|
code
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Major problem with FileUpload if bad filenameHi;
If the FileUpload has a bad filename, the code behind does not get called on a submit but there is no error message. How can I get an error message? Hi Dave,
As for the Upload control , when we manually modify the filename/path to an invalid value, the file stream won't be submited, therefore the server-side won't detect any uploaded file. You can use the FileUpload.HasFile to check whether there is file stream correctly uploaded. regards, Steven Cheng Microsoft Online Support Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) I've got a similar problem and looked a bit more into it. I'm using a
FileUpload control in combination with a submit button to actually initiate the upload. If I manually type a filename without a path, e.g. "Non-existing.file" then clicking my submit button results in no postback at all. Therefor I dont have the chance to give any feedback to the user, unless I implement a RegexValidator as well. If I select a zero length file, pressing my submit button does result in a postback, but the HasFile property states "false". Returning a message that no file has been selected would be a bit awkward in this case, and I'm sure a user won't understand that at all. I hope someone could enlighten me as how to deal with those two situations! Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Hi Dave, > > As for the Upload control , when we manually modify the filename/path to an > invalid value, the file stream won't be submited, therefore the server-side > won't detect any uploaded file. > You can use the FileUpload.HasFile to check whether there is file stream > correctly uploaded. > > regards, > > Steven Cheng > Microsoft Online Support > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > But the code behind is not called - how do I get notified?
Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Hi Dave, > > As for the Upload control , when we manually modify the filename/path to an > invalid value, the file stream won't be submited, therefore the server-side > won't detect any uploaded file. > You can use the FileUpload.HasFile to check whether there is file stream > correctly uploaded. > > regards, > > Steven Cheng > Microsoft Online Support > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Dave,
Do you mean check it at client-side or server-side, for client-side, we can get the value of the input file field, but it's not possible to know whehter the file actually exists. At server-side, when postback, at least the Page's Load event will always fires, you can check the file upload control there. Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi;
Yes server side. But that is the problem - the Page_Load is not called and there is no error message if FileUpload is given a bad filename. Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Hi Dave, > > Do you mean check it at client-side or server-side, for client-side, we can > get the value of the input file field, but it's not possible to know > whehter the file actually exists. At server-side, when postback, at least > the Page's Load event will always fires, you can check the file upload > control there. > > Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > What's the bad file you mean? If the file is a real file which exists at
client-side, the upload request should contain the uploaded file stream. I think this can help confirm whether the filename is not a wrong one. Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) As I see it this problem occurs when the file is not a real file. For then,
there is no feedback at all. Apparently the control validates the existence of the file client side, but gives no feedback if the file doesn't exist. If you at least enter a full path to a non-existing file, the upload request is executed and the HasFile property will be false, which is correct behaviour in my opinion. But, if you enter just a filename, without fully qualified path, then you don't get to the server so there is no way to give feedback to the user. I solved this by using a RegexValidator on my FileUpload control, in combination with a required field validator. The regex I used is "borrowed" from http://regexlib.com/REDetails.aspx?regexp_id=800. I adjusted it a little bit, to make sure it requires a filename. It's not perfect but it will do (I'm in for better suggestions though). The Regex I used is: ^((?:[a-zA-Z]:)|(?:\\{2}\w[-\w]*)\$?)\\(?!\.)((?:(?![\\/:*?<>"|])(?)[\x20-\x7E])+\\(?!\.))*((?:(?:(?![\\/:*?<>"|])(?![ ..]$)[\x20-\x7E])+)\.((?:(?![\\/:*?<>"|])(?![ .]$)[\x20-\x7E])+))$ Hope it helps anyone in the same situation :-) Show quoteHide quote "Steven Cheng[MSFT]" wrote: > What's the bad file you mean? If the file is a real file which exists at > client-side, the upload request should contain the uploaded file stream. I > think this can help confirm whether the filename is not a wrong one. > > Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > That's cool!
Thanks for your input. Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Following on from this, if the filename is invalid, it doesnt postback
which means it wont perform any of my buttons actions! Anyway round this? Firefox seems to allow invalid filenames to be postedback but Internet Explorer doesnt! Steven Cheng[MSFT] wrote: Show quoteHide quote > That's cool! > > Thanks for your input. > > Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) I would like to know if there is a solution too. The Regex validator solution
is not perfect. (A lot better than nothing - but not perfect.) Show quoteHide quote "Bob" wrote: > Following on from this, if the filename is invalid, it doesnt postback > which means it wont perform any of my buttons actions! Anyway round > this? Firefox seems to allow invalid filenames to be postedback but > Internet Explorer doesnt! > > > Steven Cheng[MSFT] wrote: > > That's cool! > > > > Thanks for your input. > > > > Regards, > > > > Steven Cheng > > Microsoft Online Community Support > > > > > > ================================================== > > > > When responding to posts, please "Reply to Group" via your newsreader so > > that others may learn and benefit from your issue. > > > > ================================================== > > > > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > > > > > Get Secure! www.microsoft.com/security > > (This posting is provided "AS IS", with no warranties, and confers no > > rights.) > > Thanks for the followup.
So far I haven't found any better way(other than use client-script or regex to validate it) to prevent invalid file name if the client-user manually input the filename. However, at server-side, we can just check the uploaded filestream to see whether the client user has uploaded a valid file. Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Hello;
Please read the thread again. The problem is if you enter a filename that does not exist, the server side is never called. Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Thanks for the followup. > > So far I haven't found any better way(other than use client-script or regex > to validate it) to prevent invalid file name if the client-user manually > input the filename. However, at server-side, we can just check the uploaded > filestream to see whether the client user has uploaded a valid file. > > Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Dave,
Actually, it is only when we input an invalid path will the page be prevented from being postback. e.g: "C:@\FILENAME.EXT", this an invalid path. however, if the path is valid, but the file does not exists, the page will still be posted back, and there is no uploaded file stream. e.g: "C:\nonexisting_filename.ext" Anyway, through the pure html element, we can not force the user to type (or even detect) a filepath which really point to an existing file because we can not check the client side filesystem. Thanks & Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Sorry, yes - invalid path.
So what should I do in that case sense the code-behind is never called? Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Hi Dave, > > Actually, it is only when we input an invalid path will the page be > prevented from being postback. e.g: > > "C:@\FILENAME.EXT", this an invalid path. however, if the path is valid, > but the file does not exists, the page will still be posted back, and there > is no uploaded file stream. e.g: > > "C:\nonexisting_filename.ext" > > Anyway, through the pure html element, we can not force the user to type > (or even detect) a filepath which really point to an existing file because > we can not check the client side filesystem. > > Thanks & Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi all.
By the way: did you try to retrieve full path to uploaded file when using Mozilla Firefox? I used FileName property of HttpPostedFile and it stores only file name (under IE it stores full path). Does anybody know how to retrieve full path in Firefox? Piotrek Yes, it is prevented from being posted back if the file path is
invalid, which means if we have other buttons on the page, these will not be executed. This problem only happens for IE but not for Firefox :S Hi Dave,
for Invalid path, we haven't any good means since the page is event not posted back. So far the best means I can get is use client-side script to alert user a message (indicate the current input path is invalid). the scritp code and be put in the <input type="file" > element's "onchange" client-side event, we still need to use some script to validate the path(such as using regex). Thanks & Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) Ok - it's broken. (If javascript is tuned off on the client you are totally
hosed.) Does anyone know of a file upload control that works? Show quoteHide quote "Steven Cheng[MSFT]" wrote: > Hi Dave, > > for Invalid path, we haven't any good means since the page is event not > posted back. So far the best means I can get is use client-side script to > alert user a message (indicate the current input path is invalid). the > scritp code and be put in the <input type="file" > element's "onchange" > client-side event, we still need to use some script to validate the > path(such as using regex). > > Thanks & Regards, > > Steven Cheng > Microsoft Online Community Support > > > ================================================== > > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > > ================================================== > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > Get Secure! www.microsoft.com/security > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > And if you have another button on the page which performs some logic
server side, your more screwed! David Thielen wrote: Show quoteHide quote > Ok - it's broken. (If javascript is tuned off on the client you are totally > hosed.) > > Does anyone know of a file upload control that works? > > -- > thanks - dave > david_at_windward_dot_net > http://www.windwardreports.com > > > > "Steven Cheng[MSFT]" wrote: > > > Hi Dave, > > > > for Invalid path, we haven't any good means since the page is event not > > posted back. So far the best means I can get is use client-side script to > > alert user a message (indicate the current input path is invalid). the > > scritp code and be put in the <input type="file" > element's "onchange" > > client-side event, we still need to use some script to validate the > > path(such as using regex). > > > > Thanks & Regards, > > > > Steven Cheng > > Microsoft Online Community Support > > > > > > ================================================== > > > > When responding to posts, please "Reply to Group" via your newsreader so > > that others may learn and benefit from your issue. > > > > ================================================== > > > > > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > > > > > Get Secure! www.microsoft.com/security > > (This posting is provided "AS IS", with no warranties, and confers no > > rights.) > > > > Intresting how this only affects newer versions of Internet Explorer,
tried on an older build, 6.0.2800 and the import works fine for invalid paths! 
Other interesting topics
Dynamic control creation.
FormView - FindControl only works for default view Launch a new browser window Creating N rows of controls Any advantage to FormView? GridView, sorting, DataTable, and typing. ObjectDataSource ... could not find a non-generic method ... that has parameters: ... enable/disable text box based on dropdownlist via javascript post-back when the filename to upload changes repeater control - change the background color depending on a value |
|||||||||||||||||||||||
