Home > Articles > Programming > ASP .NET

  • Print
  • + Share This
From the author of

Accepting User Uploads in a Nutshell

Following are the bare-bones steps to accept user uploads:

  1. In an .aspx page, find the form tag. With Visual Studio .NET, this is always added automatically. If you're using another tool, make sure that you have the following form tag:

    <form id="MyId" method="post" runat="server">
  2. Add this attribute to the form tag enctype="multipart/form-data". The form tag will now look like this:

    <form id="MyId" method="post" runat="server" enctype="multipart/form-data">

    enctype determines how the form data is encoded. Whenever data is transmitted from one place to another, there needs to be an agreed-upon means of representing that data.

  3. If you're using Visual Studio .NET, open the HTML section of the Toolbox and add a File field to the page. If you're not using Visual Studio .NET, manually add the following to the HTML:

    <INPUT type="file" id="Filename">
  4. In the File field, add a runat="server" attribute as follows:

    <INPUT type="file" id="Filename" runat="server">

    In your C# or VB code, you can get the filename from the Filename.PostedFile.FileName property.

  5. Save the file to disk (on the server) by using the Filename.PostedFile.SaveAs() method. The SaveAs() method takes a single argument: a string containing the full pathname to which the file will be saved. For example:


    Filename.PostedFile.SaveAs( "c:\\MyFiles\\SomeDir\\TheFile.dat" );


    Filename.PostedFile.SaveAs( "c:\MyFiles\SomeDir\TheFile.dat" )

    The destination directory on the server must give the necessary permissions for the save operation. Normally, the ASP.NET account won't have sufficient rights to save a file to disk. The way to fix this is to first create a directory under the application directory, and then give the Everyone group full access, as shown in Figure 1.

    Figure 1Figure 1 The destination directory should give the Everyone group full access.


    Make sure that your web application directory doesn't give full access to the Everyone group.

  • + Share This
  • 🔖 Save To Your Account