Individual Folder create for each user when they register on website outside the webroot folder.I am able to upload the image and store Image path in database.However,I am unable to display the Image. I am trying to get the path of Image from database using LINQ and display in VIEW but it does not work. I can view only one(from the list of Image)Image when FILESTREAM the image path and retrun using FILESTREAMRESULT
Can anyone please guide me how to achieve it? All I want to do is create folder for each respective user when they register in external folder. Upload Image and display.
Typically, I would keep files in a secure database or within the application's subfolders. But, here's what I would suggest if you really need to access a different folder on the server.
Create a folder on your server's file system ahead of time.
On the server, assign permissions to that folder so that the identity used by your application can access it.
In your code, write code to access the folder and file path.
Hope that helps!
p.s. here's another Q&A on StackOverflow (with some words of warning) in which the second part of the answer is similar to what I suggested.
ASP.NET - Reading and writing to the file-system, outside the application
Related
i have a quick question and would really appropriate some advice.
i am trying to upload images to a directory held in in the view of a module.
the full link to the pic's directory in 'my member's module' is:
C:/Users/test/zend/testingZend2/module/Members/view/members/pics
however, the upload function is held in MembersController :
C:/Users/test/zend/testingZend2/module/Members/src/Members/Controller/membersController
i am able to upload images to the directory. however, i obviously don't want to use the full URL. i want to use a relative link.
i tried the relative links below but they don't work;
Members/view/members/pics
and
../../../view/members/pics
is there for example a function like dirname(DIR) that will provide the first half of the link to the pics directory.
thank you for your help
Paths are relative to the application root, so module/Members/view/members/pics should work.
I would question whether the view folder is a sensible place to store user-uploaded images. Images aren't views, and you won't be able to display these images easily since they are not in a public folder.
Heloo,
I have website that built by SPIP and already online on the internet. Since my webmaster dont work anymore with us, now I try to learning CMS SPIP.
I want to edit one of the html file, located inside this directory : httpdocs/squelettes/myfile.html. Say the name of my file is myfile.html
I changed some part of the file than upload it through fileZile. When I open my browser and refresh it, the file haven't changed yet. but it's successful upload.
please advise, do we need to configure something to upload the file.
Thank you for your help
There is a simple way to refresh a page in SPIP when you have caching issues : pressing the Reprocess page button on the public site (as said by Serge) or adding ?var_mode=recalcul as a parameter of your URL.
I think the matter is in website cache. SPIP is hard caching HTML and images.
Try to clean cache via private area (under Maintenance button in SPIP 3) or press "Reprocess page" button on the front-end.
With your FTP connection go to the SPIP root directory, then find the /tmp directory open it and clear\empty the /cache directory inside it. This directory contains temporary files & cache files.
I am saving images on file and i am creating first folder which has Guid name for avoiding to duplicate file names. And entities hold reference src of image.
I feel that creating folder and giving guid name is wrong from point of performance. So how i have to avoid duplicate names ?
And second problem is the project seperated into 2 project. One is admin and other for user interface so i can not access my saved files from user interface. What is best practice about these problems ?
About the first problem, I think you could create a folder per user and replace the existing file, asking user confermation.
The second problem can be solved using a NFS or a shared directory where the admin and the user application can both read and write files (and you need to develope a component that retrieve the files and return them to your web apps).
I have a website that shows galleries. Users can upload their own content from the web (by entering a URL) or by uploading a picture from their computer.
I am storing the URL in the database which works fine for the first use case but I need to figure out where to store the actual images if a user does a upload from their computer.
Is there any recommendation here or best practice on where I should store these?
Should I save them in the appdata or content folders? Should they not be stored with the website at all because it's user content?
You should NOT store the user uploads anywhere they can be directly accessed by a known URL within your site structure. This is a security risk as users could upload .htm file and .js files. Even a file with the correct extension can contain malicious code that can be executed in the context of your site by an authenticated user allowing server-side or client-side attacks.
See for example http://www.acunetix.com/websitesecurity/upload-forms-threat.htm and What security issues appear when users can upload their own files? which mention some of the issues you need to be aware of before you allow users to upload files and then present them for download within your site.
Don't put the files within your normal web site directory structure
Don't use the original file name the user gave you. You can add a content disposition header with the original file name so they can download it again as the same file name but the path and file name on the server shouldn't be something the user can influence.
Don't trust image files - resize them and offer only the resized version for subsequent download
Don't trust mime types or file extensions, open the file and manipulate it to make sure it's what it claims to be.
Limit the upload size and time.
Depending on the resources you have to implement something like this, it is extremely beneficial to store all this stuff in Amazon S3.
Once you get the upload you simply push it over to Amazon and pop the URL in your database as you're doing with the other images. As mentioned above it would probably be wise to open up the image and resize it before sending it over. This both checks it is actually an image and makes sure you don't accidentally present a full camera resolution image to an end user.
Doing this now will make it much, much easier if you ever have to migrate/failover your site and don't want to sync gigabytes of image assets.
One way is to store the image in a database table with a varbinary field.
Another way would be to store the image in the App_Data folder, and create a subfolder for each user (~/App_Data/[userid]/myImage.png).
For both approaches you'd need to create a separate action method that makes it possible to access the images.
While uploading images you need to verify the content of the file before uploading it. The file extension method is not trustable.
Use magic number method to verify the file content which will be an easy way.
See the stackoverflow post and see the list of magic numbers
One way of saving the file is converting it to binary format and save in our database and next method is using App_Data folder.
The storage option is based on your requirement. See this post also
Set upload limit by setting maxRequestLength property to Web.Config like this, where the size of file is specified in KB
<httpRuntime maxRequestLength="51200" executionTimeout="3600" />
You can save your trusted data just in parallel of htdocs/www folder so that any user can not access that folder. Also you can add .htaccess authentication on your trusted data (for .htaccess you should kept your .htpasswd file in parallel of htdocs/www folder) if you are using apache.
I want to store a large number of images on a server gallery. I can create my own folder for that, but in the default template there is a folder named App_Data. Obviously, I imagine that creators of the template meant for us to store data there. But I can't find a way to open anything in that folder.
Is it intended? Or how do I do that? Or should I make my own folder for that reason?
It is by design. App_Data was meant for data files like sql express DB's files. It is protected so that you can't surf to it and grab files out of it. Put your images in another folder to correct this.