Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

How To Upload Files to Internet Information Services When You Drag the File to the Internet Explorer Page


View products that this article applies to.

Summary

To upload files to the Web server, you do not have to use any server components to process the uploaded files.

↑ Back to the top


More information

The solution that is described in this article works for any Web server that can handle Distributed Authoring and Versioning (DAV). You use the Active Server Pages (ASP) script that follows only to parse user names and then to make sure that the files that you upload save in the correct user directory with a name that matches the user name.
If your server cannot handle ASP pages, you must modify the HTML that follows so that the target directory name is hardcoded. Then you need no ASP script.

Steps to Upload Files


  1. Create a virtual directory on the Web server. Allow write permission. You can also create a subdirectory for each user who is authorized to upload files. The following script uses this directory to upload files for authenticated users.
  2. Save the following file on the server as an ASP file.
  3. You can also configure the file so that it is password protected. This permits different users to upload files and then to save them in corresponding directories.

<HTML>
<HEAD>

<STYLE>
A {behavior: url(#default#AnchorClick);}
</STYLE>

<TITLE>Upload Page</TITLE>
</HEAD>
<BODY>

<h1> Welcome to upload page </h1>
On this page you can upload files to the Web server. Click link
below andrea drag files to the page.
<hr>

<%@ LANGUAGE="VBSCRIPT" %>

<%
Dim Url
Dim UserDir

' modify next line to specify dir containing user sub-dirs, i.e.
' actual user directory will be /upload/users/LeonBr
' LeonBr part will come from authenticated user.

UserDir = "/upload/users"

' User will look like this DOMAIN\leonbr
' we only need user name

UseNameNotParsed = Request.ServerVariables ("AUTH_USER")
StrSize = Len (UseNameNotParsed)
SlashPos = InStr (UseNameNotParsed, "\")
UserName = Right (UseNameNotParsed, StrSize-SlashPos)

Url = "http://" & Request.ServerVariables ("SERVER_NAME") & UserDir & "/" & UserName%>
<A HREF = "<%=Url%>" FOLDER = "<%=Url%>"> Upload to Web Folder</a>

</BODY>
</HTML>

				

IMPORTANT You must grant virtual directory /upload/users at least read/write permissions. When you configure a virtual directory to upload files, you can introduce a security hole because users can upload malicious files and then can run them.

If this virtual directory has execute permissions or if it has any App Mappings properties for scripts, you cannot upload executable files or scripts with mapped extensions. This is because the Head request that the browser uses fails.

↑ Back to the top


References

317310 Posting Acceptor Availability and Support Options

↑ Back to the top


Properties

Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

↑ Back to the top


Keywords: KB319782, kbhowto

↑ Back to the top

Article Info
Article ID : 319782
Revision : 4
Created on : 7/13/2004
Published on : 7/13/2004
Exists online : False
Views : 372