C# ASP.NET Browse for Folder from a Web page

  • Thread starter Thread starter Joe Bloggs
  • Start date Start date
J

Joe Bloggs

I have an Oracle database that holds a Blob field containing a PDF
report. I've been researching into if its possible to implement a Brose
for folder functionality in a web page so to allow a user to specify a
folder to download the PDF to. The only way I can think of doing this at
the moment is to first download the report to the Webserver and then
have a link on the web page to the location of the downloaded report and
then the user would access like a standard link to a file. What I would
really like to do is to allow the user to select a folder location and
then download directly to that location rather than storing the output
temporarily on the web server. Is it possible to implement browse folder
functionality from a web page?
I know its possible using a Windows Form application.
 
Joe,

It is possible to do it from an ASP.NET application, but I wouldn't
suggest it. You would have to embed a custom control, and then have it
installed on the client side, adjust the security, etc, etc.

However, I think that there is a much easier way. You can provide the
link to the document which would point to an ASPX page. This link would
have the ID embedded in the link, which you can then get (through the
QueryString property) and fetch the BLOB from the database. Once you have
that, you can pass the contents back to the user through the Write method on
the Response property.

You would have to add the content type and disposition, like this:

// Do this in Page_Load.
Response.Buffer = false;
Response.AddHeader("content-disposition", "attachment; filename=" +
<filename>);
Response.ContentType = "binary/octet";

Once you do this, the page will return the document in the blob, and the
user can choose to open it, or save it (and the Save File Dialog will be
presented to them).

Hope this helps.
 
Hi Nicholas,
thank you very much for the reply. I will try and implement your
recommendation and let you know of progress.
Thank you
 
Hi Nicholas,
I tried your suggestion but I'm getting stuck where I write my .pdf to
the blob as a byte[] type and I'm unable to read directly as a byte[]
type when I retrieve from the warehouse. Where I am at now is I have my
link now to the APSX page and I'm passing the ID to identify the record
containing the blob see code below.

string url = "UIReportDisplay.aspx?dbid=" + Request.QueryString["dbid"]
+ "&requestid=" + DataGrid1.DataKeys[DGridItem.ItemIndex].ToString();
Response.Redirect(url);

Then in the Page_Load of the page redirected to I have

private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
byte[] data;
string dbid = Request.QueryString["dbid"];
string requestid = Request.QueryString["requestid"];
data = ReportUIClassLibrary.DBObjects.ShowOracleBlob1(requestid,dbid);
Response.Buffer = false;
Response.AddHeader("content-disposition", "attachment; filename=" +
data);
Response.ContentType = "binary/octet";

}

I get the Save or Open File dialog but the file name is System.Byte[] of
file type BYTE[] then even if I save as .pdf Acrobat Reader responds
that the file is corrupt. I write the PDF as a byte[] type to Oracle. I
tried converting the byte[] type to a file on the server and then
loading that into the blob, and I also tried using Response.Write(data)
and changing the content type to pdf but none have worked.
Any further assistance would be much appreciated, but thanks for your
help up to now anyway.
 
Joe said:
Hi Nicholas,
I tried your suggestion but I'm getting stuck where I write my .pdf to
the blob as a byte[] type and I'm unable to read directly as a byte[]
type when I retrieve from the warehouse. Where I am at now is I have
my link now to the APSX page and I'm passing the ID to identify the
record containing the blob see code below.
Click to expand...

Note that exposing your primary keys as query parameters is unsecure,
because it allows users to access any PDF in your DB by simply incrementing
or decrementing "dbid" values.
string url = "UIReportDisplay.aspx?dbid=" +
Request.QueryString["dbid"] + "&requestid=" +
DataGrid1.DataKeys[DGridItem.ItemIndex].ToString();
Response.Redirect(url);

Then in the Page_Load of the page redirected to I have

private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
byte[] data;
string dbid = Request.QueryString["dbid"];
string requestid = Request.QueryString["requestid"];
data = ReportUIClassLibrary.DBObjects.ShowOracleBlob1(requestid,dbid);
Response.Buffer = false;
Response.AddHeader("content-disposition", "attachment; filename=" +
data);
Response.ContentType = "binary/octet";

}
Click to expand...

You're not writing data to the response stream here. Is that done later or
just not there?

Cheers,
 
Thanks - I was missing Response.BinaryWrite(data); It works now :-)
On the point of passing an id as a parameter being a security risk , is
there any best practice on how parameters can be passed securely. I am
going to implement an encryption/decryption algorithm between the
redirect and the directed to page.
 
Back
Top