Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP 3 Classic ASP Active Server Pages 3.0 > Classic ASP Basics
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old October 25th, 2005, 06:08 PM
Authorized User
 
Join Date: Jun 2003
Location: Marikina, , Philippines.
Posts: 71
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to rylemer Send a message via MSN to rylemer Send a message via Yahoo to rylemer
Default Restrict the user not to direct download

Hi! guys need your help.

I have a existing asp code the allow the user to download the pdf file. I use a URL link to download the file like this http://localhost/pdf/001.pdf I create a virtual directory for pdf folder. I want to restrict the user not to direct download the files without login to my login page. Do you have any idea how solve this issue.

Thanks,
Rylemer

Reply With Quote
  #2 (permalink)  
Old October 26th, 2005, 08:03 AM
Friend of Wrox
 
Join Date: Nov 2003
Location: Johannesburg, , South Africa.
Posts: 141
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to acdsky
Default

Hi

What I normally use for this is filesystemobject if the user does not use IIS for authentication.

You could store the PDF's in any folder outside your webfolder and grant you webservice user access to this folder. The code would go something like this:
<%@ Language=VBScript %>

<%
dim sFile, sRoot, sDir, sExt, objShell, objFSO, sMIME, objStream
sRoot = "Your Folder Path"
sFile = "Filename from href or static"
'You could check the MIME type of the file so get the file extention
set objFSO = server.CreateObject("Scripting.FileSystemObject")
sExt = objFSO.GetExtensionName (sFile)
set objFSO = nothing
' Create an instance of Wscript.Shell to let us read the registry to get the type
Set objShell = Server.CreateObject("Wscript.Shell")
On Error Resume Next
' Get the MIME type
sMIME = objShell.RegRead("HKEY_CLASSES_ROOT." & sExt & "Content Type")
On Error GoTo 0
if len(sMIME) = 0 then
    ' If there is no registered type then return octetstream. This will prompt
    ' the user with the "Open or Save to disk" dialogue.
    sMIME = "application/octetstream"
end if
set objShell = nothing
'Content type to browser
Response.ContentType = sMIME

' And the name of the file to browser
Response.AddHeader "Content-Disposition", "filename=" & sFile & ";"

' Pipe the file to the browser,
' use the ADODB.Stream
Set objStream = Server.CreateObject("ADODB.Stream")
objStream.Open
' Set the type as Binary
objStream.Type = 1
' Load our file
objStream.LoadFromFile sRoot & sDir & sFile

' And send it to the browser
Response.BinaryWrite objStream.Read

objStream.Close
Set objStream = Nothing
%>

Hope this helps

Regards
Marnus
Reply With Quote
  #3 (permalink)  
Old October 26th, 2005, 09:02 AM
Authorized User
 
Join Date: Jun 2003
Location: Marikina, , Philippines.
Posts: 71
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to rylemer Send a message via MSN to rylemer Send a message via Yahoo to rylemer
Default

acdsky,

In your code, you include Authenticate.asp.
Can you send me that include file.

Thanks,
Rylemer


Reply With Quote
  #4 (permalink)  
Old October 26th, 2005, 09:05 AM
Friend of Wrox
 
Join Date: Nov 2003
Location: Johannesburg, , South Africa.
Posts: 141
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to acdsky
Default

<%
Dim Auth
If Session("Authenticated") <> "True" Then
 response.redirect("login.asp")
End If
%>


This example uses a Session variable which was set to "true" on the login page. If not authenticated the user is redirected to login.asp
Reply With Quote
  #5 (permalink)  
Old October 26th, 2005, 01:35 PM
Authorized User
 
Join Date: Jun 2003
Location: Marikina, , Philippines.
Posts: 71
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to rylemer Send a message via MSN to rylemer Send a message via Yahoo to rylemer
Default

Hi Marnus,

Kinda confusing what I want is the user can't put this URL directly to the IE address bar. http://localhost/pdf/001.pdf
if the user put this URL it should go back to my login page.

Thanks,
Elmer

Reply With Quote
  #6 (permalink)  
Old October 27th, 2005, 01:48 AM
Friend of Wrox
 
Join Date: Nov 2003
Location: Johannesburg, , South Africa.
Posts: 141
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to acdsky
Default

I understand what you mean.

If you dont want the user to be able to do that from the address bar your files needs to be stored outside of the web folder. i.o.w You cant store the files in c:\Inetpub\wwwroot\PDF. The code I gave you will enable you to store your PDF outside of the web folder. e.g "C:\My PDFs" There is no way this location could be read directly from the URL so the ASP code i gave you will read this location to enable the user to download the files, but he has to use that asp page to be able to get to the files in the first place. Now the include file on the top of this page will not allow the user to run this page if they not logged in.

Does that make more sense?
Reply With Quote
  #7 (permalink)  
Old October 27th, 2005, 09:36 AM
Authorized User
 
Join Date: Jun 2003
Location: Marikina, , Philippines.
Posts: 71
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to rylemer Send a message via MSN to rylemer Send a message via Yahoo to rylemer
Default

Hi Marnus,

Yes. it makes sense. I really appreciate your help. Thanks a lot.

Thanks,
Elmer

Reply With Quote
  #8 (permalink)  
Old November 17th, 2005, 04:19 PM
Registered User
 
Join Date: Nov 2005
Location: London, London, United Kingdom.
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to juaninacio Send a message via AIM to juaninacio Send a message via MSN to juaninacio Send a message via Yahoo to juaninacio
Default

Hello acdsky, I used your code and it kinda worked cause I got the binary output printed on my browser, but my question is , how do I get the proper file instead of the binary code printed on the browser?

Thanks!

Juan


Quote:
quote:Originally posted by acdsky
 Hi

What I normally use for this is filesystemobject if the user does not use IIS for authentication.

You could store the PDF's in any folder outside your webfolder and grant you webservice user access to this folder. The code would go something like this:
<%@ Language=VBScript %>

<%
dim sFile, sRoot, sDir, sExt, objShell, objFSO, sMIME, objStream
sRoot = "Your Folder Path"
sFile = "Filename from href or static"
'You could check the MIME type of the file so get the file extention
set objFSO = server.CreateObject("Scripting.FileSystemObject")
sExt = objFSO.GetExtensionName (sFile)
set objFSO = nothing
' Create an instance of Wscript.Shell to let us read the registry to get the type
Set objShell = Server.CreateObject("Wscript.Shell")
On Error Resume Next
' Get the MIME type
sMIME = objShell.RegRead("HKEY_CLASSES_ROOT." & sExt & "Content Type")
On Error GoTo 0
if len(sMIME) = 0 then
    ' If there is no registered type then return octetstream. This will prompt
    ' the user with the "Open or Save to disk" dialogue.
    sMIME = "application/octetstream"
end if
set objShell = nothing
'Content type to browser
Response.ContentType = sMIME

' And the name of the file to browser
Response.AddHeader "Content-Disposition", "filename=" & sFile & ";"

' Pipe the file to the browser,
' use the ADODB.Stream
Set objStream = Server.CreateObject("ADODB.Stream")
objStream.Open
' Set the type as Binary
objStream.Type = 1
' Load our file
objStream.LoadFromFile sRoot & sDir & sFile

' And send it to the browser
Response.BinaryWrite objStream.Read

objStream.Close
Set objStream = Nothing
%>

Hope this helps

Regards
Marnus
Reply With Quote
  #9 (permalink)  
Old December 15th, 2010, 02:25 AM
Registered User
 
Join Date: Dec 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default problem

HI, you know that Firefox does not save all file name and extension of a long named file like : " connections_45_ie sdsdsd.docx "
can you tell me why? i`m using this script too!
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How I can restrict desktop user to access some res anjanmaity General .NET 1 June 27th, 2008 01:40 PM
Forms: Restrict user selection - How? cdplayer Classic ASP Basics 2 February 29th, 2004 03:37 AM
Login user & restrict access lucian Dreamweaver (all versions) 5 September 7th, 2003 12:21 PM



All times are GMT -4. The time now is 11:19 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.