| New Web Server Controls in ASP.Net 2.0 |
| |
| FileUpload Web Server Control |
| |
| ASP.NET 2.0 brings in a new FileUpload server control that makes the practice of uploading files to a server even easier. The FileUpload control comprise of a text box where users can type the name of a file that they want to upload to the server and a Browse button that displays a file-navigation dialog box. The user specifies the file to upload by entering the full address of the file on the local computer (for example, C:\MyDocumentFiles\TestFile.txt) in the text box of the control. Also, the user can select the file by clicking the Browse button, and then locating it in the Choose File dialog box. |
| |
| When giving a page the capability to upload files, you simply incorporate the new <asp:FileUpload> control and ASP.NET takes care of the rest, including adding the enctype attribute to the page's <form> element. It is not possible to pre-load the name of a file into the FileUpload control for security reasons. |
| |
| Using Uploaded Files |
| |
| When user has a file to upload and submitted the page, the file is uploaded as a request. The file is cached in its whole in server memory. After uploading file, you can check the characteristics of the file, like its name, size, and MIME type, and you can then save it programmatically. |
| |
| Alternatively, both the FileUpload control and the HttpPostedFile object support a SaveAs method that writes the file to disk. |
| |
| There is no inbuilt limitation on where to save uploaded files. However, to save the file, the ASP.NET process must have permission to create files in the location that you specify. In addition, your application might be configured to require an absolute path (not a relative path) for saving the file, for the security measure. Use MapPath method of the HttpServerUtility class and pass to the method the tilde (~) operator to create an absolute path based on the root of the application |
| |
| The maximum size file that can be uploaded depends on the value of the MaxRequestLength configuration setting. If users attempt to upload a file that is larger than the maximum allowed, the upload fails. |
| |
| Maintaining Security in FileUpload Control |
| |
| Using the FileUpload control, users can upload potentially malicious files, including script files and executable files. It is not possible to limit in advance the files that a user can upload. To limit the uploaded files, you must observe the file characteristics (like file name, extension and the value of the fileâs ContentType property) after the file have been uploaded. |
| |
Syntax:
<asp:FileUpload
AccessKey="string"
BackColor="color name|#dddddd"
BorderColor="color name|#dddddd"
BorderStyle="NotSet|None|Dotted|Dashed|Solid|Double|Groove|Ridge|
Inset|Outset"
BorderWidth="size"
CssClass="string"
Enabled="True|False"
EnableTheming="True|False"
EnableViewState="True|False"
Font-Bold="True|False"
Font-Italic="True|False"
Font-Names="string"
Font-Overline="True|False"
Font-Size="string|Smaller|Larger|XX-Small|X-Small|Small|Medium|
Large|X-Large|XX-Large"
Font-Strikeout="True|False"
Font-Underline="True|False"
ForeColor="color name|#dddddd"
Height="size"
ID="string"
OnDataBinding="DataBinding event handler"
OnDisposed="Disposed event handler"
OnInit="Init event handler"
OnLoad="Load event handler"
OnPreRender="PreRender event handler"
OnUnload="Unload event handler"
runat="server"
SkinID="string"
Style="string"
TabIndex="integer"
ToolTip="string"
Visible="True|False"
Width="size" /> |
| |
|
| |
