File Upload Folder Permissions


A

Adam

Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam
 
Ad

Advertisements

G

Guest

Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything.  When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam

It seems that the access to c:\uploads is for local users (like you)
only and you need to add an ASP.NET account. I think you have
try..catch in your code and that's why you can't see the error when
"nothing happens". Disable error catching and you will see the
message.

Hope this helps.
 
J

James Parker

Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam

I think this might help with your issue.

http://learn.iis.net/page.aspx/140/understanding-the-built-in-user-and-group-accounts-in-iis-70/

j1mb0jay
 
A

Adam

Hi Alexex,

Here is my code, which I have the try - catch statement in. It must be a
permissions thing for it to work on the host machine, but not on any others?

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Button1.Click

If Not FileUpload1.PostedFile Is Nothing And
FileUpload1.PostedFile.ContentLength > 0 Then

Dim fn As String =
System.IO.Path.GetFileName(FileUpload1.PostedFile.FileName)

Dim SaveLocation As String = "c:\Uploads" & "\" & fn

Try

FileUpload1.PostedFile.SaveAs(SaveLocation)

Response.Write("The file has been uploaded.")

Catch Exc As Exception

Response.Write("Error: " & Exc.Message)

End Try

Else

Response.Write("Please select a file to upload.")

End If

Hi, I am trying to create a very basic file upload page, where the
uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on
the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and
removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should
set
for the Application pool.

Thanks in advance.
Adam

It seems that the access to c:\uploads is for local users (like you)
only and you need to add an ASP.NET account. I think you have
try..catch in your code and that's why you can't see the error when
"nothing happens". Disable error catching and you will see the
message.

Hope this helps.
 
A

Adam

OMG, i feel so silly. To test the upload from the remote computer I created
a couple of text files without any content. Therefore, with my code
checking content length, it didnt upload it as the content length was 0.

Sorry people!. Thanks for your help though.
 
Ad

Advertisements

G

Guest

OMG, i feel so silly. To test the upload from the remote computer I created
a couple of text files without any content.  Therefore, with my code
checking content length, it didnt upload it as the content length was 0.

Sorry people!. Thanks for your help though.

Glad that it works now for you! You can extend your code and check the
size. Makes sense I think.
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top