File Upload Folder Permissions

  • Thread starter Thread starter Adam
  • Start date Start date
A

Adam

Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam
 
Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything.  When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam
Click to expand...

It seems that the access to c:\uploads is for local users (like you)
only and you need to add an ASP.NET account. I think you have
try..catch in your code and that's why you can't see the error when
"nothing happens". Disable error catching and you will see the
message.

Hope this helps.
 
Hi, I am trying to create a very basic file upload page, where the uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should set
for the Application pool.

Thanks in advance.
Adam
Click to expand...

I think this might help with your issue.

http://learn.iis.net/page.aspx/140/understanding-the-built-in-user-and-group-accounts-in-iis-70/

j1mb0jay
 
Hi Alexex,

Here is my code, which I have the try - catch statement in. It must be a
permissions thing for it to work on the host machine, but not on any others?

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Button1.Click

If Not FileUpload1.PostedFile Is Nothing And
FileUpload1.PostedFile.ContentLength > 0 Then

Dim fn As String =
System.IO.Path.GetFileName(FileUpload1.PostedFile.FileName)

Dim SaveLocation As String = "c:\Uploads" & "\" & fn

Try

FileUpload1.PostedFile.SaveAs(SaveLocation)

Response.Write("The file has been uploaded.")

Catch Exc As Exception

Response.Write("Error: " & Exc.Message)

End Try

Else

Response.Write("Please select a file to upload.")

End If

Hi, I am trying to create a very basic file upload page, where the
uploaded
file is placed into a folder on the server (but not in the web path, i.e.
c:\uploads and not c:\inetpub\wwwroot\uploads). On the IIS server it works
correctly, and uploads the files, but anonymous users when they click on
the
upload button, it just refreshes the page and doesn't do anything. When it
works on the IIS server, the page displays upload successful, while from
another workstation it just goes back to the upload file comment and
removes
the selected file from the fileupload control.

Can anyone please provide any good resources or identify what security I
need to put on the c:\uploads folder and what setting (account) I should
set
for the Application pool.

Thanks in advance.
Adam
Click to expand...

It seems that the access to c:\uploads is for local users (like you)
only and you need to add an ASP.NET account. I think you have
try..catch in your code and that's why you can't see the error when
"nothing happens". Disable error catching and you will see the
message.

Hope this helps.
 
OMG, i feel so silly. To test the upload from the remote computer I created
a couple of text files without any content. Therefore, with my code
checking content length, it didnt upload it as the content length was 0.

Sorry people!. Thanks for your help though.
 
OMG, i feel so silly. To test the upload from the remote computer I created
a couple of text files without any content.  Therefore, with my code
checking content length, it didnt upload it as the content length was 0.

Sorry people!. Thanks for your help though.
Click to expand...

Glad that it works now for you! You can extend your code and check the
size. Makes sense I think.
 
Back
Top