Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 3 years ago.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I am working on file and folder upload system and i want to add some security to it.
i have followed this Article , The security point number 6 on it says:
6. Keep tight control of permissions
Any uploaded file will be owned by the web server. But it only needs
read/write permission, not execute permissions. After the file is
downloaded, you could apply additional restrictions if this is
appropriate. Sometimes it can be helpful to remove the execute
permission from directories to prevent the server from enumerating
files.
How to apply that using C#
If I'm understanding you correctly, you want to upload a file to a remote server and then change the file to read only. Here is one option. Start by getting a File Object. After that you can set the access control then supply the access you want to provide.
It might be something like this:
using System.IO;
using System.Security.AccessControl;
private void SetFileAccess(string path)
{
var fileSecurity = new FileSecurity();
var readRule = new FileSystemAccessRule("identityOfUser", FileSystemRights.ReadData, AccessControlType.Allow);
var writeRule = new FileSystemAccessRule("identityOfUser", FileSystemRights.WriteData, AccessControlType.Allow);
var noExecRule = new FileSystemAccessRule("identityOfUser", FileSystemRights.ExecuteFile, AccessControlType.Deny);
fileSecurity.AddAccessRule(readRule);
fileSecurity.AddAccessRule(writeRule);
fileSecurity.AddAccessRule(noExecRule);
File.SetAccessControl(path, fileSecurity);
}
MSDN Link to File
MSDN Link to SetAccessControl Method
MSDN Link to File System Rights
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I am developing one MVC4 application and hosting in IIS web server.
I want to upload and save few files in folder called UploadedFile inside F drive.
I wrote below piece of code to create folder however it does not work
if (!System.IO.Directory.Exists(Server.MapPath("~/F:/UploadedFile")))
{
System.IO.Directory.CreateDirectory(Server.MapPath("~/F:/UploadedFile"));
}
When i am hosting to IIS i will keep all the published files inside inetpub(files like dll(bin),css,js etc). But i am planning to keep pdf files uploaded by user in F drive.
Is this good practice to keep files outside c drive? can some one give some suggestions please.
There is nothing wrong with keeping your files outside of the web folder, as long as you take care of setting up security and ACL's properly. This stuff is not trivial to do and you may end with security issues if you don't configure it correctly.
In your case I think you are getting a wrong path when trying to get the data from the file.
In this line:
System.IO.File.ReadAllBytes(folderName + filename);
folderName + filename will return #"F:\UploadedFile<filename>". E.g.: #"F:\UploadedFilefile1.docx" so you'll get an error as it's an invalid path.
In order to avoid this kind of errors you should use Path.Combine.
using System.IO;
//this will return #"F:\UploadedFile\file1.docx"
var fullFileName = Path.Combine(folderName, fileName);
var bytes= System.IO.File.ReadAllBytes(fullFileName);
//do something with your file.
Hope this helps!
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I have a folder in my project named Export, I save files to that folder using this code :
document.Save(#"D:\workspace\folder1\Solution.Application.DataExporter\Export\mydocument.pdf");
But when others use this code, they complain that they don't have that path. How can I give path to my code so that it works everywhere? Thanks.
Option 1: Use the Environment.SpecialFolder to get the physical location of a special folder. See here for an overview of possible special folders.
For example, if you want to put the document in 'my documents' folder, then Environment.SpecialFolder.MyDocuments would give you the location to the my documents folder on the current machine.
Code:
var path = Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments);
This way you are sure you always have the correct and existing location. If needed, you can always first create an export folder into this special folder with Directory.CreateDirectory(), if it does not exist yet.
Option 2: Of course, you can always ask for a location to the user if you don't want to use a predefined one, by using the SaveFileDialog class, for example.
Create the folder 'Export' in MyDocuments, and then save the file to that directory. As many others have pointed out. You need to save to a directory, that the executing user has access rights to.
string documentFolder = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments), #"Export");
if (!Directory.Exists(documentFolder))
{
Directory.CreateDirectory(documentFolder);
}
document.Save(Path.Combine(documentFolder, "mydocument.pdf"));
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I am brand-new in C# and I wanna do that in C#.
Can you show me the way :)
Enter a remote machine hostname
get list folder names in C directory from the remote machine
select folder names from the list
delete the selected folders
show a message about the process (deleted or not)
Is that too hard? Thank you for your help in advance and sory for my bad English :(
Remote and local file system access in C# (.NET) works the same way. Try for example the following.
var directory = new System.IO.DirectoryInfo("\\server\path\remote\C");
var files = directory.GetFiles();
foreach(var f in files) f.Delete();
For remote drives, for example drive C, the path will be like: \server\c$\folderUnderC (note the dollar sign).
A broad question, here are a few general answers.
Enter a remote machine hostname
Set up a GUI for that (WinForms or whatever you like)
get list folder names in C directory from the remote machine
Look into remote directory services, especially Samba / SMB setup and access for Windows. This question will be usefull.
select folder names from the list
With the appriopiate GUI elements (a TreeView maybe), easily possible.
delete the selected folders
Issue a File.Delete() command for the appropiate path, see link above.
show a message about the process (deleted or not)
Wrap above command in a try-catch, then call MessageBox.Show() or whatever GUI elements you want for that.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I'm having an issue in saving an rtf file, I'm saving it in a subfolder in "MyDocuments" the strange this is that i also save a .bin file and some other stuff and it doesn't causes any exeption, i'am pc admin so why does it happen?
string docs = System.Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments) + "\\Monitor\\Immobili\\";`
richTextBox1.SaveFile(docs+code);
code is also another string
An UnauthorizedAccessException means one of 3 things:
The caller does not have the required permission.
Path is a directory.
Path specified a read-only file.
Check for last two reasons. I think you are not adding filename after path. Add breakpoints and check if richTextBox1.SaveFile(docs+code); is getting the complete path to the file instead of just folder path.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I use this code blow in .NET. It works fine. The problem is that I want this audio to play in the root of the website. What changes should I make for this? Thanks
var sample= new System.Windows.Media.MediaPlayer();
sample.Open(new System.Uri( #"D:\voices\1.wav");
sample.Play();
In a web application, this might look something like this:
sample.Open(new System.Uri(Server.MapPath("~/") + #"\voices\1.wav");
I say might because that all depends on whether or not the voices folder exists in the root of the website. Additionally, you should probably leverage Path.Combine instead:
var path = Path.Combine(Server.MapPath("~/"), "voices", "1.wav");
sample.Open(path);
Finally, I don't know what sample is, but the Open method may not work in a website. I'm making the assumption you know what Open does and whether or not it can work in a website.
Use server.mappath("~/") <- that's the filesystem root for your website.
dim path as string = server.mappath("~/") & "/voices/1.wav"
Note that backslashes, for filesystem path, not URI.
Hope it helps.