As you probably know, Microsoft has one free DLL, namely CPSHOST.DLL, with
which you can upload files. It requires a folder with write permissions
since it is there where the file(s) will be posted (saved) when they arrive
to the Web server (IIS). Another drawback is that you are focusing only on
file uploading and not on other uploading possibilities.
Remember, when you upload a file, you can also upload (post) any other
inputs, such as the input file, input checkbox, input password, and input
image, etc. And you can check their value just as if you were posting an
ordinary form.
So when you upload a file you are really posting a form's content to
the browser by using a different encoding type (enctype) in your form.
That encoding is specified as enctype="multipart/form-data" as an
attribute of your form.
The specification in RFC 1867 "Form-based File Upload in HTML" describes
the mechanism by which a file may be uploaded from a Web browser
to the server.
The Strange and Fun Stuff
Imagine you have a form just like this one (click here for the upload.asp
file):
After filling those 2 input files, what happens when you submit your form?
Well, all of this content will become the body of your HTML message. But,
the contents will be posted in such a way that you'll be able to parse
all of it.
First things first. Let's see what's been posted:
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="input_check"
on
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="input_password"
mypassword
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="input_text"
mytext
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="input_hidden"
myhiddenvalue
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="FileItem";
filename="C:\Inetpub\wwwroot\Upload\file1.txt"
Content-Type: text/plain
This file has some text in it.
It also has more than one line.
-----------------------------7d01ecf406a6
Content-Disposition: form-data; name="fileaaa";
filename="C:\Inetpub\wwwroot\Upload\pic.gif"
Content-Type: image/gif
(binary content)
-----------------------------7d01ecf406a6--
Notice all the inputs have been posted to the server. You can also see this
just by having your upload.asp file like this:
Where you see (binary content) there should be a lot of strange characters,
which I've omitted because they take a lot of space.
Separating Inputs
All the text in bold like -----------------------------7d01ecf406a6
is what separates each input. Note also that in the end
of the post we also have the text
-----------------------------7d01ecf406a6-- but it signals the end
of our post, since it ends with 2 minus signs (--). Anyway, don't
forget that this strange hexadecimal number is different every time you
post content this way to your IIS.
Using some parsing techniques, it is quite easy to get each input name and
respective value. Although I've done some parsing, available to you in
the article code, I cannot say they are effective at all, since I've
only used them to understand the potential of file uploading.
Conclusion
If you want to have file uploading available in your Web site, whether
intranet or Internet (although I prefer to use only in Intranet servers),
you can build it all by yourself.
You can build your own ISAPI DLL; You can build your own COM/MTS DLL;
You can have your file upload transactional;
You don't need to have a directory with write permissions;
You can even deal with all your upload content only in ASP code (example
appears in the article code).
About the Author
Tiago Halm is from Portugal. He is a project manager and team leader in a
financial
institution called BPI (http://www.bancobpi.pt). He has also been
a program/product manager at an Internet/Multimedia company called Neuronio
(http://www.neuronio.pt),
handling projects for Telecel, Compaq, and Expresso. He can be reached at
thalm@hotmail.pt and at thalm@londonoffice.com.
AspUpload is an Active Server component which enables an ASP application to accept, save and manipulate files uploaded with a browser. The files are uploaded via an HTML POST form using RFC 1867. AspUpload can then manipulate the uploaded files in a number of ways which include ACL manipulation, attribute changes, saving to a database, and ActiveX DLL registration.
Uploading files is as simple as ABC with ABCUpload. Our Pure HTML Progress Bar allows your visitors to see the
progress of their upload in real time with absolutely no client side software. We also offer a number of other advanced technical features including Unicode Compliant, 120% MacBinary Compatible, BLOB Aware, support for foreign language uploads.
ABCUpload also supports COM+ and is also available in a .NET version.
With ActiveFile's advanced features, such as restart of interrupted downloads, download failure detection, and industry standard data compression, it's no wonder that companies like Associated Press and Xerox are Infomentum OEM partners. ActiveFile is the professional’s choice for leading edge capabilities that can’t be found in any other file component.
If you are looking for an intelligent way to exchange files between your ASP or ASP.NET application and web clients, the search is over. Compliant with RFC 1867, ActiveFile provides both file upload and download capabilities that work seamlessly with all of the leading web browsers. Using Active Server Pages or ASP.NET scripting, your application can manipulate files and directories using a robust set of objects and methods provided by the ActiveFile component.
An all-in-one shopping cart system that provides a universal hook to all shopping pages on your Web site, regardless what you sell. Runs for all IIS based Web servers under Windows 95, 98, NT 4.0, NT 2000. Works with all versions of FrontPage.
Microsoft Posting Acceptor allows Microsoft Internet Information Server (IIS) to accept Web content posts (files) from Microsoft Web Publishing Wizard or other clients using the RFC1867 multi-form/posting method through an http connection. Microsoft Posting Acceptor can also accept content posts from Internet Explorer 3.0 (with the ActiveX Upload control provided with Microsoft Posting Acceptor) and Netscape Navigator 2.02 or greater through forms.
FileUp is the standard in transactional file uploads and secure downloads.
Allows dynamic applications to accept, save, and manipulate files uploaded
via a browser. Files can be of any format such as Word documents, images, or
plain text. FileUp is the most comprehensive transactional file transfer
controls: supports foreign character sets; guarantees synchronization
between upload processing and database transactions; full COM+ integration;
simplified error handling; guaranteed integrity when uploading multiple
files; server-side progress indicator; performance monitor counters;
MacBinary decoding, recursive directory uploads and more! Besides the most
complete feature set, FileUp includes documentation, a large set of sample
ASP pages, and an extensive tutorial. .NET, ASP & VB
Allows working with safearray binary data. Enables binary file
upload to the ASP and download from ASP with on-fly compression or
generation binary data (Using Response.BinaryWrite and
Request.BinaryRead). Enables calling some of Kernel and Advapi functions
and work with processes and threads.
In this article, Marco Nanni examines an example of multiple binary file uploading for Web applications using XML, without the typical limitations of traditional file upload processing. [Read This Article][Top]
Build multipart MIME upload forms using the InputFile HTML Server Control and learn how to take advantage of the file-upload services built into the HTTP runtime for ASP.NET. Save the uploaded file to disk without granting anonymous users file-write access to folders on your Web server. Then wrap all this in a new ASP.NET user control, which will allow you to add file upload capabilities to almost any Web page quickly and easily. [Read This Article][Top]
To design an industrial-quality solution, one must delve into both how basic uploads work and the more advanced issues of file uploading.
[Read This Article][Top]
This article by Sander Duivestein examines the upload components currently on the market and gives his opinion about how they work. Sander takes the reader through his requirements for uploading and the solutions that he used. [Read This Article][Top]
This article was written for VB5/VB6 or ASP programmers want to explore server-side ActiveX ASP components and may be looking for a “how to” code demonstration of uploading files from an Internet browser. [Read This Article][Top]
In this article by Peter Persits, of Persits Software, discusses how the browser uploads files to the server and how to deal with the data streams. He demonstrates Request.BinaryRead and the different data streams returned by browsers that follow RFC 1867. He also shows how to use AspUpload to handle files that are uploaded to the web server. [Read This Article][Top]
In this article David Wihl, of Software Artisans, discusses the options available for uploading files to a web server. He also compares SA-FileUp with the Posting Acceptor and provides example code for uploading files with SA-FileUp. [Read This Article][Top]
Mailing List
Want to receive email when the next article is published? Just Click Here to sign up.
