Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 19

Thread: persist.upload

  1. #1
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Exclamation persist.upload

    this is a simple persist upload code...and it is working...it uploads every file i send to this code...
    but that is a problem too, cause:
    1.i limit it to 1 mb with Upload.SetMaxSize 1048576 and when i'm tring to upload a larger file it uploads the first 1mb and than sending me that the file was uploaded...do i need to write "if" that checks every files size?
    2.i do not want to host a party of files on my server how can i make sure that users want upload nothing more that images and doc,txt pdf rtf files?
    *if u take a exe file and change the extantion to gif i think it will be uploaded with no problem...that is bad

    well in this code even the extantion limit is not working...even
    <% If File.ImageType = "GIF" or File.ImageType = "JPG" or File.ImageType = "PNG" Then %>
    this code not working...


    help, help please

    Code:
    <%
    
    Set Upload = Server.CreateObject("Persits.Upload.1") 
    
    Upload.OverwriteFiles = False
    	Upload.SetMaxSize 1048576	' Limit files to 1MB
    
    Upload.Save 
    
    Path = Server.MapPath("\upload") & "\" & "subdir"
    
    Upload.CreateDirectory Path, True
    %>
    
    
    <HTML>
    <BODY BGCOLOR="#FFFFFF">
    <CENTER>
    
    <% If Err <> 0 Then %>
    
    	<FONT SIZE=3 FACE="Arial" COLOR=#0020A0>
    	<H3>The following error occured while uploading:</h3>
    	</FONT>
    
    	<FONT SIZE=3 FACE="Arial" COLOR=#FF2020>
    	<h2>"<% = Err.Description %>"</h2>
    	</FONT>
    
    	<FONT SIZE=2 FACE="Arial" COLOR="#0020A0">
    	Please <A HREF="demo1.asp">try again</A>.
    	</FONT>
    
    <% Else %>
    <FONT SIZE=3 FACE="Arial" COLOR=#0020A0>
    <h2>file have been uploaded.</h2>
    </FONT>
    
    <FONT SIZE=3 FACE="Arial" COLOR=#0020A0>
    <TABLE BORDER=1 CELLPADDING=3 CELLSPACING=0>
    <TH BGCOLOR="#FFFF00">Uploaded File</TH><TH BGCOLOR="#FFFF00">Size</TH><TH BGCOLOR="#FFFF00">Original Size</TH><TR>
    <% 
    For Each File in Upload.Files 
       File.SaveAs Path & "\" & File.FileName
    %>
    	<% If File.ImageType = "GIF" or File.ImageType = "JPG" or File.ImageType = "PNG" Then %>
    		<TD ALIGN=CENTER>
    			<IMG SRC="/uploaddir/<% = File.FileName%>"><BR><B><% = File.OriginalPath%></B><BR>
    			(<% = File.ImageWidth %> x <% = File.ImageHeight %> pixels)
    		</TD>
    	<% Else %>
    		<TD><B><% = File.OriginalPath %></B></TD>
    	<% End If %>
    	<TD ALIGN=RIGHT VALIGN="TOP"><% =File.Size %> bytes</TD>
    	<TD ALIGN=RIGHT VALIGN="TOP"><% =File.OriginalSize %> bytes</TD><TR>
    <% 
    Next 
    set Upload = Nothing 
    %>
    </TABLE>
    </FONT>
    
    <% End If %>
    
    </CENTER>
    </BODY>
    </HTML>

  • #2
    Regular Coder
    Join Date
    Mar 2007
    Posts
    505
    Thanks
    1
    Thanked 19 Times in 19 Posts
    Hi Sasha --

    With your 2 questions above, you are on the right track to solving your own problems.

    1. i limit it to 1 mb with Upload.SetMaxSize 1048576 and when i'm tring to upload a larger file it uploads the first 1mb and than sending me that the file was uploaded...do i need to write "if" that checks every files size?
    Quick Answer -- Yes. Check the file size before you do the upload (i.e. before the Upload.Save method)

    2.i do not want to host a party of files on my server how can i make sure that users want upload nothing more that images and doc,txt pdf rtf files?
    You are on the right track, but don't use File.ImageType. Use
    Code:
    IF NOT RIGHT(File.FileName,3) = "JPG" OR NOT RIGHT(File.FileName,3) = "GIF" ... and so on and so forth
    Couple other options are:

    a) Set a variable = RIGHT(File.FileName,3) so that way you can call the variable. Less typing...

    b) Use InStr...

    Code:
    dim testMe
    
    testMe = right(File.FileName,3)
    
    If not InStr(testMe,"JPGGIFRTFDOC") then
      'throw error, not an accepted file type
    else
      'continue with your code
    end if
    Lastly -- ALWAYS do the checks *before* you upload the files to the server. Doesn't help to check the files after they have been uploaded.

    HTH!
    To say my fate is not tied to your fate is like saying, 'Your end of the boat is sinking.' -- Hugh Downs
    Please, if you found my post helpful, pay it forward. Go and help someone else today.

  • #3
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts
    what do you suggest about the scenario with uploading harmfull file with mask of a gif jpg or rtf extension?

  • #4
    Regular Coder
    Join Date
    Mar 2007
    Posts
    505
    Thanks
    1
    Thanked 19 Times in 19 Posts
    There is no true way to combat those.

    You can do a couple of things to help guard against it, but nothing can officially stop it.

    1) Make sure you have AV running on your server. This should be a given, even for Linux servers. No, viruses (for the most part) cannot harm Linux, but they can be propagated to Windows computers.

    2) Only allow uploads as a Guest or User account, so that way any executable files that are uploaded cannot run as ROOT or Administrator.

    3) Do not put the uploads folder (or your data folder for that matter) on the same volume as your System Files.

    4) Set up a Scheduled Task (or cron job) to go through once an hour to reset the folder permissions to not allow executable access. That will reset all of the file permissions as well.

    HTH!
    To say my fate is not tied to your fate is like saying, 'Your end of the boat is sinking.' -- Hugh Downs
    Please, if you found my post helpful, pay it forward. Go and help someone else today.

  • #5
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts
    last Q
    Code:
    	Upload.SetMaxSize 1048576	' Limit files to 1MB
    this is not working...it's only limits the upload files...
    if i'm uploading jpg that weight 2 mb..this uploades only the first 1mb
    as a result i got invalid file

    is there a way to screem error when the file is over Upload.SetMaxSize 1048576

    by d way...
    Daemonspyre thank u!

  • #6
    Regular Coder
    Join Date
    Mar 2007
    Posts
    505
    Thanks
    1
    Thanked 19 Times in 19 Posts
    Code:
    If File.FileSize > 1048576 then
      Error = "This file is too large. Please choose a smaller file"
    end if
    '
    if Error <> "" then
      Upload.Save
    end if
    You are welcome
    To say my fate is not tied to your fate is like saying, 'Your end of the boat is sinking.' -- Hugh Downs
    Please, if you found my post helpful, pay it forward. Go and help someone else today.

  • #7
    Senior Coder
    Join Date
    Dec 2002
    Location
    Arlington, Texas USA
    Posts
    1,065
    Thanks
    4
    Thanked 8 Times in 8 Posts
    Actually with the Persits upload you cannot check the file size that way. The only way is to use On Error Resume Next before the call the .Save or .SaveAs method. Then check if the error number = 8 (the file being too big). You can then stop the code from continuing if there are errors by adding On Error GoTo 0

    The reason you cannot check it that way is until you actually use the .Save or .SaveAs method you cannot check the filesize.

    Below is an example that we use, you will have to change the code a bit but this should give you an idea
    Code:
    Set Upload = Server.CreateObject("Persits.Upload")
    On Error Resume Next
    Upload.SetMaxSize 100000, True	
    FileSave = Upload.Save			' Save to memory. Path parameter is omitted
    Set File = Upload.Files("Resume")	' Check whether a file was selected
    If(FileSave = 1) Then
    	FileName = File.Filename
    	FileExt = Mid(UCase(File.Ext), 2)
    End If
    If Err.Number = 8 Then 
       Call LargeFile(File.Size)
       Response.End
    End If
    On Error GoTo 0
    Last edited by miranda; 09-18-2007 at 10:04 PM.

  • Users who have thanked miranda for this post:

    sasha85 (09-27-2007)

  • #8
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Unhappy

    this is a copy from the uploading part that i wrote after i read all the replaies
    i think i got the main idea but got wrong on some little thing...

    thank you
    Code:
    Set Upload = Server.CreateObject("Persits.Upload.1") 
    
    On Error Resume Next
    
    Upload.OverwriteFiles = False
    
        Upload.SetMaxSize 1000, True
    
    Upload.Save 
    
    
    
    Path = Server.MapPath("\upload")
    
    Upload.CreateDirectory Path, True
    
    If Err.Number = 8 Then 
    response.write ("file too big")
       Response.End
    End If
    
    
    If Err <> 0 Then 
    
    response.write "we got a big Prob"
    
    Else 
    
    
    
    dim i, fil, fil1, fil2, fil3
    i = 0
    For Each File in Upload.Files 
    
    
    
    dim testMe
    
       File.SaveAs Path & "\" & Day(plushours) & "-" & Month(plushours) & "-" & Year(plushours) & "_" & hour(plushours) & "-" & Minute(plushours) & "-" & second(plushours) & "_" & File.FileName
    
    
    testMe = right(File.FileName,3)
    
    If not InStr(testMe,"JPGGIFRTFDOC") then
       response.redirect "message.asp?message="& Server.Urlencode("only jpg gif rtf doc can be uploaded.")	
    else
    
    end if
    
    end if
    
    On Error GoTo 0

  • #9
    Senior Coder
    Join Date
    Dec 2002
    Location
    Arlington, Texas USA
    Posts
    1,065
    Thanks
    4
    Thanked 8 Times in 8 Posts
    proper indentation would tell you that you had a For with no Next.
    because on Error resume next doesn't stop with errors add On Error GoTo 0 as soon as you can after the error trapping to stop the code from continuing if there are erorrs (or add a whole lot more error trapping).
    If Err <> 0 Should say if Err.Number <> 0
    Do you understand what the InStr function does? if not read up on it. because you are looking to see if the right argument is inside the left argument. So simply changing them around will make it work.

    Here is the code with some changes
    Code:
    Set Upload = Server.CreateObject("Persits.Upload.1") 
    
    On Error Resume Next
    Upload.OverwriteFiles = False
    Upload.SetMaxSize 1000, True
    Upload.Save 
    
    Path = Server.MapPath("\upload")
    
    Upload.CreateDirectory Path, True
    
    If Err.Number = 8 Then 
    	response.write ("file too big")
                 Response.End
    End If
    
    If Err.Number <> 0 Then 
    	response.write "we got a big Prob"
    Else 
    	On Error GoTo 0
    	dim i, fil, fil1, fil2, fil3
    	i = 0
    	For Each File in Upload.Files 
    		dim testMe
    		File.SaveAs Path & "\" & Day(plushours) & "-" & Month(plushours) & "-" & Year(plushours) & "_" & hour(plushours) & "-" & Minute(plushours) & "-" & second(plushours) & "_" & File.FileName
    		testMe = UCase(right(File.FileName,3))
    		if not InStr("JPGGIFRTFDOC",testMe) then
    			response.redirect "message.asp?message="& Server.Urlencode("only jpg gif rtf doc can be uploaded.")	
    		else
    	Next
    End if

  • #10
    Regular Coder
    Join Date
    Mar 2007
    Posts
    505
    Thanks
    1
    Thanked 19 Times in 19 Posts
    Quote Originally Posted by miranda View Post
    Actually with the Persits upload you cannot check the file size that way
    Miranda, you were right, but you CAN check it with File.Size, not File.FileSize.

    I had to go back and check some old Persits code that is currently being used on a daily basis, and this does check the file size correctly.
    To say my fate is not tied to your fate is like saying, 'Your end of the boat is sinking.' -- Hugh Downs
    Please, if you found my post helpful, pay it forward. Go and help someone else today.

  • #11
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Exclamation checks the file before or after the upload?

    i'm a week now tring to find a solution to this problem...how to check the file size before uploading...

  • #12
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Thumbs down no words...I got Nothing...

    after all those talkings i got this picture:
    i'm uploading a file of 3mb when the limit is only 1mb...and the code not stoping the uploading!
    it goes on and on and after 180 sec -the timeout of the server i got-
    The page cannot be displayed...
    realy it is so sad...

    if i will take file of 1 mb and set the limit to 500kb after a long time...something like 100sec i will get - file to big...

    the same thing if i will upload files with strange extansions...
    it upload them and only in the end it is checking...

    PEOPLE THIS IS NOT LOGIC...IT IS SO SAD...

  • #13
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    Location
    London, UK
    Posts
    1,856
    Thanks
    8
    Thanked 110 Times in 109 Posts
    From http://www.aspupload.com/manual_simple.html

    "Since AspUpload has no way of knowing in advance how many files there are in a POST and how large they are, it will always allow the upload process to go through, even if the very first file exceeds the specified limit."

    You HAVE to physically upload the files to the server before the component is able to look at the complete file properties and tell if it's bigger than the set limit. There is no way that I know of to check the size of a file on the server that hasn't finished uploading to the server.

    It's probably taking a while because your server, like most servers, doesn't have a lot of bandwidth allocated to upstream data. So it's uploading slowly.

    If you use a pure ASP upload script, you might be able to count bytes as they're going up or something. I'm not sure. But I'd be surprised if you could do it with the Persits ASPUpload component.

  • #14
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Unhappy Spudhead u just described how it works...

    man...you got me right...unfortunately this is exactly my situation...
    Last edited by sasha85; 09-30-2007 at 03:31 AM.

  • #15
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Thumbs up miranda Daemonspyre Spudhead you were great!

    here was a real dummy question...i deleted it...asking all the people who read it for forgiveness

    sorry
    Last edited by sasha85; 09-30-2007 at 04:11 AM.
    By the time u recognize this moment, This moment will be gone.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •