Introduction
Maybe sometimes you need to protect files for download just is a user is Loged in your web application. But if some user know the full url they can download your files. This article will help you to protect files in a folder inside your web application
(FIGURE 1)
Background
Just let your user upload files but not download directly from a full URL like this
http://localhost/Development/upload/uploads/document.pdf
1. First you need to create your web application
2. Create a folder where you want to upload files in my case I will user UPLOADS
3. In IIS go to your application, and select the UPLOADS folder
4. Right click and select properties
5. Select directory tab, be sure to select ONLY allow Write access. This step will allow you to upload files to this folder.
Is some user what to get the file entering the full URL, they will have an error (see figure 1)
6. Insert a Link Button or a button (or whatever you want throw the download)
7. In the web.config insert the following (if you don't want to let hardcode the directory)
<appSettings>
<add key="uploadDirectory" value="uploads" />
</appSettings>
8. Then, you just have to write the function for download. (see using the code section)
Using the code
A brief description of how to use the article or code. The class names, the methods and properties, any tricks or tips.
Blocks of code should be set as style "Formatted" like this:
Private Sub LinkButton1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles LinkButton1.Click
downloadfile("document.pdf") '
End Sub
'This is the function that you have to use
Private Function downloadfile(ByVal strFile As String)
Dim fs As FileStream
Dim strContentType As String
' This is the important part, because you going to use the local path
'to get the file
Dim strPath = Me.Server.MapPath(System.Configuration.ConfigurationSettings.AppSettings("uploadDirectory")) & "\"
Dim strFileName As String = strFile
fs = File.Open(strPath & strFileName, FileMode.Open)
Dim bytBytes(fs.Length) As Byte
fs.Read(bytBytes, 0, fs.Length)
fs.Close()
Response.AddHeader("Content-disposition","attachment; filename=" & strFileName)
Response.ContentType = "application/octet-stream"
Response.BinaryWrite(bytBytes)
Response.End()
Return True
End Function
I tested this function with a file size of 300 MB and works fine!, but with a file of 650 MB we have some problems (memory problems).
If all works file you have to see this screen
Points of Interest
For Upload files to your site follow this links, this is another function that I made before
and can help... (cruzagr3 source code)
http://www.soloasp.com.ar/vermensaje2.asp?idmensaje=23643&idforo=3
History
I will be adding another thing soon...