Accepting User Uploads in ASP.NET | ASP. NET Solutions - 24 Case Studies. Best Practices for Developers

Once upon a time, your Web site needed third-party components to allow users to upload files. Now, you can do it all in ASP.NET, without any third-party add-ons. Here's how.

Following are the bare-bones steps to accept user uploads:

In an .aspx page, find the form tag. With Visual Studio .NET, this tag is always added automatically. If you're using another tool, make sure that you have the following form tag:
```
 <form  method="post" runat="server"> </form> 
```
Add this attribute to the form tag: enctype="multipart/form-data". The form tag will now look like this:
```
 <form  method="post" runat="server" enctype="multipart/form-data"> </form> 
```
enctype determines how the form data is encoded. Whenever data is transmitted from one place to another, there needs to be an agreed-upon means of representing that data.
If you're using Visual Studio .NET, open the HTML section of the Toolbox and add a File field to the page. If you're not using Visual Studio .NET, manually add the following to the HTML:
```
 <INPUT type="file" > 
```
In the File field, add a runat="server" attribute, as follows:
```
 <INPUT type="file"  runat="server"> 
```
In your C# or VB code, you can get the filename from the Filename.PostedFile.FileName property.
Save the file to disk (on the server) by using the Filename.PostedFile.SaveAs() method.

The destination directory on the server must give the necessary permissions for the save operation. Normally, the ASP.NET account won't have sufficient rights to save a file to disk. The way to fix this is to first create a directory under the application directory, and then give the Everyone group full access.

CAUTION: Make sure that your Web application directory doesn't give full access to the Everyone group. You need to make sure that the hard drive of your server is protected.

This section describes a demo application that accepts user uploads. Figure 17.6 shows the application. You can test the demo application at http://www.aspnet-solutions.com/UploadTest/WebForm1.aspx.

Figure 17.6. This Application Takes a User-Specified File and Shows Information about It.

graphics/17fig06.jpg

Listings 17.7 and 17.8 show the code that places the file information into the user interface. Listing 17.7 shows the C# code; Listing 17.8 shows the VB code.

Listing 17.7 Placing the File Information into a User Interface Label Object (C#)

 private void DoIt_Click(object sender, System.EventArgs e) {   FileInfo.Text =     "File name: " + Filename.PostedFile.FileName + "<br>\r\n" +     "File size: " + Filename.PostedFile.ContentLength + "<br>\r\n" +     "File type: " + Filename.PostedFile.ContentType; }

Listing 17.8 Placing the File Information into a User Interface Label Object (VB)

 Private Sub DoIt_Click(ByVal sender As System.Object, _   ByVal e As System.EventArgs) Handles DoIt.Click     FileInfo.Text = _       "File name: " + Filename.PostedFile.FileName + "<br>" + vbCrLf + _       "File size: " + Filename.PostedFile.ContentLength + "<br>" + _       vbCrLf + _       "File type: " + Filename.PostedFile.ContentType End Sub

As you can see, accepting user uploads from ASP.NET applications is very easy. And you can do it without any third-party add-ons.