Monday 17 October 2011

ASP: Scripting.FileSystemObject... check authorizations

   


A year ago (more or less) I wrote a series of posts about Scripting.FileSystemObject. If we use all the information gathered in those articles, we can create some sort of file explorer interface for our web site. The upload and management of files could be important, for example, in a company intranet, however, it is mandatory to follow a security policy in doing that, otherwise we end up with users messing up with files saved on our server.

Today we are going to create a simple ASP function that will check authorizations of folders. The function will try to create and delete a dummy txt file. The result of that operation will tell us if the folder has writing and reading permission or not.

Ready?


The function
Our function (checkFolder) will perform some tasks. First of all, it will check if a dummy file is present or not, then, if it doesn't exist, it will try to create it. If the creation is granted, the function will delete the dummy file and return a positive output, otherwise it will return a negative output.
Let's see the code:

<%
Function checkFolder(folderTbc)
  Dim test, fso
  test = Server.MapPath(cartella & "/dummy.txt")
  Set fso = Server.CreateObject("Scripting.FileSystemObject")
  If fso.FileExists(test) = False Then
    On Error Resume Next
    fso.CreateTextFile(test)
    If err.number = 0 Then
        fso.DeleteFile(test)
        Response.Write "The folder has writing permissions"
    Else
        Response.Write "The folder does not have writing permissions"
   End If
  End If
Set fso = Nothing
End Function
%>
As you may see, the function is very simple and straightforward. If you have read my previous articles on the FileSystemObject, you should not have any problem understanding it.

How to we call the function?
In order to use the checkFolder function, we need to call it, passing the only required parameter: the folder to be checked (folderTbc):
<%
Call checkFolder("/path/folder/")
%> 
And that is all.

Hope you enjoyed the post!

If you are interested in the other related articles, please see here.

0 thoughts:

Post a Comment

Comments are moderated. I apologize if I don't publish comments immediately.

However, I do answer to all the comments.