Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.
Excluding file types in classic asp
Hi all,
Messing around heavily with an upload feature for my customers. I got the renaming of the file to work thanks to some awesome help in this forum. However what was screwing that code up to begin with was my attempt to restrict filetypes to jpg, jpeg, gif & png files. So - Any great ideas on how to do that without messing up my beatiful working code? I have the name of file serverside and I have the extension, but can't figure out how to do anything with that information. I tried the feature found here, but that was what was messing things up in the first place.
Here's the code that I have so far:
Messing around heavily with an upload feature for my customers. I got the renaming of the file to work thanks to some awesome help in this forum. However what was screwing that code up to begin with was my attempt to restrict filetypes to jpg, jpeg, gif & png files. So - Any great ideas on how to do that without messing up my beatiful working code? I have the name of file serverside and I have the extension, but can't figure out how to do anything with that information. I tried the feature found here, but that was what was messing things up in the first place.
Here's the code that I have so far:
<%
Set oFileUp = Server.CreateObject("SoftArtisans.FileUp")
oFileUp.Path = "server path..."
oFileUp.CreateNewFile = True
oFileUp.OverWriteFiles = True
'oFileUp.Maxbytes = 300
If Not oFileUp.Form("file1").IsEmpty Then
oFileUp.Form("file1").Save
If Err.Number <> 0 Then
Response.Write "<B>Error description:</B> " & Err.Description
Else
Response.Write ""
End If
Else
Response.Write "Error! There is no file chosen for upload!"
End If
strServerName = oFileUp.Form("file1").ServerName
dim fs,p
set fs=Server.CreateObject("Scripting.FileSystemObject")
e=(fs.GetExtensionName("" & strServerName & ""))
p=fs.getfilename("" & strServerName & "")
response.write(p)
response.write(e)
set fs=nothing
Set oFileUp = Nothing
%>
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Actually - It is now restricting everything - not passing through png's and jpg's. Code below. Suggestions?
Set oFileUp = Server.CreateObject("SoftArtisans.FileUp")
oFileUp.Path = "path..."
oFileUp.CreateNewFile = True
oFileUp.OverWriteFiles = True
'oFileUp.Maxbytes = 300
FileName = oFileUp.Form("file1")
if testFileType(FileName) = 0 then ' see below for function
' end
response.redirect "new_file_fail.asp"
' or
response.write "not allowed"
' and do not run the rest of the save code
end if
function testFileType(FileName)
AllowedTypes = " jpg gif png "
FileType=right(FileName,3)
if instr(AllowedTypes,FileType) > 0 Then
testFileType = 1
else
testFileType = 0
end if
' http://www.w3schools.com/asp/func_instr.asp
end function
If Not oFileUp.Form("file1").IsEmpty Then
oFileUp.Form("file1").Save
If Err.Number <> 0 Then
Response.Write "<B>Error description:</B> " & Err.Description
Else
Response.Write ""
End If
Else
Response.Write "Error! There is no file chosen for upload!"
End If
strServerName = oFileUp.Form("file1").ServerName
dim fs,p
set fs=Server.CreateObject("Scripting.FileSystemObject")
e=(fs.GetExtensionName("" & strServerName & ""))
p=fs.getfilename("" & strServerName & "")
response.write(p)
response.write(e)
set fs=nothing
Set oFileUp = Nothing
test to make sure your input is as expected. See my test here http://mypadas.com/ee/filetype/28894019.asp
Test for input. Output the FileName and make sure it is as expected.
<%
test1 = "image.jpg"
test2 = "image.gif"
test3 = "image.png"
test4 = "image.txt"
response.write testFileType(test1)&"<br>"
response.write testFileType(test2)&"<br>"
response.write testFileType(test3)&"<br>"
response.write testFileType(test4)&"<br>"
if testFileType(test1) = 1 then
response.write "Your image has been saved"
else
response.write "This image is the wrong file type"
end if
function testFileType(FileName)
AllowedTypes = " jpg gif png "
FileType=right(FileName,3)
if instr(AllowedTypes,FileType) > 0 Then
testFileType = 1
else
testFileType = 0
end if
' http://www.w3schools.com/asp/func_instr.asp
end function
%>
FileName = oFileUp.Form("file1")
if testFileType(FileName) = 0 then ' see below for function
' end
response.redirect "new_file_fail.asp"
' or
response.write "not allowed"
' and do not run the rest of the save code
end if
Test for input. Output the FileName and make sure it is as expected.
FileName = oFileUp.Form("file1")
' ******* FOR TESTING ONLY *********
response.write FileName
response.end ' this will prevent anything else from running.
' *********************************
if testFileType(FileName) = 0 then ' see below for function
' end
response.redirect "new_file_fail.asp"
' or
response.write "not allowed"
' and do not run the rest of the save code
end if
Hi Scott,
Thx for the effort so far - hope you bear with my incompetence.
I have the solution working - response.write returns a 0 for disallowed files resulting in the redirect. However in order to get it to work it seems like I have to run the save command first (virtual save to disk I think). Otherwise the files are recognized as .tmp files and therefore all discarded. But if I save the file the function has to delete it afterwards, right?
For instance, response.write FileName (placed early in the code) results in: D:\hshome\sitepath.../file
Would it be feasible to allow the upload and then initiate a deletion if the file fails the test?
Thx for the effort so far - hope you bear with my incompetence.
I have the solution working - response.write returns a 0 for disallowed files resulting in the redirect. However in order to get it to work it seems like I have to run the save command first (virtual save to disk I think). Otherwise the files are recognized as .tmp files and therefore all discarded. But if I save the file the function has to delete it afterwards, right?
For instance, response.write FileName (placed early in the code) results in: D:\hshome\sitepath.../file
Would it be feasible to allow the upload and then initiate a deletion if the file fails the test?
I think you are correct.
1) Upload file.
2) Let FileUp save.
3) Get File name from FileUp (could be the same or new file if it finds a duplicate file name)
4) If file type is not what you want (jpg, gif, png, ?) then either delete the saved file or do nothing else.
5) If the file type is good, then save to your database.
1) Upload file.
2) Let FileUp save.
3) Get File name from FileUp (could be the same or new file if it finds a duplicate file name)
4) If file type is not what you want (jpg, gif, png, ?) then either delete the saved file or do nothing else.
5) If the file type is good, then save to your database.
Well Scott... I couldn't get it to work after all... However: I'm 100% there with this code. You still deserve all the points IMHO though. Thanks for keeping at it!
Set oFileUp = Server.CreateObject("SoftArtisans.FileUp")
oFileUp.Path = "D:\hshome\DOMAINNAME\" & link & "files\"
oFileUp.CreateNewFile = True
oFileUp.OverWriteFiles = True
'oFileUp.Maxbytes = 300
FileName = oFileUp.Form("file1")
FCONT = oFileUp.ContentType
'--- Use the Select Case Condition to restrict the file type.
Select Case LCase(FCONT)
Case "image/gif"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "image/jpeg"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "image/jpg"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "image/png"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "image/pjpeg"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "application/pdf"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case "application/msword"
oFileUp.Form("file1").Save
Response.Write "<P>" & oFileUp.ShortFileName & " has been saved."
Case Else
oFileUp.delete
Response.write "<P>" & oFileUp.ShortFileName & " is not allowed."
End Select
strServerName = oFileUp.Form("file1").ServerName
dim fs,p
set fs=Server.CreateObject("Scripting.FileSystemObject")
e=(fs.GetExtensionName("" & strServerName & ""))
p=fs.getfilename("" & strServerName & "")
response.write(p)
response.write(e)
set fs=nothing
Set oFileUp = Nothing
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP
From novice to tech pro — start learning today.
-
Business CommunicationCertification: PMI ACP Project Management Institute Agile Certified Pra… 283 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
Open in new window
Add the below function anywhere in your code. For ease of reading either at the very beginning or end.
Open in new window