asked on
I am using the following code to upload files ...but I am concerned about security in the sense that its available to the public and I want to be sure only certain extentions can be user...txt or .csv...they are upload address info..but if a hacker comes along...they could upload a file that take over the system..any code to protect ..ideas?
FYI..the whole site has SSL on it..if that makes a difference...
FYI..the whole site has SSL on it..if that makes a difference...
<html>
<head>
<script language="VB" runat="server">
Sub Button1_Click(sender As Object, e As EventArgs)
if FileUpLoad1.HasFile
'Uncomment this line to Save the uploaded file
'FileUpLoad1.SaveAs("C:\SomePhysicalPath" & FileUpLoad1.Filename)
Label1.Text = "Received " & FileUpLoad1.FileName & " Content Type " & FileUpLoad1.PostedFile.ContentType & " Length " & FileUpLoad1.PostedFile.ContentLength
else
Label1.Text = "No uploaded file"
end if
end sub
</script>
</head>
<body>
<h3><font face="Verdana">File Upload</font></h3>
<form runat=server>
<asp:FileUpLoad id="FileUpLoad1" AlternateText="You cannot upload files" runat="server" />
<asp:Button id="Button1" Text="Upload" OnClick="Button1_Click" runat="server" />
<asp:Label id="Label1" runat="server" />
</form>
</body>
</html>
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.