C # web application openfiledialog fileupload

Openfiledialog is for your wn forms application, I am not sure what you intended to do whether you want to upload file or do other thing.

Simply you can use file upload, If You Want To dialog box to open, you can use either HTML input file type or <asp: fileupload

Ex:
<Input type = "file" id = "fleupload" runat = "server"/>
Or
<Asp: fileupload id = "fileupload1" runat = "server"/> </div>

Certificate ------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

In applications, users are often allowed to upload files to the web server.
. Although this function can be completed in ASP. NET 1.x, it is easier to use the fileupload control in ASP. NET 2.0.

This control makes it easier for users to browse and select files for upload. It contains a browse button and a text box for entering file names. If you enter a fully qualified file name in the text box, you can call the saveas method of fileupload to save the file to the disk, whether you enter it directly or click the Browse button.

In addition to the standard members inherited from the webcontrol class, the fileupload control also exposes several read-only attributes listed in tables 5-8 and 5-9.

Table 5-8 attributes of the fileupload Control

Name	Type	Read	Write	Description
Filecontent	Stream	×		Returns a stream object pointing to the uploaded file.
Filename	String	×		Returns the name of the file to be uploaded, excluding the path information.
Hasfile	Boolean	×		If it is true, it indicates that the control has files to upload.
Postedfile	Httppostedfile	×		Returns a reference to an uploaded file. Table 5-9 lists the read-only attributes it exposes.

Table 5-9 httppostedfile attributes

Name	Type	Read	Write	Description
Contentlength	Integer	×		Returns the size of the uploaded file in bytes.
Contenttype	String	×		Returns the mime content type of the uploaded file.
Filename	String	×		The fully qualified name of the returned file on the client.
Inputstream	Stream	×		Returns a stream object pointing to the uploaded file.

All these attributes are described in the following example.

　
To view the application of the fileupload control, create a fileuploaddemo website. Add a fileupload control on the page, and then add
Two ASP. NET buttons, the text attribute is set to save and display, and the ID is set to btnsave and btndisplay respectively. Two label controls are added.
And set the ID to lblmesage and lbldisplay respectively. Use the <br/> HTML element to separate these controls. Switch to the design view and double-click each button
Create a click event handler with the default name in the code hidden file. The completed content file is similar to Example 5-11.

Example 5-11: default. aspx of the fileuploaddemo website

<% @ Page Language = "C #" autoeventwireup = "true" codefile = "default. aspx. cs" inherits = "_ default" %> <! Doctype HTML public "-// W3C // dtd xhtml 1.1 // en" "http://www.w3.org/tr/xhtml11/dtd/xhtml11.dtd"> <HTML xmlns = "http://www.w3.org/5o/xhtml"> <Head runat = "server"> <Title> fileupload Control </title> </Head> <Body> <Form ID = "form1" runat = "server"> <Div> <H1> fileupload Control <Asp: fileupload id = "fileupload1" runat = "server"/> <Br/> <Asp: button id = "btnsave" runat = "server" text = "save" onclick = "btnsave_click"/> <Asp: button id = "btndisplay" runat = "server" text = "display" onclick = "btndisplay_click"/> <Br/> <Br/> <Asp: Label id = "lblmessage" runat = "server"/> <Asp: Label id = "lbldisplay" runat = "server"/> </Div> </Form> </Body> </Html>

In the Code hiding file, add the highlighted code in Example 5-12. The non-highlighted code is automatically created by vs2005.

Example 5-12: default. aspx. CS of the fileuploaddemo website

Using system; Using system. Data; Using system. configuration; Using system. Web; Using system. Web. Security; Using system. Web. UI; Using system. Web. UI. webcontrols; Using system. Web. UI. webcontrols. webparts; Using system. Web. UI. htmlcontrols; Using system. IO; // required to use stream Public partial class _ default: system. Web. UI. Page { Protected void page_load (Object sender, eventargs E) {} Protected void btnsave_click (Object sender, eventargs E) { String STR = ""; If (fileupload1.hasfile) { Try { STR + = "uploading file:" + fileupload1.filename; // Save the file Fileupload1.saveas ("C: // websites // uploads //" + fileupload1.filename ); // Display file information STR + = "<br/> saved as:" + fileupload1.postedfile. filename; STR + = "<br/> file type:" + fileupload1.postedfile. contenttype; STR + = "<br/> file length (bytes):" + fileupload1.postedfile. contentlength; STR + = "<br/> postedfile file name:" + fileupload1.postedfile. filename; } Catch (exception ex) { STR + = "<br/> <B> error </B> <br/> unable to save C: // websites // uploads // "+ fileupload1.filename +" <br/> "+ ex. message; } } Else { STR = "No File Uploaded ."; } Lblmessage. Text = STR; Lbldisplay. Text = ""; } Protected void btndisplay_click (Object sender, eventargs E) { String STR = "<u> file:" + fileupload1.filename + "</u> <br/> "; If (fileupload1.hasfile) { Try { Stream stream = fileupload1.filecontent; Streamreader reader = new streamreader (Stream ); String strline = ""; Do { Strline = reader. Readline (); STR + = strline; } While (strline! = NULL ); } Catch (exception ex) { STR + = "<br/> <B> error </B> <br/> unable to display" + fileupload1.filename + "<Br/>" + ex. message; } } Else { STR = "No File Uploaded ."; } Lbldisplay. Text = STR; Lblmessage. Text = ""; } }

The highlighted using declaration is required to use stream objects instead of fully qualified namespaces.

　
In the btnsave_click event handler of the Save button, the hasfile attribute of the fileupload control is used to check whether a valid full limit is entered in the text box.
File Name. If the text box is empty or the input name is invalid, the detection will not pass and lblmessage will display "no file upladed ".

False
If a valid file is uploaded, the code in the try code block will be executed. The key statement is to call file-
The saveas method of the upload control. This method uses the hardcoded path and filename attribute to pass a fully qualified file name. This statement may fail for various reasons, including disk
Insufficient space, invalid paths, or security issues (More details will be provided later ).

If the saveas method fails, the catch code block is executed. An error message is displayed in lblmessage, including the exception message attribute ex. Message.

If the saveas method is successfully executed, multiple information about the uploaded file is displayed in lblmessage, which is obtained through the attributes in fileupload. postedfile (type: httppostedfile.

　
The click event handler of the display button is similar to the previous one, except that it displays the file content instead of the file information. It obtains the table by using the filecontent attribute.
The content of the uploaded file of the stream object. Then, the stream object is used to instantiate a streamreader object. Streamreader read-
The line method traverses the file line by line, and then displays the merged string in lbldisplay.

When discussing how to upload files from a client to a Web server, security is very important. Pay attention to the following two points: first, using this method will expose the web server, resulting in very large security vulnerabilities. This not only uploads viruses, Trojans, and other malware
, There will also be a client view Web Server

The risk of recording the structure. Therefore, a hard-coded target directory should be used to specify at least where to save the uploaded files.

　
In addition, you must note that the permissions required to write files on the disk are allowed. Generally, when developing Web applications, the development machine is also a Web server, especially when vs2005 is used
Development mode. In this mode, a built-in web server is used, and the file system accesses the website instead of accessing the website through IIS. In this way, there will never be any permission issues.

　
However, when the website is deployed on the product server and accessed through IIS and virtual directories, problems may occur. This is because the account running ASP. NET must have a pair used to save the uploaded files.
Directory write permission. In Windows2000/XP, the account name is ASPnet. In Windows
In server2003, the write permission must be assigned to the iis_wpg account group.

With the fileupload control and sound security protection, users can transfer their files to the website to enrich website functions.