Upgrade FreeASPUpload.asp !!

Hello friends,

Those of you who are using freeaspupload.asp for uploading files to the web server, here's a valuable upgrade code snippet to be included in the original source code. The original source code allows access to the form fields only after executing the FreeASPUpload.Save("DestDir") method, ie. after uploading the file(s). So, any validation could only be done after uploading the file(s). This has now been solved by me by adding a very small method in the include file freeaspupload.asp.

Here's the code :

----------------------------------
Class FreeASPUpload

.........
.........
.........

Public Sub ReadForm()
if not uploadedYet then Upload
End Sub

.........
.........
.........

End Class
----------------------------------

Before executing the FreeASPUpload.Save("DestDir") method, call FreeASPUpload.ReadForm and then access the form fields using the FreeASPUpload.Form("...") method as required. All this can be done before uploading the file(s) with the FreeASPUpload.Save("DestDir") method.

Regards

Sabu

Hi sabu28,

Glad you've been able to come up with that code snippet. I have been triying to add a code that will limit the size of the files to be uploaded to a certain value and also check that the file to be uploaded exits in the system before saving the files to the server and if it does not exists return the users to the form.

I tried using Client side script validation using and it worked. But the only draw back is that for it to work properly the user must have to enable unsafe activexobjects. Not too many people have that enabled.

Is there anyway you can assist help with a code that will check for filesize and fileexists before saving to disks. I have put this up before in another tread in this forum.

hi webit, for what you need you better contact Hacker or Cracker.
they're the only one who will tell you how they write Virus that
can manage user's computer from within website.

I hope you're not going to do that, and that you'll understand
that what you ask is not possible.

if website want full access and full control over the visitor
computer (and that's exactly what allowing unsafe ActiveX
controls is doing) then the user must first do some action and
agree to the huge risk he/she are facing.

Hi,

Thats not really what am asking for, to hack into someone pc.

I want to implement a server side code leveraging on the Freeaspupload.asp include file definitions to be able to test if a file exists and the size of a file attachment before calling the method class FreeASPUpload.Save("DestDir"). I don't want users to upload a file thats more than 2mb.

I hope this is a better explanation

What Shadow Wizard is saying is there's no way to check the details of a file before it's uploaded unless you get the user to install some form of control on their computer.

The details of the file will only be exposed to an Upload component/code once the file has been uploaded.

It's like me asking you to tell me what make and model of computer I'm using to type this post.

It's just not physically possible without you having some form of control of my machine.

very true, and very few people will trust you enough to have
their computer at your full control. I for one will never allow
any website to have control over my computer.
if it's required for file upload, I'll simply never upload any file.

Why can't you validate this on the server side?