Hello All
In asp.net we can upload the file by using file up-loader control. but at times we have to apply some validation to avoid user to upload malicious file which might harm our application.
These validation can be of many types like :
- Validation for file extension : to restrict user from uploading exe file,
- Validation for file size : to restrict users from uploading files of large size.
And to do that we can use client side validations too but those validation can be passed trough as we can disable javascript validation from our browser.
so in order to achieve the server side validations for file upload control, we have the following block of code:
In ASPX we have :
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="FileUpload.aspx.cs" Inherits="FileUpload" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>FileUpload Validation Demo</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<th>File upload with validation</th>
</tr>
<tr>
<td><br/><asp:FileUpload ID="fileUploader" runat="server"></asp:FileUpload></td>
</tr>
<tr>
<td><hr/><asp:Button ID="btnUpload" runat="server" OnClick="btnUpload_Click" Text="Upload" /></td>
</tr>
<tr>
<td><br/><asp:Label ID="lblMessage" runat="server"</asp:Label></td>
</tr>
</table>
</div>
</form>
</body>
</html>
In C# we have:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class FileUpload : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
lblMessage.Text = "";
}
}
protected void btnUpload_Click(object sender, EventArgs e)
{
if (fileUploader.HasFile)
{
string fileExtension = System.IO.Path.GetExtension(fileUploader.FileName).ToString().ToLower();
if (fileExtension == ".doc" || fileExtension == ".pdf" || fileExtension == ".docx" || fileExtension == ".txt")
{
// this will give the file size in bytes and 3 MB is eqal to 3145728 bytes.
double fileSize = fileUploader.PostedFile.ContentLength;
if (fileSize > 3145728.00)
{
lblMessage.Text = "You can only upload files of size lesser than 3 MB, but you are uploading a file of "+ Math.Round((fileSize / 1048576.00), 2) +" MB";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
else
{
fileUploader.SaveAs(Server.MapPath("~/UploadedFiles/" + fileUploader.FileName));
lblMessage.Text = "File uploaded successfully.";
lblMessage.ForeColor = System.Drawing.Color.Green;
}
}
else
{
lblMessage.Text = "You can only upload the .doc , .pdf or .docx type files but you are uploading " + fileExtension + " file";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
}
else {
lblMessage.Text = "Please select a file to upload.";
lblMessage.ForeColor = System.Drawing.Color.Blue;
}
}
}
0 Comment(s)