I'm looking to do this exactly :
set src property in view to a url outside of the MVC3 project
Fine but in web form ?
I tried simply putting the path as a string into the src of the image :
<asp:Image ID="imgInside" runat="server" src="\\serverName.com\dfs$\APPL-ADM\FichiersDev\MandatsInfo\SAR220-2020_1.jpg" >
Obviously not working, so I made src pointe on this function I wrote like so :
<asp:Image runat="server" Width="160px" src='<%# getImage(Container.DataItem as MandatMobile.DAL.MandatsEcoleCC_Result) %>' ></asp:Image>
In back end C# :
protected Byte[] getImage(MandatsEcoleCC_Result p)
{
using (MandatsDatas db = new MandatsDatas())
{
GROUPE_ARTICLE g = db.GROUPE_ARTICLE.First(t => t.ID_GROUPE == p.ID_GROUPE);
if (string.IsNullOrWhiteSpace(g.image))
return null;
FileStream fs = null;
try
{
fs = new FileStream(#"\\serverName.com\dfs$\APPL-ADM\FichiersDev\MandatsInfo\" + g.MANDAT.NO_MANDAT + g.image, FileMode.Open, FileAccess.Read);
}
catch
{
}
BinaryReader br = new BinaryReader(fs);
return br.ReadBytes((int)fs.Length);
}
}
Still not working, I've been searching but I just can't figure it out and I'm stuck trying all sorts of non-sens.
Well, you confusing two things:
Code behind:
Anytime you run code that uses a file, then you writing 100% server side code. As such any file path is a proper windows FULL qualified path name. It has ZERO ZERO to do with web URL's.
Read the above a dozen times. Your code does not use URL path names - end of story.
Web site:
Anytime you reference a file, picture, script files or anything? You are and MUST use a URL based on the path names of the web site, and more so path names that resolve to the folders that represent the site.
root:
\Pictures (say a folder in the web site folder list with pictures.
So, a src, or ANY URL in the web site? They do NOT use windows path names like code behind.
So, if there is a cat.png picture in folder pictures? When your URL will be this:
www.mywebsite.com/Pictures/cat.png
If you write code to read/load/see/use that cat.png picture? Then you convert in code from that extenral URL to a full qualifed standard windows path name (with back slaches).
So, in code behind if you want to read, or do somthing with the above file?
You use
dim strFile as string
strFile = Server.MapPath("www.mywebsite.com/Pictures/cat.png")
map path will now return a full qualified windows server path
eg:
c:\inetpub\wwwrootmysite\Pictures\cat.png
Ok, so now we realize that to use a VALID link to pictures on teh web site, we MUST use a valid URL.
So, what happens if say we have a network connected HUGE massive say SAN drive or some other huge server on the network that has huge storage, and has our pictures in that site?
Say:
\SANSERVER\WebPictures\cat.png
Well, obviosity that file folder can't be used in a URL. ONLY URL's in the web folder path name can be used. And this is a good thing. Since when I go to www.amazon.com it is a VERY good thing I can't type in a URL to get at their intenral accouting files server and steal all the credit card information of all customers.
So, now, how can I get at that cat.png, and turn it into a valid URL?
There are two ways:
One:
You make the decision to expose and INCLUDE the above path name as part of the web site. This is typical done with what is called a virutal folder. You need IIS, and during development with IIS + Visual Studio, it is a "pain" to setup such path names. But if you have full version of IIS, then you can add the virutal folder to the web site though the IIS user interface tools.
So, you add a virutal folder called MyPictures, and it will be mapped to:
\SANSERVER\WebPictures\cat.png
So, now the web site URL becomes:
www.mycoolsite.com/MyPictures/cat.png
And in code if you do a server.map path, the above url will return this:
\SANSERVER\WebPictures\cat.png
Ok, next issue:
I don't want to expose that other folder to the web site. I don't want a valid URL, and I don't even want users to be able to type in say this:
www.mycoolsite.com/MyPictures/doggie.png
So, if you DO expose another folder or add a folder to the web site hiarchy, then users ARE FREE to type in a URL that will resolve to that other folder (but you are assumed to have added a virtual folder to the web site).
Now, with a valid URL resolution, then you can place markup code on teh web site, and provide valid full URL path names to the picture or whatever for the web site.
However, lets say for reason of security, I do NOT want that other server to be exposed to as a URL?
Well, it it is NOT exposed as a valid web URL folder, then you can NOT put in a valid URL - it that's simple.
However, that don't mean the code behind can't read/load/open that file on the server. In fact the web site code behind can often read any file on the server, and in fact read any file anyplace on the network that the web server is running. And as noted, code behind does not use URL
s, and does not use "forward" "/" for the file - but a plan jane old fashting fully qualfied windows path name.
Since the code behind can darn near read any file and do anything it wants?
Ok, then how can we get the code behind to dish out a file, or send that file to the web site?
Two simple ways:
Your code behind could read the cat.png file, and copy it to a folder that is part of the web server folder layout. Once one, then you can provide a valid URL. However, with a huge picture library, that would be pain full.
And in some cases the picture might come from a database row(s) that store pictures, and once again no valid path name exists for the web site.
So, what you can do is read the file in code behind and then "stream" the data directly to the web site.
When you steam contents from code behind, then you don't care nor even require a valid URL, because the code behind is pumping out the object data (in this case a picture cat.png) directly to the web browser. So this is often done because your pictures don't even exist in a file, or in fact it not practical to include that folder in the web site folder list for reasons of security.
As noted, if this was/is just a folder of pictures OUTSIDE of the folders for the web site? Well then 99% of the time, then adding a mapped folder (a virtual folder) to the web site that points to the picture hard drive is common done, and is practical.
however, you might have a HUGE library of pictures on a big file server, and you have a database that has key words for searching the pictures, and the database row stores a valid path name to the hard drive/server that has all the pictures in a Hodge podge folder hierarchy that is not practical to expose as web based urls.
So, how to stream a file?
You code is close, but you need to include additional information. And unfortantly the server can't stream the file down as 100% binary format.
So, say we drag + drop a image control onto the form. You have this:
<asp:Image ID="Image1" runat="server" />
So, now in code behind to stream + set the picture to a picture on the hard drive?
You can use this:
Dim strFile As String = "c:\Test4\pcards.bmp"
Me.Image1.ImageUrl = Gimage2(strFile)
Now of course the URL path name to the above Test4 folder does not exist.
Gimage2 - it just converts the file as a byte array, and then to a string coded as base64.
Function Gimage2(strPath As String) As String
Dim PicData As Byte() = Nothing
PicData = File.ReadAllBytes(strPath)
Dim ContentType As String = "image/" & Path.GetExtension(strPath)
Return "data:" & ContentType & ";base64," & Convert.ToBase64String(PicData, 0, PicData.Length)
End Function
So I spent some time with a long post. The reason is you attempted to use a URL with standard windows back slashes, and that means in your mind, you are using the concept of a windows full path name and MAJOR confusing that with a URL path name. Failure to make this distingishing will cause you years of pain and suffering. You must have BEYOND CRYSTAL clear this concpet of a URL and that of a file name in code behind. They are two VERY different things.
If that addtional folder is "ok" to expose to the web site? Then create a Virtural folder.
That means:
wwww.mycoolsite.com/MyPictures/dog.png
Could in fact point to ANY mapped folder on your server. And this means the web server will require permisions to that folder, and in most cases thus a user (or your code) can type in and use a full web path name to the picture.
However, as noted, for pdf documents and many other types of files, then it is out of the question to have a valid URL and a mapped folder. So you can use the 100% file based approach as per above, and read the file as bytes, and then stream + output the file to the browser.
You can even do a response.write and pump out the file directly to the browser, but then again you don't have much control as to where it will be. Do realize that pumping out a string as base 64 data as per above can and will cause some bloat and expansion in the size of the string sent to be rendered as a picture. So for a simple image - sure that's ok. But for a larger high quality high resolution image, then of course I don't recommend you send the picture as a base64 string due to the expansion that string will result in.
I ended up putting a fonction in another MVC project that works correctly to retrieve images.
So my src path point on an URL instead of a file on a server path.
src='https://NameOf_MVC_webSite.csdn.qc.ca/imageBank/ForMandat?name=' + (Container.DataItem as MandatMobile.DAL.MandatsEcoleCC_Result).image
Dirty solution using another deployed app that has a (better / easy to use / functional) framework
But this is not an "OK" solution
I am trying to upload image files to the server and it gives me an error
"System.UnauthorizedAccessException: Access to the path 'D:\Hosting\234344\html\Testingfiles\upload\813.jpg' is denied.at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)"
in the HttpHandler I have :
HttpPostedFile file = context.Request.Files["Filedata"];
string usr_id = context.Request.Form["usr_id"];// gets the JSON data from the request
string strPath = context.Server.MapPath(("/Testingfiles/upload/") + file.FileName);
string ext = Path.GetExtension(strPath);
if (ext.Equals(".jpg") || ext.Equals(".jpeg") || ext.Equals(".png"))
{
file.SaveAs(strPath);
context.Response.Write("Image uploaded successfully");
}
what am i doing wrong here?
The error message says it all. You don't have write access to that folder.
You will need to ask your hosting provider to assign write rights to that folder for the ASP .NET identity.
Also, consider if you can use a folder below ~/App_Data. This is by convention the place to store files that needs write access in ASP .NET, so many hosting providers will allow writes to this folder by default (but you would need to check yourself for your specific host to be sure).
You should try writing to ~/App_Data/ to see if that works. If it does then its just because you haven't given asp.net write permission to the /TestingFiles/Uploads/ folder.
If your control panel has Plesk on it then you can sort this out yourself by going to the FileManager and clicking the permissions button. If you look at your App_Data file permissions for reference, the actual username that you need to add will vary depending on your domain name with plesk.
Other hosting control panels may allow you to do it in different ways.
If you can't find it then you should ask your host how you set up file permissions or look in their knowledge base.
If your control panel has Plesk on it then you can sort this out yourself by going to the FileManager and clicking the permissions button.
I fixed this error by allowing IIS users full access to upload folder. No need to use App_Data folder
For Plesk 12.0 only:
No need to use App Data folder. You just have to give full control to your Application pool group IWPG(username). It will surely work. I searched for many hours and this solution worked for me .
Hope It works for others too.
I have set of files (which are essentially ".exe" files) that I allow the users to download from my website. To have a clearer picture have a look at the this screenshot (it is just a academic project). Now I have administrator privilege in which I can upload a new software file to a folder (componentsFolder) to the root of my website and I also add the filepath to the database table at the same time.
I'm using the following code to do that:
string componentRelativeFilePath = #"/ComponentsFolder/" + ComponentName;
I'm storing the filepath in the following format in the database file:
/ComponentsFolder/FileName.exe
What is the difference between storing the files in the following formats?
/ComponentsFolder/FileName.exe
\ComponentsFolder\FileName.exe
~/ComponentsFolder/FileName.exe
~\ComponentsFolder\FileName.exe
I'm using server.mappath to retrieve the file from the root folder.
I want to know the difference (in this context) between these formats and which one is the standard/appropriate/technically correct format to store the relative paths in database table.
In terms of Asp.Net lets suppose you set your image path as "/Image/pic1.jpeg" so the image would be searched in Image folder located in website root and in that folder pic1.jpeg is searched. If your set you image source to "~/Image/pic1.jpeg" in that case as well the image file is read from the Image folder that is located directly under the root of the Web application, regardless of where in the Web site the page is located. But '~/' this could only be used with server controls.
If path is "../Image/pic1.jpeg", in that case Image folder is searched in the current webpage's folder.
As per my opinion storing path in "~/Image/" format is a better choice in terms of Asp.Net.
Hope I answer your question.
We have a c# asp.net web application that, amongst other things, allows users to download previously uploaded files such as PDF's, Word docs etc. The asp.net app is served up via an IIS6 server and the file resources live on a different server.
When the user requests a file (i.e. click a button on the web form), we stream the file back to their browser, changing the ContentType appropriately.
This seemed a good way to avoid going down the IIS virtual folder route to serve up the file resources - which we had concerns about due to the potential for users to hack the URL. i.e. with a URL like https://mydomain/myresource/clientid/myreport.docx, a savvy user could have a good stab at guessing alternative cvlientid's and document names.
The trouble with streaming a Word document to the browser is that when the browser throws it at Word, Word treats it as a brand new doc, which means the original document's properties & margin info is lost.
Our users store metadata information in the Word doc properties, so this solution is not acceptable to them.
Serving up via IIS virtual folders solves that problem, but introduces the URL security problem.
So my questions are ...
Does anyone know how we can use URL encryption/decryption (or obfuscation) with IIS Virtual folders?
Or does anyone know of any open source projects that do a similar job.
Or does anyone have any sugestions on how to go about writing our own implementation of Virtual folders but with encrypted URLs?
Many thanks in advance.
ps. our web app is delivered over https
Sorry guys, in my question, I have made some incorrect assumptions.
What am I trying to do is persist the properties stored on a word document when they are delivered from server (using either Response.TransmitFile or via a virtual folder) to a client browser.
I set up a test scenario with an IIS virtual folder and dropped a docx file (that I know contains info in the title & subject properties) in my virtual folder's physical path.
I pointed my browser at the virtual folder alias and the browser popped up its message to either open or save the doc.
If I choose to save it, the saved docx still has the properties intact.
If I choose to open it fist and then save it from Word, the saved docx has lost the properties.
So I think I need to post a different question!
You may find that the ClaimsAuthorizationManager class in "Windows Identity Foundation" does what you want. You get to implement whatever logic you like to determine who can download what without using "directory security".
I am listing the files stored in a remote server in the aspx page grid view with the file name linked (href) to the UNC path of the file.
when the user clicks the file name link, it should open the file from the server to allow the user read the file.
I am using impersonation (Using mirror logon method) for file upload and delete in the same page which works fine.
When I try to click the link to view the file it throws an error message box saying access denied.
While upoading / deleting file from my application, it uses the impersonated account I specified in web.config.
But it uses default ASP.NET (SERVER\IUSR_SERVER) account when trying to access via the link.
I cant give read access to all in my file server share.
How can I make the application use the impersonated account while trying to access the file for reading through the link I am showing for the files?
Or please suggest me an better alternative to do the same.
Thanks In advance.
When you generate the links in the Web page, do not point directly to the UNC, but to a page of your app, with a parameter to identify the file. In this page, use the same impersonation method to open the file and send its content back to the Web browser.