Every now and then there comes a time when a web application requires more from a user. It’s not enough that the application receives data in the form of user text boxes and drop-down selections. Sometimes, we need the user to upload a file onto the server. But can we trust the user to setup an FTP program, connect to our server, and place the right file into the right folder without touching anything else? Of course not. What we need to a chimp-simple way to allow users to upload a specific type of file into a specific folder.
Requirements
For this scenario I have 3 requirements:
- Restrict the user to uploading to a specified directory on my server.
- Restrict file size to prevent huge files from filling up my disk space.
- Restrict file types. In this example I only will want image files. Any other file type must be rejected.
Using an ASP Component to Handle File Uploads
There are many file upload components that one can purchase or, if you are so inclined, you can roll your own. The 2 most popular ASP file upload components are Software Artisans FileUp and Persists AspUpload. Both handle uploads slightly different. Let’s code each of these components to handle the above requirements.
The FORM
The FORM, where the client uploads a file, is identical.
<form name="form" action="upload.asp" enctype="MULTIPART/FORM-DATA" method="POST"> <input type="file" name="file1"> <input type="submit" value="Upload Files"> </form>
Shared Code
Before you pick which component you will be using, here is some common code that both can use. isFileSizeOK handles the file size restrictions. isValidFile is where you’ll define what file extensions the client can upload.
intMaxFileSize = 8000 strUploadFolder = "c:\uploadFolder" Function isFileSizeOK(bytes) ' restrict file byte size byteMAX = intMaxFileSize If bytes > byteMAX Then isFileSizeOK = FALSE Else isFileSizeOK = TRUE End If End Function Function isValidFile(filename) ' define what file types you will permit to upload fileExtension = lcase(right(filename,4)) select case fileExtension case ".gif",".jpg",".png","jpeg" isValidFile = TRUE case else isValidFile = FALSE end select End Function
Software Artisans FileUp
Sub uploadSA Set up = Server.CreateObject("SoftArtisans.FileUp") up.Path = uploadFolder If NOT up.IsEmpty Then filename = Mid(up.UserFilename, InstrRev(up.UserFilename, "\") + 1) ' restrict file types to upload If isValidFile(filename) Then ' restrict file by size If isFileSizeOK(up.TotalBytes) Then up.Save strUploadStatus1 = "File [" & filename & "] Uploaded Successfully! " & up.TotalBytes Else strUploadStatus1 = "ERROR: File Too Large: " & filename & " (" & up.TotalBytes & " bytes)" End If Else strUploadStatus1 = "ERROR: This File Type is restricted from uploading: " & filename End If End If Set up = Nothing End Sub
Persists AspUpload
With AspUpload, you save the file first, then perform checks. If the file fails the checks, then the code deletes it from the server. This component also has a “SaveToMemory” option, which bypasses the write to the disk until instructed. ASPUpload has built-in image size handling and can detect if a file is an image with the .ImageType property, but for this example we’ll use the isValidFile function.
Sub uploadPersists Set up = Server.CreateObject("Persits.Upload.1") up.OverwriteFiles = TRUE up.SetMaxSize intMaxFileSize up.Save uploadFolder For Each File in up.Files fileName = File.ExtractFileName If isValidFile(fileName) Then If isFileSizeOK(File.OriginalSize) Then strUploadStatus2 = "File [" & filename & "] Uploaded Successfully! " Else strUploadStatus2 = "ERROR: File Too Large: " & fileName & " (" & File.OriginalSize & " bytes)" File.Delete End If Else File.Delete strUploadStatus2 = "ERROR: This File Type is restricted from uploading: " & fileName End If Next End Sub
Last Words
Both components can do a lot more than what I’ve demonstrated above. For a more complete list of features, check out the online manuals for Persits AspUpload and Software Artisans FileUp.
This tutorial was expanded for DevGuru.com as A Simple ASP File Upload Application.
