Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP General (http://www.velocityreviews.com/forums/f65-asp-general.html)
-   -   Securing uploaded documents (http://www.velocityreviews.com/forums/t805085-securing-uploaded-documents.html)

Dean g 04-28-2010 08:20 AM

Securing uploaded documents
 
Hi,
I need help stoping people from accessing documents on the
server unless they are logged in through the website. I don't
know how to do this without using a database or just manually
added passwords to folders.

I know its possible in .net, any help on how to do this in
classic asp would be greatly appreciated.

Regards,
Dean



*** Sent via Developersdex http://www.developersdex.com ***

Bwig Zomberi 04-28-2010 09:27 AM

Re: Securing uploaded documents
 
Dean g wrote:
> Hi,
> I need help stoping people from accessing documents on the
> server unless they are logged in through the website. I don't
> know how to do this without using a database or just manually
> added passwords to folders.
>
> I know its possible in .net, any help on how to do this in
> classic asp would be greatly appreciated.
>
> Regards,
> Dean
>
>
>
> *** Sent via Developersdex http://www.developersdex.com ***



After authenticating the user, read the file contents and then

1. Use Response.ContentType to set mime type.

2. Use Response.AddHeader to set file name
Response.AddHeader "content-disposition","attachment;
filename=fname.ext"

3. Use Response.BinaryWrite to send the file to the browser.

--
Bwig Zomberi

Dean g 05-04-2010 09:25 AM

Re: Securing uploaded documents
 

Thanks for the help Bwig


*** Sent via Developersdex http://www.developersdex.com ***

Dan 05-04-2010 11:09 AM

Re: Securing uploaded documents
 

"Dean g" <big_deanus@hotmail.com> wrote in message
news:uHBn3u26KHA.1888@TK2MSFTNGP05.phx.gbl...
>
> Thanks for the help Bwig


Just a note though - if the file is large, you may have to send it out in
chunks instead of all in one go. If you Google for "ado stream binarywrite"
you'll find plenty of examples of how to do this in ASP.

--
Dan


Dean g 05-12-2010 09:26 AM

Re: Securing uploaded documents
 
Thanks for the help guys, i have a new problem with this
though hopefully you can help with.

I can't get the documents to open in the browser, they
automatically save. Ideally i would like to open the files in
a popup window if thats possible.

my code looks like this, the inline just ins't doing anything.

Response.AddHeader "Content-Disposition","inline; filename="&
file

Regards,
Dean g

*** Sent via Developersdex http://www.developersdex.com ***

Bwig Zomberi 05-12-2010 12:13 PM

Re: Securing uploaded documents
 
Dean g wrote:
> Thanks for the help guys, i have a new problem with this
> though hopefully you can help with.
>
> I can't get the documents to open in the browser, they
> automatically save.


This depends on the browser setting. You may have prevented the show
dialog box setting and set it for automatic save. Try with another
browser or in another computer.

> Ideally i would like to open the files in
> a popup window if thats possible.



In the link that connects to this ASP, use target="_blank".

Omit the Response.AddHeader.

Depending on the mime type and related-settings, the browser may display
the contents in a new window. If browser is configured to load the
content outside the browser in the native application, it may do so.


>
> my code looks like this, the inline just ins't doing anything.
>
> Response.AddHeader "Content-Disposition","inline; filename="&
> file


It provides a file name for the contents sent by the ASP page.
Otherwise, you have to enter a name or the browser will give a name.

--
Bwig Zomberi

Dean g 05-13-2010 07:51 AM

Re: Securing uploaded documents
 
Thanks again Bwig, i hadn't set the content type properly.

Its working well now.



*** Sent via Developersdex http://www.developersdex.com ***

Bwig Zomberi 05-13-2010 08:09 AM

Re: Securing uploaded documents
 
Dan wrote:
>
> "Dean g" <big_deanus@hotmail.com> wrote in message
> news:uHBn3u26KHA.1888@TK2MSFTNGP05.phx.gbl...
>>
>> Thanks for the help Bwig

>
> Just a note though - if the file is large, you may have to send it out
> in chunks instead of all in one go. If you Google for "ado stream
> binarywrite" you'll find plenty of examples of how to do this in ASP.
>


Dan, I wanted to implement something like this. However, for very large
file downloads and slow user connections, the script will have to be
running for a long time. IIS will kill any request after some time. Do
you or anyone else know how to avoid that?


--
Bwig Zomberi

Dan 05-13-2010 10:53 AM

Re: Securing uploaded documents
 

"Bwig Zomberi" <zomberiMAPSONNOSPAM@gmail.com> wrote in message
news:hsgc15$adl$1@speranza.aioe.org...
> Dan wrote:
>>
>> "Dean g" <big_deanus@hotmail.com> wrote in message
>> news:uHBn3u26KHA.1888@TK2MSFTNGP05.phx.gbl...
>>>
>>> Thanks for the help Bwig

>>
>> Just a note though - if the file is large, you may have to send it out
>> in chunks instead of all in one go. If you Google for "ado stream
>> binarywrite" you'll find plenty of examples of how to do this in ASP.
>>

>
> Dan, I wanted to implement something like this. However, for very large
> file downloads and slow user connections, the script will have to be
> running for a long time. IIS will kill any request after some time. Do you
> or anyone else know how to avoid that?


Look at documentation for the Server.ScriptTimeout property :)

--
Dan



Bwig Zomberi 05-13-2010 12:00 PM

Re: Securing uploaded documents
 
Dan wrote:
>
> "Bwig Zomberi" <zomberiMAPSONNOSPAM@gmail.com> wrote in message
> news:hsgc15$adl$1@speranza.aioe.org...
>> Dan wrote:
>>>
>>> "Dean g" <big_deanus@hotmail.com> wrote in message
>>> news:uHBn3u26KHA.1888@TK2MSFTNGP05.phx.gbl...
>>>>
>>>> Thanks for the help Bwig
>>>
>>> Just a note though - if the file is large, you may have to send it out
>>> in chunks instead of all in one go. If you Google for "ado stream
>>> binarywrite" you'll find plenty of examples of how to do this in ASP.
>>>

>>
>> Dan, I wanted to implement something like this. However, for very
>> large file downloads and slow user connections, the script will have
>> to be running for a long time. IIS will kill any request after some
>> time. Do you or anyone else know how to avoid that?

>
> Look at documentation for the Server.ScriptTimeout property :)
>


No, Dan. There is a limit for that too. Imagine a 700 MB ISO file and
the user is on dialup. It will take several hours. IIS will kill the
request.

--
Bwig Zomberi


All times are GMT. The time now is 09:31 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.