FileUpload控制问题 [英] FileUpload Control question
本文介绍了FileUpload控制问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好,
我正在使用ASPU页面的FileUpload控件。如何禁用该控件的
文本框部分,这样我就可以强制用户只通过浏览器按钮选择一个
文件,而不是输入任何文件文件名没有
存在。
谢谢,
Joe
解决方案
出于安全原因,你不能强迫用户使用你想要的东西。
JoeP < Jo ** @ hotmail.comwrote in message
news:ez ************** @ TK2MSFTNGP05.phx.gbl ...
< blockquote class =post_quotes>
大家好,
我正在使用ASPU页面的FileUpload控件。如何禁用
该控件的文本框部分,这样我就可以强制用户只通过浏览器按钮选择一个文件,而不是输入任何文件文件名
不存在。
谢谢,
Joe
我们在这里讨论什么样的安全问题?
有没有其他方法可以验证是否存在真实文件在那里?
否则用户只需在该文本框中输入任何内容。
感谢任何反馈或任何其他建议。
谢谢,
Joe
JoeP,
在ASP.NET 2.0中VS2005
如果用户输入一个不存在的完整文件名,那么你的提交
按钮什么都不做。
如果用户输入一个好的filePath名称,然后在服务器级别,您可以
检查名称等。
文件上传控件doe没有给我们开发人员能够动态更改要上传的文件。
我们可以在客户端上看到和执行的操作有一般性安全锁定/>
side。
您可以编写ActiveX,JAVAApplet或SilverLight(使用C#或VB.NET
或其他)一个上传文件可以处理你想要的东西
包括一次选择和上传多个文件,多个
选择。
在这种情况下客户同意允许你四处寻找。
" JoeP" < Jo ** @ hotmail.comwrote in message
news:%2 **************** @ TK2MSFTNGP02.phx.gbl ...
我们在这里谈论什么样的安全问题?
有没有其他方法可以验证是否存在真正的文件那里?
否则用户只需在该文本框中键入任何内容。
感谢任何反馈或任何其他建议。
谢谢,
Joe
Hi All,
I am using the FileUpload control for the ASPX page. How do you disable the
text box portion of that control, so I can force the user only to pick up a
file via the Browser button, and not to type any file name that does not
exists.
Thanks,
Joe
解决方案
For security reason you can not force the user to what you want.
"JoeP" <Jo**@hotmail.comwrote in message
news:ez**************@TK2MSFTNGP05.phx.gbl...Hi All,
I am using the FileUpload control for the ASPX page. How do you disable
the text box portion of that control, so I can force the user only to pick
up a file via the Browser button, and not to type any file name that does
not exists.
Thanks,
Joe
What kind of security issue are we talking here?
Is there any other way to validate that there is a real file out there?
Otherwise the user just can just type anything in that textbox.
Appreciate any feedback or any other suggestions.
Thanks,
Joe
JoeP,
In ASP.NET 2.0 VS2005
if the user types a full filename that does not exist then your submit
button does not do anything.
if the user types a good filePath Name then at the server level you can
check the name etc.
The File Upload control does not give us the developers the capability to
dynamically change what file to upload.
There is a general security lock on what we can see and do on the client
side.
You can write an ActiveX, JAVAApplet or a SilverLight ( using C# or VB.NET
or others ) to have an upload file that can deal with what you want
including selecting and uploading multiple files at once with multiple
selects.
In this case the client is consenting to allow you to poke around.
"JoeP" <Jo**@hotmail.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...What kind of security issue are we talking here?
Is there any other way to validate that there is a real file out there?
Otherwise the user just can just type anything in that textbox.
Appreciate any feedback or any other suggestions.
Thanks,
Joe
这篇关于FileUpload控制问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
