While we have already seen how to upload files and how to work with the Scripting.FileSystemObject, today we are going to see how to get a file extension, for example before authorising a user to upload a file to our server. We all know very well how important is security when working with the file system objects: for example, we don't want the user to upload executable, or other potentially malicious files on our server.
Said that, we can create a short ASP function to check the file extension, and grant or deny the upload.
Let's see how...
The code
With the FileSystemObject, we need to use the GetExtensionName() method. We can, for example, use something like:<%The above code will output the following:
Dim fso
Set fso = Server.CreateObject("Scripting.FileSystemObject")
With Response
.Write "The file extension is: "
.Write fso.GetExtensionName("test.txt")
End With
Set fso = Nothing
%>
The file extension is: txtIf we pass the file name to a function which will grant the upload or display a warning and stop the upload, everything will be under control.
I hope you find the above information of some use.
If so, just drop a line...
0 thoughts:
Post a Comment
Comments are moderated. I apologize if I don't publish comments immediately.
However, I do answer to all the comments.