ASP.NET

Auto Process File Upload Control

Tri Nguyen | November 01, 2011 | ADD COMMENT

Generally, all ASP.NET pages have a default FORM tag with POST method and default ACTION pointing to itself. It wraps around the content inside the BODY tag. Therefore, whenever a Postback occur, it's basically post to itself. Postback happens when user click on a button on the page or when they click on the browser "Refresh" button. In order to process file upload after user selecting a file, we'll need to create a postback after user selecting a file. This can be done by adding the " onchange='form.submit();' " to the file control. Basically, this will cause the form to submit, similar to a button click. The only difference is that we'll be process file selected file upload control during Page_Load(...) rather than inside a button click event.

View Our Demo

Common DateTime Formats

Tri Nguyen | August 03, 2011 | ADD COMMENT

The following are some common Formats for DateTime object. Assuming, we have a DateTime object declared "m_date" and today is January 14, 2011.

DateTime m_date = DateTime.Today;
Response.Write(m_date.ToString("MMMM d, yyyy"));
//January 14, 2011

Response.Write(m_date.ToString("MMM. d, yyyy");
//Jan. 14, 2011

Response.Write(m_date.ToString("MM/dd/yyyy");
//01/14/2011

Response.Write(m_date.ToString("M/d/yyyy");
//1/14/2011

Response.Write(m_date.ToString("MM-dd-yyyy");
//01-14-2011

Response.Write(m_date.ToString("MM-dd-yy");
//01-14-11
Notice: when using "MM" or "dd" in the format string, it'll always output two digits month or day. Leading zero will be added if the day or month has only a single digit such as January or any day less than 10.

References

Securing Files In ASP.NET, Preventing Direct Access From Browsers

Tri Nguyen | June 20, 2011 | ADD COMMENT

Preventing Direct File Access

Assuming any file in the "secure" folder, http://www.website.com/files/secure/, is protected and may only be accessed by authorized user. This mean, if we place a "test.pdf" file inside the secure folder, it cannot be accessed when user types "http://www.website.com/files/secure/test.pdf" in the browser. To achieve that, we need to add the following handler in the Web.Config file.

<system.web>
   <httpHandlers>
      <add verb="*" path="files/secure/*.*" type="System.Web.HttpForbiddenHandler"/>
   </httpHandlers>
</system.web>

Delivering Files To Authorized Users

The handler above instructs ASP.NET to return 403 Error when user attempts to access any file inside the "secure" folder. Therefore, in order to grant user access to the secured files, we need a dynamic page that will read the file content and flush out into the response stream, e.g. http://www.website.com/file.aspx?id=12345, where 12345 is the identification for "test.pdf" file. There a number of things that we can check in file.aspx page before granting access to users such as login, expiration date, etc. The following is a quick demo written in VB.NET:

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

   Me.Response.Clear()

   Dim strFileId as String = Me.Request.QueryString("id").ToString()

   If(strFileId.length > 0) Then
     
      If (System.IO.File.Exists(Server.MapPath("files/secure/test.pdf")) Then

         Me.Response.ContentType = "application/x-pdf"

         Dim arrBytes As Byte() = System.IO.File.ReadAllBytes(Server.MapPath("files/secure/test.pdf"))

         If (arrBytes IsNot Nothing And arrBytes.Length > 0) Then

            Me.Response.OutputStream.Write(arrBytes, 0, arrBytes.Length)

         Else

            Me.Response.Write("File Not Found")

         End If

      Else

         Me.Response.Write("File Not Found")

      End If

   Else

      Me.Response.Write("File Not Found")

   End If

   Me.Response.End()
  
End Sub

If anyone has a different idea of handling this kind of data processing, I would love to hear them. Once again, thank you for visiting.