Currently whenever a user uploads a file through our website, it gets put in a folder such as:
www.domain.com/Uploads/Docs/filename.doc
However, I'd like to move this to a subdomain such as:
uploads.domain.com/Docs/filename.doc
This is mainly because I'd like to keep the files uploaded by the user, totally seperate from the web app.
However, currently I use an ASP.NET FileUpload control to upload the files, by doing something like:
myFileUpload.SaveAs(Server.MapPath("/Uploads/Docs/filename.doc"))
How would I change this line of code to be able to upload to the subdomain easily?
Cheers.
If both domains are on the same server, simply point the site for the subdomain to the /Uploads/Docs directory as the base directory.
You can then restrict this directory from your www domain.
Different sites can share the filesystem and this may be a good solution for your problem, without changing any code.
Related
Strange question but hopefully its possible.
we have files in the root of our site (/files) these are uploaded through the main cms side of the website (/admin) and to be accessed by people who have access to the (/school) directory.
At the moment, if you have the direct link URL EDIT TO THE FILE you can gain access to the file
the files folder has its own web.config file with some rules, is there a way i can add some of my own authentication within the web.config to only allow requests that come from the School folder to have access to the files?
In my head i would have a piece of VB code that does something like this:
If (Request.UrlReferrer <> Nothing) Then
If Page.Request.UrlReferrer.ToString.Contains("/School/") = True Then
???
End If
Else
Response.Redirect("index.aspx")
End If
I've tested this in a simple page and it seems to work okay.
Well, I would assume that the users who can use school folder are memembers of a secuirty role called School (or some such).
thus, any user not a member of school can't use the pages (or files) in the school folder.
Since you want the SAME restricitons for the folder files, then use the same web.config to secure the files folder.
That will mean only users who can use the shools folders will also be the same group of people that only use the files folder.
Now the above will not stop members of securty role "school" from typing in any valid URL to the files folder. So, if you want to prevent this, then I would suggest that for all files up-loaded, you create a folder inside of files folder based on their PK row in the membership table (Memebership.ProviderKey).
Then what you would do is turn off all role groups rights to the files folder. I perfer not EVER allowing a direct URL to files.
Remember, only IIS respects the IIS security settings and provider for a web based URL. Code behind is 100% free to load, read, write, use, play with ANY file via code behind. Code behind uses plain jane FULL path names - and those path names and file names used by code behind does NOT care nor use IIS security settings. Only web based URL's dish out by IIS respect and use the IIS security settings you have for the schools folder. So, copy the web.config for schools over to files, and you are done.
But, code behind? it does not care nor use those settings at all.
So, code behind does NOT use nor respect nor care about IIS security settings. IIS role membership ONLY applies to the asp.net pages and web based URL's. But, code behind is a 100% free to get and grab any file on the system - even files outside of the wwwroot path name of the web site.
So, as a 2nd level and better security?
I would not allow ANY URL's to the files folder.
You then display a grid or list of files on the web page, and code behind for the download button can then go read/get the file (you can use TransMitFile to download that file)
So, best approach is to not allow ANY valid URL's to the files folder.
However, for now, since you only want people who can use the schools folder also be the SAME people that can use the files folder? Then just use the same web.config for both folders - only those people with role of "school" will thus have use and rights to the files folder.
From the information you provided, then you don't really need any code changes - only to take the security settings from the school folder web.config, and copy that to the files folder, and you should be done.
Now, it is possible that the schools folder is not secured by using IIS security and roles - but then again, that would a epic face plant and horrible design choice.
I know it's been asked and I have read the posts and Googled this all day. Still nowhere near something that works. Using an .aspx page, I need to upload a .pdf file to a specific website. I'm doing development using VS2017 and VB.Net. The app will run on different websites. It needs to upload client files to a specific different website and path. Also, the file name of the uploaded file will not be the same as the local source file. Creating the new name is no problem.
Let's say a local file must be uploaded to a website at https://www.appfileserver.co.za/pdfdocs, but I'm on https://www.myownsite.com. So, when using FileUpload1.SaveAs(rootedpath) the path that goes in there must be the rooted path to the target. What would the rooted path look like for the example I provided?
FYI, I know the IP addresses, http paths and anything else I need to know because I control those sites. It would be great to do an FTP upload. I have done this many times from desktop apps. Unfortunately I'd need the full path to the local file. It seems there is no way a web page is allowed to get that full path, so FTP upload is out - or is there a way?
After battling for two days trying to FTP upload from website to website (which is not possible because server firewalls block this), I finally solved it. The solution was a simple one. I deployed the upload .aspx file on the target server then embedded that in an iframe on the client machine apps. The files are then uploaded one time to the right place. Simple and 100% effective. Hopefully somebody see's this and understands it - so as to avoid the troubles I had.
this picture features the cpanel of the website I own. Check the image carefully and you will find out that there's "nothing" to be shown in "public_html" folder. But when ever I visit my domain (www.tumajnuri.com) I see the advertising banner of the service I bought the domain from. As an amateur, this is the first time I decide to upload web pages. I already learned this fact that "public_html" is the default "root" folder of many domains, but nothing exists within this folder. I should find out which folder contains this "jpg" file so, I can delete and replace it with my index.html. Thanks!
My cpanel: http://www.tiikoni.com/tis/view/?id=8826319
The default that you can upload/change is the public_html/index.html.
If you do not upload anything there is an other default that you can not change.
It is the domain/hosting service's html.
I have around 20 websites created a single web-server, now i have made a tool which will be common for all the websites, so i have a common user-control, which i am using on .aspx file inside all the website
Now i want to keep these user-controls in a location outside the website directory so that i can access these same control to all the websites.However i cannot find a way to get the directory outside the website's root directory. I googled around and saw the option to make the directory as virtual one, so that it will be accessible to the site, but here i would have to link the folder to one website at a time, so it would be same keeping controls in separate websites, which i want to avoid for update reasons.Can anyone tell me how can i achieve this.
Hi In rough unchecked code something like:
You can access like this.
webRootPath = Server.MapPath("~")
docPath = Path.GetFullPath(Path.Combine(rootPath, "..\Documents/MyDocument.xml"))
I am trying to create a site with xhtml I have it done I just need to figure out how to upload it
I am using 000webhost as my web hoster but whenever I go on my main page it says
index of/
then it says all of my sites
I want to go directly to m main site
how do I do that?
You should go to:
Members area,
Login,
Select in Action GoTo Cpanel and then:
You should configure your FTP servers, upload an index.html or index.php file and put your main information there.
EDIT:
You should upload everything to your public_html folder always, you should see a file that should say do_not_upload_here before that folder.
Public html is what what it sounds like. The html container folder that contains what will be visible*. (*VERY rough explanation)
You can use their file manager or an FTP client for this pourpose.
BTW beware of the affiliate programe fo 000webhost, check it out, total hoax (the web hosting is very good for being free).
I´ll gladly expand if you have any doubts.
Here is a good FTP basic tutorial:
http://www.youtube.com/watch?v=I85sldEvLuY&feature=related
Do you have an index.html file in your root directory with your host? Without one of those (or another similar index file), you will just see a directory listing of your site.