troubleshooting Question

ASP.NET - Concerned about File upload security

Avatar of GlobaLevel
GlobaLevelFlag for United States of America asked on
3 Comments1 Solution347 ViewsLast Modified:
I am using the following code to upload files ...but I am concerned about security in the sense that its available to the public and I want to be sure only certain extentions can be user...txt or .csv...they are upload address info..but if a hacker comes along...they could upload a file that take over the system..any code to protect ..ideas?

FYI..the whole site has SSL on it..if that makes a difference...

    <script language="VB" runat="server">
    Sub Button1_Click(sender As Object, e As EventArgs)
        if FileUpLoad1.HasFile
            'Uncomment this line to Save the uploaded file
            'FileUpLoad1.SaveAs("C:\SomePhysicalPath" & FileUpLoad1.Filename)
            Label1.Text = "Received " & FileUpLoad1.FileName & " Content Type " & FileUpLoad1.PostedFile.ContentType & " Length " & FileUpLoad1.PostedFile.ContentLength
            Label1.Text = "No uploaded file"
        end if    
    end sub


    <h3><font face="Verdana">File Upload</font></h3>

    <form runat=server>

        <asp:FileUpLoad id="FileUpLoad1" AlternateText="You cannot upload files" runat="server" />
        <asp:Button id="Button1" Text="Upload" OnClick="Button1_Click" runat="server" />
        <asp:Label id="Label1" runat="server" />


Open in new window

Jerry Miller

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros