safety upload

[Mango]

Hi friends,

Please help me.

I want to realize upload on .jpg files in my web server and I am not sure
haw to protect it. I mean, when the user do upload I have to give him/her
write privilege, I am not sure is this dangerous.

Is my server become more vulnerable?

How to protect it?

I will appreciate any help

 

[Steve C. Orr [MVP, MCSD]]

If you are saving them to your server hard drive then by default the ASPNET
user account must have privileges to that folder.
Here's an overview of some techniques that you may find helpful.
http://steveorr.net/Articles/EasyUploads.aspx

 

[Malik Asif Joyia]

Hello
Dear Mango
First of all you can restrict the users to only upload image of jpg types.
by setting the accept attribute of HTMLInputFile Control e.g

<input type="file" id="filecontrol" accept="image/jpeg"
runat=server></input>

then it will only allow to upload image files.
and Set the folder Security where you are uploading the files to User
Account that your ASP.NET uses.

Regards
Malik Asif
ASP.NET