Reputation: 1950
Allow users to upload file to a protected folder
I have a page for members to upload files to a folder named UploadedFiles where only administrator of the site can access this folder.
Inside the UploadedFiles folder, there's a web.config file that has the follwing text:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Is there any work around that allow normal members to upload file to this folder? What I want is to let users upload files to a secured folder that only administrator can access them.
Upvotes: 0
Views: 388
Answers (1)
Reputation: 1262
The restriction to the folders using web.config is applied by IIS/ASP.NET engine. You can use ASP.NET code behind file to save the files in this folder.
So if you have a FileUpload control in any of the pages, get the file from the control. Get the path of the UploadedFiles using Server.MapPath("~/UploadedFiles") and save the file in this folder. If the IIS User has access to this folder, it would be able to save it.
Basically this would allow any user to save file to this folder, but only admins to view them.
Upvotes: 1
Related Questions
- folder permission for uploading files in asp.net
- Enable users to upload files to folder using javascript
- How to secure uploaded files in ASP.Net
- Secure and Automated way of giving permissions for upload folder in ASP.NET C# web application?
- File upload security Concern
- Authorized File access in ASP.NET Web Application
- Allow write access to a folder for only specific web users
- How do I secure a folder used to let users upload files?
- How add role based security the files in a folder
- Controlling access to specific files via <location>