Recipe 15.4 Storing the Contents of an Uploaded File in a Database

     

15.4.1 Problem

You need to provide the ability for a user to upload a file to the web server that will be processed later, so you want to store the file in the database.

15.4.2 Solution

Implement the solution described in Recipe 15.2, but when the user clicks a button to initiate the upload process, instead of writing the file to the filesystem, use the input stream containing the uploaded file along with ADO.NET to write the file to a database.

For the .aspx file, follow the steps for implementing the .aspx file in Recipe 15.2.

In the code-behind class for the page, use the .NET language of your choice to:

  1. Process the Upload button click event and verify that a file has been uploaded.

  2. Open a connection to the database.

  3. Build the command used to add the data to the database and insert the file data.

The application we've written to demonstrate this solution uses the same .aspx file as Recipe 15.2s example (see Example 15-4). The code-behind for our application is shown in Example 15-11 (VB) and Example 15-12 (C#). The initial output is the same as Recipe 15.2s example output and is shown in Figure 15-3.

15.4.3 Discussion

Storing an uploaded file in a database is useful when a complete, unmodified record of the upload is required to be set apart from the web server's filesystem, when the file contains sensitive information, or when additional metadata needs to be stored with the file. It is also quite common to store the uploaded data in a database and then process the data either immediately or by another program outside of the web application, although we don't go into that here.

The example we've written to demonstrate this solution includes a button to initiate the upload process and uses the input stream containing the uploaded file along with ADO.NET to write the file to a database. The example uses the same code as Recipe 15.2, changing only the actions performed in the btnUpload_ServerClick method of the code-behind. After verifying that a file is actually uploaded, a connection is made to the database.

An OleDbCommand is then created with the CommandText property set to a parameterized SQL INSERT statement to store the filename, the file size , and the contents of the file in the database. A parameterized query is used to handle the binary data contained in the file.

The FileData column of our database needs to be able to handle the binary data contained in the file. For SQL Server, the data type should be VarBinary or image . Even if the uploaded files are text files, it is best to use a binary field for storage of the data. Text files can contain Unicode or UTF-8 encoded characters that SQL Server cannot store in text fields, which results in a SQL exception being thrown.

Next, three parameters are added to the parameter collection of the command object and the values are set with the uploaded file information. Because our example uses OleDb , which does not support named parameters like the SQL provider does, the parameters must be added in the same order they appear in the INSERT statement.

The Filename and Filesize parameters each require creating the parameter and setting the value. The Filedata parameter is created in the same manner; however, the value must be set to a byte array. This requires creating a new BinaryReader stream from the posted file input stream and then using the ReadBytes method of the BinaryReader to create the required byte array.

The last step is to set the connection property of the command to the connection opened earlier and executing the command. The ExecuteNonQuery method of the command object is used because no data is being returned by the command.

15.4.4 See Also

Recipe 15.2 for the base code used for this recipe and a discussion of the size limits on uploaded files

Example 15-11. Storing uploaded file to database code-behind (.vb)
 Private Sub btnUpload_ServerClick(ByVal sender As Object, _                                       ByVal e As System.EventArgs) _                 Handles btnUpload.ServerClick       Dim dbConn As OleDbConnection       Dim dcmd As OleDbCommand       Dim bReader As BinaryReader       Dim strConnection As String       Dim filename As String       Dim filesize As Integer       Try         'make sure file was specified and was found          filename = txtUpload.PostedFile.FileName.Trim         If ((filename.Length > 0) And _             (txtUpload.PostedFile.ContentLength > 0)) Then  'get the connection string from web.config and open a connection   'to the database   strConnection = _   ConfigurationSettings.AppSettings("dbConnectionString")   dbConn = New OleDbConnection(strConnection)   dbConn.Open( )   'build the command used to add the data to the database   dcmd = New OleDbCommand   dcmd.CommandText = "INSERT INTO FileUpload " & _   "(Filename,  Filesize, FileData) " & _   "VALUES " & _   "(?, ?, ?)"   'create the paramters and set the values for the file data   dcmd.Parameters.Add(New OleDbParameter("Filename", _   filename))   filesize = txtUpload.PostedFile.ContentLength   dcmd.Parameters.Add(New OleDbParameter("Filesize", _   filesize))   bReader = New BinaryReader(txtUpload.PostedFile.InputStream)   dcmd.Parameters.Add(New OleDbParameter("FileData", _   bReader.ReadBytes(filesize)))   'insert the file data   dcmd.Connection = dbConn   dcmd.ExecuteNonQuery( )  End If       Finally         If (Not IsNothing(dbConn)) Then           dbConn.Close( )         End If         If (Not IsNothing(bReader)) Then           bReader.Close( )         End If       End Try     End Sub  'btnUpload_ServerClick 

Example 15-12. Storing uploaded file to database code-behind (.cs)
 private void btnUpload_ServerClick(object sender, System.EventArgs e)     {       OleDbConnection dbConn = null;       OleDbCommand dcmd = null;       BinaryReader bReader = null;       string strConnection = null;       string filename = null;       int filesize;       try       {         // make sure file was specified and was found          filename = txtUpload.PostedFile.FileName.Trim( );         if ((filename.Length > 0) &&              (txtUpload.PostedFile.ContentLength > 0))         {  // get the connection string from web.config and open a connection   // to the database   strConnection =   ConfigurationSettings.AppSettings["dbConnectionString"];   dbConn = new OleDbConnection(strConnection);   dbConn.Open( );   // build the command used to add the data to the database   dcmd = new OleDbCommand( );   dcmd.CommandText = "INSERT INTO FileUpload " +   "(Filename,  Filesize, FileData) " +   "VALUES " +   "(?, ?, ?)";   // create the paramters and set the values for the file data   dcmd.Parameters.Add(new OleDbParameter("Filename",   filename));   filesize = txtUpload.PostedFile.ContentLength;   dcmd.Parameters.Add(new OleDbParameter("Filesize",   filesize));   bReader = new BinaryReader(txtUpload.PostedFile.InputStream);   dcmd.Parameters.Add(new OleDbParameter("FileData",   bReader.ReadBytes(filesize)));   // insert the file data   dcmd.Connection = dbConn;   dcmd.ExecuteNonQuery( );  }       }  // try         finally       {         if (dbConn != null)         {           dbConn.Close( );         }         if (bReader != null)         {           bReader.Close( );         }       }  // finally     }  // btnUpload_ServerClick 



ASP. NET Cookbook
ASP.Net 2.0 Cookbook (Cookbooks (OReilly))
ISBN: 0596100647
EAN: 2147483647
Year: 2006
Pages: 179

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net