patched. Required if quickkey is passed.
signature : Call signature. Required only for session token version 2. Click here to learn more about building an API call signature.

Header Data

x-filename : The name plus extension of the patch file being uploaded. The name should be 3 to 255 characters in length and UTF-8 encoded. Required and only used for Content-Type: "application/octet-stream".

Optional Parameters:

URL Query Data

quick_key : The file key of a file already in the session user's account. This file will be updated with the content of the uploaded file.
folder_key : The destination folder key. If not passed the API will use the cloud root folder.
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will be created by this call.
action_on_duplicate : Specifies the action to take when the file already exists, by name, in the destination folder. skip ignores the upload, keep uploads the file and makes the file name unique by appending a number to it, and replace overwrites the old file, possibly adding to its version history. skip (default), keep, replace.
mtime : Date-time used as the creation time of the file. If not passed the current server time is used. Click here for valid date/time formats.
version_control : Specifies if file versions are made and, if so, what type. If quickkey is not passed or action_on_duplicate is not replace this parameter is ignored. create_patches creates the new version and maintains patches to the updated version, keep_revision creates the new version and maintains the updated version as a full file, none creates the new version and maintains no patches or full files of the updated version. create_patches(default), keep_revision, none.
previous_hash : The hash of the last known version of the file before it was modified. If quickkey is not passed or action_on_duplicate is not replace this parameter is ignored. If previous_hash does not match the cloud file's hash the file will be uploaded as a new file with a new quickkey and file name.
response_format : xml(default) or json.

Response Properties

Name	Description	Type
result	Indicates the success or failure of calling this API: '0' = Success. See note below for additional result responses (this appears under the subheading 'doupload')	integer
key	The upload key of the file. (this appears under the sub heading 'doupload')	string
all_units_ready	Appears if a resumable upload is in progress under the subheading "resumable_upload". Indicates if the upload is ready for a resumable upload. 'yes' or 'no'	yes/no flag
count	Appears if a resumable upload is in progress under subheading "bitmap". Indicates the number of words in the words property.	integer
word	Appears if a resumable upload is in progress under subheading "bitmap". Contains a set of integers, each of which represent a 16-bit word.	list of integers
number_of_units	Appears if a resumable upload is in progress under the subheading "resumable upload". Indicates the number of units that will upload.	integer
unit_size	Appears if a resumable upload is in progress under the subheading "resumable upload". Indicates the size of each unit, or patch, that will upload.	integer
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Additional Result Responses

-14: Upload failed because the folder specified does not exist.
-31, -40: Unknown upload error.
-32: Missing file data.
-41: The uploaded file exceeds the upload_max_filesize.
-42: The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
-43: The uploaded file was only partially uploaded.
-44: No file was uploaded.
-45: Missing a temporary folder.
-46: Failed to write file to disk.
-47: A PHP extension stopped the file upload.
-48: Invalid file size.
-49: Missing file name.
-51: File size does not match size on disk.
-90: The supplied hash does not match the actual hash of the file.
-99: Missing or invalid session token.
-203: Invalid quickkey or file does not belong to session user.
-204: User does not have write permissions to this file.
-205: User does not have write permissions to the destination folder.
-206: The destination folder has been moved to the Trash.
-701, -881: Maximum file size for free users exceeded.
-700, -882: Maximum file size exceeded.
-10, -12, -26, -50, -52, -53, -54, -70, -71, -80, -120, -122, -124, -140, -200: Internal server error.

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/1.2/upload/resumable.php?folder_key=icbju4kjukdw2&session_token=02d6424739b785c84203b6a1302857c38d2bb34f464a04c156ceee7c72179871f71a8ff5b6c16fc6d0b728df6554be6a8e715a09eb99fc123fe214c3e15cfce79f8a2d0bdd04df2d

Response

<response>
  <action>upload/resumable.php</action>
  <doupload>
    <result>0</result>
    <key>b7bpiovaoyv</key>
  </doupload>
  <resumable_upload>
    <all_units_ready>no</all_units_ready>
    <bitmap>
      <count>1</count>
      <words>
        <word>0</word>
          </words>
      </bitmap>
      <number_of_units>1</number_of_units>
      <unit_size>4194304</unit_size>
  </resumable_upload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Set Options

GET http://www.mediafire.com/api/1.2/upload/set_options.php

POST http://www.mediafire.com/api/1.2/upload/set_options.php

Description: This API will set the user's preferences for uploads when using the JavaScript Upload client on the MediaFire website.

Required Parameters:

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature).

Relative Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

disable_flash : To disable Flash uploads 'yes' or 'no'.
disable_html5 : To disable HTML5 uploads 'yes' or 'no'.
disable_instant : To disable instant uploads. Instant uploads works only when HTML5 uploads are enabled. 'yes' or 'no'.
action_on_duplicate : Specifies the action to take when the file already exists, by name, in the destination folder. skip ignores the upload, keep uploads the file and makes the file name unique by appending a number to it, and replace overwrites the old file, possibly adding to its version history. skip(default), keep, replace.
response_format : 'xml' or 'json' (default 'xml')

Response Properties

Name	Description	Type
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Success with XML):

Request

http://www.mediafire.com/api/1.2/upload/set_options.php?session_token=749e4610d9e719620a1e9347ca9aabe5f86ac58d67c8bdd85f0eb4e043624ac70ec1a3f88dd49bb8126ad4c38a7686665ec66d727207ac1a99e9dc6c5cdf0772da405c3464c2d2af&disable_flash=yes&disable_instant=yes

Response

<response>
  <action>upload/set_options</action>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Example 2 (Success with JSON):

Request

http://www.mediafire.com/api/upload/set_options.php?disable_flash=yes&disable_instant=yes&session_token=01d8d27a6135e97bbda5a08bf37caf10be09e64acef0f60e56085bc96a22337e5f199d7a71cf0c6ee132003b7592a5dce45b73e3f79e915769e27c6ea3636cc1&hash=65dd21d705d5680cf7777286d627de9e799ef03e2ff0374df297382e3f1cd1d1&response_format=json

Response

{
  "response": {
    "action": "upload/set_options",
    "result": "Success",
    "current_api_version": "1.2"
  }
}

Simple

POST http://www.mediafire.com/api/1.2/upload/simple.php

Description: Upload a new file through POST to the user's account. You can either use the session token to authenticate the user, or pass the FileDrop folder key. This API returns the upload key when successful. You will have to pass this key to upload/poll_upload to get the quickkey. Please refer to the documentation about the API upload/poll_upload for more details.

Note: This API currently returns a Content-Type=text/xml header even when the response is in JSON format.

Required Parameters:

POST Body

The content(binary data) of the file to upload.

Header Data

Content-Type : Either "application/octet-stream" or "multipart/form-data + boundary".

(see Uploading Concepts for more details)

Relative Parameters:

URL Query Data

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature) Required if filedrop_key is not passed. Alternatively, a valid action token may be used instead..
filedrop_key : A key representing a filedrop folder. Required if session_token is not passed. Ignored if folder_key is passed.
signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Header Data

x-filename : The name plus extension of the file to be created. The name should be 3 to 255 characters in length and UTF-8 encoded. Required and only used for Content-Type: "application/octet-stream".
x-filesize : The size, in bytes, of the binary file data. Required and only used for Content-Type: "application/octet-stream".

Optional Parameters:

URL Query Data

folder_key: The destination folder to store the file. If it's not passed, then the file will be stored in the root folder.
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will not be created by this call.
action_on_duplicate : Specifies the action to take when the file already exists, by name, in the destination folder. skip ignores the upload, keep uploads the file and makes the file name unique by appending a number to it, and replace overwrites the old file, possibly adding to its version history. The default is to use the user's preference set through upload/set_options. If the user has not set a default then skip is used. skip (default), keep, replace.
mtime : The date/time of the update. If not set, the current server time will be used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php

Header Data

x-filehash : The SHA256 hash of the file being uploaded. Used to ensure data integrity.
response_format : xml(default) or json.

Response Properties

Name	Description	Type
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string
result	Indicates the success or failure of calling this API: '0' = Success. See note below for additional result responses (this appears under the subheading 'doupload')	integer
key	The upload key of the file. (this appears under the sub heading 'doupload')	string

Additional Result Responses

-1, -8, -11: FileDrop key is invalid.
-14: Upload failed because the folder specified does not exist.
-21, -22: Invalid FileDrop configuration.
-31, -40: Unknown upload error.
-32: Missing file data.
-41: The uploaded file exceeds the upload_max_filesize.
-42: The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
-43: The uploaded file was only partially uploaded.
-44: No file was uploaded.
-45: Missing a temporary folder.
-46: Failed to write file to disk.
-47: A PHP extension stopped the file upload.
-48: Invalid file size.
-49: Missing file name.
-51: File size does not match size on disk.
-90: The supplied hash does not match the actual hash of the file.
-99: Missing or invalid session token.
-203: Invalid quickkey or file does not belong to session user.
-204: User does not have write permissions to this file.
-205: User does not have write permissions to the destination folder.
-206: The destination folder has been moved to the Trash.
-701, -881: Maximum file size for free users exceeded.
-700, -882: Maximum file size exceeded.
-10, -12, -26, -50, -52, -53, -54, -70, -71, -80, -120, -122, -124, -140, -200: Internal server error.

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Request using an HTML form with XML response)

Request

<form method="POST" enctype="multipart/form-data" encoding="multipart/form-data" action="http://www.mediafire.com/api/1.2/upload/simple.php?session_token=123456789012345678901234567890123456789012345678901234567890">
    <input type="file" name="Filedata" />
    <input type="submit" />
</form>

Response

<response>
  <action>upload/simple</action>
  <doupload>
    <result>0</result>
    <key>qpcnocpg1cm</key>
  </doupload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Update

GET http://www.mediafire.com/api/1.2/upload/update.php

POST http://www.mediafire.com/api/1.2/upload/update.php

Description: Update an existing file in the user's account with another file. This API returns the upload key when successful. You will have to pass this key to upload/poll_upload.php to check the final result of the update upload. Please refer to the documentation about the API upload/poll_upload for more details.

Note: This API currently returns a Content-Type=text/xml header even when the response is in JSON format.

Required Parameters:

POST Body

The content(binary data) of the file to upload.

(see Uploading Concepts for more details)

URL Query Data

session_token : A type 1 or type 2 session token. (Type 2 will require a call signature). Required if not uploading to a FileDrop. Alternatively, a valid action token may be used instead.
quick_key : The quickkey of the file to update. The uploaded file content will be used to patch then override an existing file's current revision defined by the passed quickkey

Relative Parameters:

signature : This is the call signature that is required to authenticate a type 2 session token transaction.

Optional Parameters:

URL Query Data

mtime : The date/time of the update. If not set, the current server time will be used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php
previous_hash : The hash of the last known version of the file before it was modified. If previous_hash does not match the cloud file's hash the file will be uploaded as a new file with a new quickkey and file name..
response_format : xml(default) or json.

Response Properties

Name	Description	Type
result	Indicates if the API call was successful: 'Success' or 'Error'	string
current_api_version	The latest stable API version number	string
result	Indicates the success or failure of calling this API: '0' = Success. See note below for additional result responses (this appears under the subheading 'doupload')	integer
key	The upload key of the file. (this appears under the sub heading 'doupload')	string

Additional Result Responses

-14: Upload failed because the folder specified does not exist.
-31, -40: Unknown upload error.
-32: Missing file data.
-41: The uploaded file exceeds the upload_max_filesize.
-42: The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
-43: The uploaded file was only partially uploaded.
-44: No file was uploaded.
-45: Missing a temporary folder.
-46: Failed to write file to disk.
-47: A PHP extension stopped the file upload.
-48: Invalid file size.
-49: Missing file name.
-51: File size does not match size on disk.
-90: The supplied hash does not match the actual hash of the file.
-99: Missing or invalid session token.
-203: Invalid quickkey or file does not belong to session user.
-204: User does not have write permissions to this file.
-205: User does not have write permissions to the destination folder.
-206: The destination folder has been moved to the Trash.
-701, -881: Maximum file size for free users exceeded.
-700, -882: Maximum file size exceeded.
-10, -12, -26, -50, -52, -53, -54, -70, -71, -80, -120, -122, -124, -140, -200: Internal server error.

Error Codes

To view a list of possible error codes for this API, and their descriptions, click here.

Examples:

Example 1 (Request Using an HTML Form with XML response):

Request

<form method="POST" enctype="multipart/form-data" encoding="multipart/form-data" action="http://www.mediafire.com/api/1.2/upload/update.php?quickkey=iej48fhty23yehe&session_token=123456789012345678901234567890123456789012345678901234567890">
    <input type="file" name="Filedata" />
    <input type="submit" />
</form>

Response

<response>
  <action>upload/update</action>
  <action>doupload>
    <result>0</result>
    <key>qmn5v92c5yv</key>
  </doupload>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>

Upload (deprecated)

Deprecated. Use upload/simple, upload/resumable, upload/update, or upload/patch instead.

Description: Upload a file through POST to the user's account. You can either use the session token to authenticate the user, or pass the dropbox key. This api returns the upload key when successful. You will have to pass this key to upload/poll_upload.php to get the quickkey. Please refer to the documentation about the API upload/poll_upload for more details. View a flow chart of the upload process.

Required Parameters:

POST Body

Multipart MIME headers
Binary file data

(see Uploading Concepts for more details)

Header Data

x-filename : File name you want to name the file on the system. See Uploading Concepts for more details.

Optional Parameters:

URL Query Data

uploadkey : The folder_key of the folder where to store the file. If it's not passed, then the file will be stored in the root folder. In FileDrop mode, this would be the FileDrop key.
session_token : A type 1 or type 2 session token. (Type 2 will require a call signature). Required if not uploading to a dropbox. Alternatively, a valid action token may be used instead.
quick_key : If a quickkey is passed, the uploaded file content will overwrite an existing file's current revision defined by the passed quickkey. Quickkey is also required when uploading a delta file to patch an existing file.
mtime : The date/time of the update. If not set, the current server time will be used. Refer to the following document for valid date/time formats: http://www.php.net/manual/en/datetime.formats.php
action_on_duplicate : Specifies the action to take when the file already exists, by name, in the destination folder. Options are skip, keep (default), & replace. Skip ignores the upload. Keep uploads the file and makes the file name unique by appending a number to it. Replace overwrites the old file, possibly adding to its version history.
filedrop : Set to '1' to enable FileDrop mode. If enabled, the uploadkey must be the FileDrop key, which is an encrypted string, not the normal 13-character folder key. For backward compatibility, dropbox is still accepted as an alias for this parameter. Required if session_token is not passed. Ignored if folder_key is passed.
version_control : Specify version control. This takes effect only on a file update. Can take the following values: create_patches (default) to create the forward and reverse patches to and from the revision being updated, keep_revision to keep the revision being updated and no patches are created, and none will not create patches and will not keep the updated revision.
path : An absolute or relative path to upload the file to. Absolute paths begin with a slash; relative paths do not and are in relation to the specified folder_key or filedrop_key. Non-existent folders will not be created by this call.
previous_hash : This is the hash of the last known hash to the client of the file before it's modified. This is honored only on update uploads, that is, when passing 'quickkey' to override an existing file on the cloud. If the previous hash is different than the current version on the cloud, then this is a conflict and the file will be uploaded as a new file with new quickkey and filename.

Additional POST argument if the file being uploaded is a delta file to patch an existing file.

source_hash : The hash of the target file to be patched. Required if target_hash, target_size are passed
target_hash : The expected hash of the target file. A SHA256 check-sum of the target file. Required if quickkey is passed.
target_size' : The expected size of the target file. Required if quickkey is passed.

Header Data

x-filesize : File size of the file.
x-filehash : A SHA256 hash of the file. Hash must be supplied in lower-case.

Additional arguments required if the file being uploaded is a unit (chunk/part) of a resumable upload. To initiate a resumable upload, first call upload/pre_upload API.

x-unit-hash : A SHA256 hash of the unit being uploaded.
x-unit-id : An ID of the unit. Can be 0 through Number of units - 1
x-unit-size : The size of the unit being uploaded.

Return values:
Result

-1, -8, -11 : Filedrop key is invalid
-14 : Upload succeeded but the folder specified does not exist, so the file was placed in the root folder
-21, -22 : Invalid filedrop configuration
-31, -40 : Unknown upload error
-32 : Missing file data
-41 : The uploaded file exceeds the upload_max_filesize
-42 : The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form
-43 : The uploaded file was only partially uploaded
-44 : No file was uploaded
-45 : Missing a temporary folder
-46 : Failed to write file to disk
-47 : A PHP extension stopped the file upload
-48 : Invalid file size
-49 : Missing file name
-51 : File size does not match size on disk
-90 : The Hash sent does not match the actual file hash
-99 : Missing or invalid session token
-203 : Invalid quickkey or file does not belong to session user
-204 : User does not have write permissions to this file
-205 : User does not have write permissions to the destination folder
-302 : User attempted to send a resumable upload unit before calling upload/pre_upload
-303 : Invalid unit size
-304 : Invalid unit hash
-701, -881 : Maximum file size for free users exceeded
-700, -882: Maximum file size exceeded
-10, -12, -26, -50, -52, -53, -54, -70, -71, -80, -120, -122, -124, -140, -200, -301 : Internal Server Errors

GET + POST http://www.mediafire.com/api/1.2/upload/upload.php

POST http://www.mediafire.com/api/1.2/upload/upload.php

Example (using an HTML form):

Request

<form method="POST" enctype="multipart/form-data" encoding="multipart/form-data" action="http://www.mediafire.com/api/1.2/upload/upload.php?session_token=123456789012345678901234567890123456789012345678901234567890">
    <input type="file" name="Filedata" />
    <input type="submit" />
</form>

Response

<response>
  <action>upload/upload</action>
  <doupload>
    <result>0</result>
    <key>cl66s5mhas6</key>
  </doupload>
  <deprecated>yes</deprecated>
  <result>Success</result>
  <current_api_version>1.2</current_api_version>
</response>