I wonder if its possible to change permission on file from code behind?
PROBLEM: Unfortunately i use AjaxFileupload to upload files to webserver. So far so good. The problem arises when the uploaded files, that are saved on a mapped folder on the webserver are to be opened. The files doesnt show up in folder (on other server), lack of permissions.
Here is why: AjaxFileUpload save the file in a temp folder first, then move it to actual by me defined path. The file inherit the permission from that temp folder, not the permission i have put on my mapped folder. I need to use the mapped folder and I need the permissions on the mapped folder to be inherited to the file.
Why do i need this? I need this because there is an desktop application that need to open the files. The mapped folder have all the correct permissions for doing this. So, how to do? It would be easy if i can change permission on files from code behind, lets say just after i saved the file to folder, BUT is that even possible?
I read somewhere that it wasnt a good idea to change permission on the temp folder, any ideas why?
Any help would be appriciated!
edit:
So to clearify, i dont have any problems saving file to disk (server 3). My problem is that i cant see or access files on server 1, because the file doesn't inherit the mapped folder permissons. The mapped folder have permisson from both server 1 and server 3 but one the file get uploaded the file only have permission from server 3.
I don’t think the problem is with the permission on the source file. I believe the problem is the account used to run IIS does not have permission to access the mapped folder.
You can use Impersonation to grant access for the section of code that saves the file.
See these:
WindowsIdentity.Impersonate
This question
And this question
Solved it by myself. Basically wrote some code that gave me the name of the tempfolder on webserver where ajaxfileupload made the temp-save before moving the file to the folder i wanted it. When i had the name on that folder i basically changed permission on that folder. I only gave read and list permission on the folder because i dont want the desktop application to have any other right on the webserver. That was all i needed to get the file listed on in the mapped driver.
Related
In my asp.net web application, I read the xml file for obtaining a key. If file is not present I show a form to enter the key details and then create the file.
First problem: My app does not recognize the file even if its there.
Second problem: I am running application on the server. When writing, rather overwriting the file, browser shows the username, password prompt before writing the file. If I enter admin credentials it allows to create a file.
I have checked all possible combinations of permissions on the file / folders, but could not resolve the problem.
Any ideas, what I could be missing here?
You read the xml file but is it as a part of your solution? If yes, are you reading it through relative path i.e. are you using Server.MapPath to read it like Server.MapPath("~/Files.test.xml")? Once you use relative path, I don't think it will ask you credentials as it still is in your project directory.
It should work. I am also reading and writing files in my web application.
If it still does not work, please tell me the way you are reading file.
Thanks,
I've recently moved my WP site from godaddy to a physical sever using windows server 2012 R2.
But I'm having problem uploading files using the Admin panel, After uploading the file, I can see it physically on the server (wp-content\upload\2017\10)
But I can't see it on the website it self.
I can only see the file if I'm changing it permissions on the server it self.
I've changed the permissions to the folder, I gave full access to the relevant users. But still, it doesn't work for new files\pictures I'm uploading via the wp admin panel
Edit:
I've notice that every time I come to change the folder permissions the permissions under CREATOR OWNER are always empty, Is it Related ?
Thank you very much for the help
When you upload a file, PHP sends the file to a temporary directory on your server's hard drive (usually C:\Windows\Temp) and then copies it over to the proper directory. Once the file has is initially put in the temporary directory, it gets the permissions of that directory. The problem is when Windows moves that file to the proper place, it keeps the temporary directory’s permissions, which can cause access problems.
The way to fix this is to change the temporary directory to a folder within your WordPress installation, usually wp-content/upgrade.
To do this, follow these directions:
Find your php.ini file.
Find the upload_tmp_dir line, and change it to the wp-content/upgrade folder.
Browse to this folder and verify that the permissions are set properly.
You should then have the ability to properly view all your images. You'll most likely need to select all the previous selected images, and change the owner of the files to the web folder owner. Then you should be good to go!
If you can’t upload an image at all, it’s probably because you need to give the IUSR account Read/Write/Modify permission on your wp-content folder. This will allow you to upload, and do the WordPress & plugin updates.
Once you have done that, all you need to do is give the IIS_IUSRS group Read permissions on your “C:\Windows\Temp” folder.
Make sure to notice that the two permission changes you make are not for the same user/group. Give IUSR permissions on your wp-content folder and IIS_IUSRS permissions on your Windows temp folder.
Note: If you have edited your php.ini file and change the upload temp directory then you will need to give IIS_IUSRS group read permissions on that folder instead.
That should do it, or at least it worked for me.
http://chris.wastedhalo.com/2011/01/wordpress-upload-permissions-on-iis-7-fix/
I find myself coming back to this question time after time when images I add to the Media Gallery don't have the correct permissions in the WordPress Uploads folder. Since I develop WordPress sites locally, it would be a pain to set permission on the Uploads folder every time I work on a new site.
To fix this, I created a folder "C:\Websites\Temp" without messing around with permissions or security settings, etc. Then in MAMP, I edited the php.ini template of the PHP version I was using for this site, php7.3.0.ini (File, Edit Tempate, PHP). I then set upload_tmp_dir to "C:\Websites\Temp":
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
upload_tmp_dir = c:\websites\temp
and voila, no more permission issues.
Well, a few years later, found this post. Tried it. Failed.
Other solution is to assign a specific user to the site in IIS and apply the right permisions to the folder containing the site.
I have wordpress on my windows server. Pictures and files are uploading but when i trying to access these files the server showing up with
500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.
When I searched for error i found some solutions about IIS but it didn't work. Can anyone cross with this permission error? And what is the solution.
Thanks
When you upload a file, PHP sends the file to a temporary directory on your server's hard drive (usually C:\Windows\Temp) and then copies it over to the proper directory. Once the file has is initially put in the temporary directory, it gets the permissions of that directory. The problem is when Windows moves that file to the proper place, it keeps the temporary directory’s permissions, which can cause access problems.
The way to fix this is to change the temporary directory to a folder within your WordPress installation, usually wp-content/upgrade.
To do this, follow these directions:
Find your php.ini file.
Find the upload_tmp_dir line, and change it to the wp-content/upgrade folder.
Browse to this folder and verify that the permissions are set properly.
You should then have the ability to properly view all your images. You'll most likely need to select all the previous selected images, and change the owner of the files to the web folder owner. Then you should be good to go!
I have an ASP.NET web application in which I am trying to open a text file located within a subdirectory of my webroot. The text file was uploaded through the same web application using SAFileUp. I am using the FileInfo object as such to read the text file ...
Response.TransmitFile(fileInfo.FullName)
The puzzling thing is I get an exception thrown when I execute this line of code.
Access to the path 'C:\webroot\xxxx\uploads\filename.txt' is denied
I have given the uploads folder, where the text file was uploaded, read/write/execute permissions to both the IUSR and IIS_IUSRS account and the permissions have inherited to the sub folders below. The interesting thing is the actual text document I am trying to load has NO permissions set for IIS_IUSRS while IUSR does have read/write/execute. As soon as I add the "read" permission to IIS_IUSRS I am able to read the file.
What confuses me is I would have thought the file would have inherited the permissions from the parent folders, but apparently not. How do I set the permissions of the uploaded file during the upload process so I can open it later for reading?
Well .. I found the answer. Basically, the upload component SAFileUp, uses the "Temp" directory where the uploaded file is cached to set the permissions of the uploaded file. In my case this directory was C:\Windows\temp. All I did was give the account IIS_IUSRS READ access to the C:\Windows\temp directory and I was able to access the uploaded file without issue.
Here is an article on SoftArtisans's website that clued me in and helped me find the directory the uploaded file was cached to.
http://support.softartisans.com/kbview_776.aspx
The server is IIS7.
Is there a way to disable web.config files in subfolders?
I am asking because, I have a folder on the web server that is for uploads. When someone uploads files, a new folder is created for the user's session and the files they upload go in the folder.
So the path to uploads would be like this:
~/uploads/3F2504E0-4F89-11D3-9A0C-0305E82C3301/somefile.txt
In the ~/uploads/ directory there is a web.config file that removes all http handlers except the static file handler and adds a wildcard mime type. So every file that a user uploads will only ever be served statically.
If a user uploads a web.config file, I want to disallow any of the settings in that file from being applied.
How can I do this?
EDIT
Could I just make the upload folder an application that is a member of an application pool configured to run in Classic mode instead of Integrated Pipeline mode? That way it wouldn't even care about a web.config file.
EDIT 2
Is there another type of webserver I could install for serving all files statically? I could just access the files through a different port. Is there some software that I can be sure wont run any scripts and is safe.
I simply wouldn't allow them to upload a file with that name. In fact, I normally wouldn't trust any filename that the user gave me... makes a great candidate for an injection-style attack.
Ok I have a different angle on this...
What if your uploads folder was not part of the website and instead part of the file system? This way ASP.NET is not processing requests to the folder and thus web.config wouldn't be loaded by the ASP.NET runtime.
You'd have to give your app pool's account read/write access to the file system where these files are stored, but I think it better fits what you're trying to accomplish.
Obviously it could be done in code.
If the folders always exist, you could pre-populate with a web.config with no (significant) content and an ACL to ensure it cannot be overwritten, but looking at the path it I suspect you create the upload folders dynamically which means this would not work.
I don't believe there is a way to tell IIS not to use a web.config (but I could be wrong). Personally, I would add a check to my save code and rename the file.
Why not just check the filename first to prevent the user from uploading a file named web.config? You're probably going to want to check for other things too before allowing the upload - files that are too big, etc.