Answered by:
Upload and show images in a web form application

Question
-
User1310055179 posted
Hi,
I am using Ajax Control Toolkit AsyncFileUpload to upload images to a webform application. All the images are saved in a folder inside the application root folder.
The uploaded images are then presented to the users inside the webform.
I now want to prevent users who are not authorized to view these images using a direct link.
I am also enabling file upload to the system, but since the file can only be uploaded and downloaded by the user, I am saving it inside App_Data folder which is of course not accessible to the users.
Since I would like to show the images I am uploading, I cannot use the same method.
What is the best practice to achieve that?
Thanks
Sunday, December 1, 2019 7:37 AM
Answers
-
User475983607 posted
What is the best practice to achieve that?Store the image files outside of the hosted application and build a basic image handler to return the files. The image handler provides a place to add security logic.
Keep in mind, this is a very common solution with a lot of supporting code in the Internet.
https://www.dotnetperls.com/ashx
https://support.microsoft.com/en-us/help/307985/info-asp-net-http-modules-and-http-handlers-overview
https://www.c-sharpcorner.com/UploadFile/dacca2/working-with-image-in-httphandler/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Sunday, December 1, 2019 2:35 PM
All replies
-
User475983607 posted
What is the best practice to achieve that?Store the image files outside of the hosted application and build a basic image handler to return the files. The image handler provides a place to add security logic.
Keep in mind, this is a very common solution with a lot of supporting code in the Internet.
https://www.dotnetperls.com/ashx
https://support.microsoft.com/en-us/help/307985/info-asp-net-http-modules-and-http-handlers-overview
https://www.c-sharpcorner.com/UploadFile/dacca2/working-with-image-in-httphandler/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Sunday, December 1, 2019 2:35 PM -
User1310055179 posted
I tried uploading the files to App_Data folder and then I added an image handler to display the image inside the webform.
I tested it and it worked perfectly fine in my localhost.
Now, after IIS installation, I can't seem to access the file and the image is not displayed.
What am I missing?
This is my code:
if (System.IO.File.Exists(Server.MapPath("~") + @"App_Data\" +pic.Replace("/", "\\"))) { bimage.ImageUrl = "ShowImage.ashx?fileName=" + pic.Replace("/", "\\"); }
using System; using System.Collections.Generic; using System.Drawing; using System.Linq; using System.Web; namespace Qsoft_DMS { /// <summary> /// Summary description for ShowImage /// </summary> public class ShowImage : IHttpHandler { public void ProcessRequest(HttpContext context) { System.Web.HttpRequest request = System.Web.HttpContext.Current.Request; //HttpResponse r = context.Response; string fileName = request.QueryString["fileName"]; string filepath = System.Web.HttpContext.Current.Server.MapPath("~") + @"App_Data\\" + fileName; //int W = Int32.Parse(context.Request.QueryString["w"]); //int H = Int32.Parse(context.Request.QueryString["h"]); Image img = Image.FromFile(filepath); Image _img = new Bitmap(img); Graphics g = Graphics.FromImage(_img); Point p = new Point(0); g.DrawImage(img, p); g.CompositingQuality = System.Drawing.Drawing2D.CompositingQuality.HighSpeed; g.Dispose(); img.Dispose(); System.IO.MemoryStream str = new System.IO.MemoryStream(); // _img = _img.GetThumbnailImage(W, H, null, IntPtr.Zero); _img.Save(str, System.Drawing.Imaging.ImageFormat.Png); _img.Dispose(); str.WriteTo(context.Response.OutputStream); str.Dispose(); str.Close(); context.Response.ContentType = getContentType(System.Web.HttpContext.Current.Server.MapPath("~") + @"\" + fileName.Replace("/", "\\"));; context.Response.End(); } public bool IsReusable { get { return false; } } string getContentType(String path) { switch (System.IO.Path.GetExtension(path)) { case ".bmp": return "Image/bmp"; case ".gif": return "Image/gif"; case ".jpg": return "Image/jpeg"; case ".png": return "Image/png"; default: break; } return ""; } } }
Sunday, December 8, 2019 8:19 AM -
User1535942433 posted
Hi qsoft_develo...,
Since I am not able to know your specific problem, I guess if the publish settings Exclude is selected.
Best regards,
Yijing Sun
Monday, December 9, 2019 10:16 AM -
User1310055179 posted
In case I like to allow the users to view in browser pdf/image files without downloading them, what is the best practice for that?
My files are now stored in App_Data folder.
Can someone please refer me to a handler code that handles that?
Tuesday, December 17, 2019 8:00 AM -
User1310055179 posted
I had a problem with the file path I created.
It is now solved:
Tuesday, December 17, 2019 8:05 AM