vbscript - how to rename image file name while uploading on web folder -


i m using asp classic. want rename image file while upload image on web folder created me. please me out of issue.

if there file in targeted folder same name (like lokesh.jpg) uploading, new file should b automatically renamed(like lokesh(1).jpg) instead of overwriting

my code below:

upload.asp

<% class fileuploader public  files private mcolformelem  private sub class_initialize() set files = server.createobject("scripting.dictionary") set mcolformelem = server.createobject("scripting.dictionary") end sub  private sub class_terminate() if isobject(files) files.removeall() set files = nothing end if if isobject(mcolformelem) mcolformelem.removeall() set mcolformelem = nothing end if end sub  public property form(sindex) form = "" if mcolformelem.exists(lcase(sindex)) form = mcolformelem.item(lcase(sindex)) end property  public default sub upload() dim bidata, sinputname dim nposbegin, nposend, npos, vdatabounds, ndataboundpos dim nposfile, nposbound  bidata = request.binaryread(request.totalbytes) nposbegin = 1 nposend = instrb(nposbegin, bidata, cbytestring(chr(13)))  if (nposend-nposbegin) <= 0 exit sub  vdatabounds = midb(bidata, nposbegin, nposend-nposbegin) ndataboundpos = instrb(1, bidata, vdatabounds)  until ndataboundpos = instrb(bidata, vdatabounds & cbytestring("--"))  npos = instrb(ndataboundpos, bidata, cbytestring("content-disposition")) npos = instrb(npos, bidata, cbytestring("name=")) nposbegin = npos + 6 nposend = instrb(nposbegin, bidata, cbytestring(chr(34))) sinputname = cwidestring(midb(bidata, nposbegin, nposend-nposbegin)) nposfile = instrb(ndataboundpos, bidata, cbytestring("filename=")) nposbound = instrb(nposend, bidata, vdatabounds)  if nposfile <> 0 ,  nposfile < nposbound dim ouploadfile, sfilename set ouploadfile = new uploadedfile  nposbegin = nposfile + 10 nposend =  instrb(nposbegin, bidata, cbytestring(chr(34))) sfilename = cwidestring(midb(bidata, nposbegin, nposend-nposbegin)) ouploadfile.filename = right(sfilename, len(sfilename)-instrrev(sfilename, "\"))  dim ofileextension if sfilename <> "" ofileextension = (right(sfilename, len(sfilename)-instrrev(sfilename, "."))) if ofileextension <> "jpg" , ofileextension <> "jpeg" , ofileextension <> "gif" , ofileextension <> "pdf" response.write("<h1>post new file</h1><p><font color=#ff0000>an error has occurred while processing request.<br><br>we sorry, extensions other jpg, jpeg, gif, pdf not allowed upload<p><b>click <a href='javascript:history.go(-1);'>here</a> go , address error.</b></font>") response.end exit sub end if end if  npos = instrb(nposend, bidata, cbytestring("content-type:")) nposbegin = npos + 14 nposend = instrb(nposbegin, bidata, cbytestring(chr(13))) ouploadfile.contenttype = cwidestring(midb(bidata, nposbegin, nposend-nposbegin))  nposbegin = nposend+4 nposend = instrb(nposbegin, bidata, vdatabounds) - 2 ouploadfile.filedata = midb(bidata, nposbegin, nposend-nposbegin)  if sfilename <> "" if ouploadfile.filesize > 10000000 response.write("<h1>post new image</h1><p><font color=#ff0000>an error has occurred while processing request.<br><br>we sorry,     upload file containing 10000000(10mb) bytes only.<p><b>click <a href='javascript:window:history.go(-1);'>here</a> go , address      error.</b></font>") response.end exit sub end if end if  if ouploadfile.filesize > 0 files.add lcase(sinputname), ouploadfile else npos = instrb(npos, bidata, cbytestring(chr(13))) nposbegin = npos + 4 nposend = instrb(nposbegin, bidata, vdatabounds) - 2 if not mcolformelem.exists(lcase(sinputname)) mcolformelem.add lcase(sinputname), cwidestring(midb(bidata, nposbegin, nposend-nposbegin)) end if  ndataboundpos = instrb(ndataboundpos + lenb(vdatabounds), bidata, vdatabounds) loop end sub  'string byte string conversion private function cbytestring(sstring) dim nindex nindex = 1 len(sstring) cbytestring = cbytestring & chrb(ascb(mid(sstring,nindex,1))) next end function  'byte string string conversion  private function cwidestring(bsstring) dim nindex cwidestring ="" nindex = 1 lenb(bsstring) cwidestring = cwidestring & chr(ascb(midb(bsstring,nindex,1)))  next end function end class  class uploadedfile public contenttype public filename public filedata  public property filesize() filesize = lenb(filedata) end property  public sub savetodisk(spath) dim ofs, ofile dim nindex  if spath = "" or filename = "" exit sub if mid(spath, len(spath)) <> "\" spath = spath & "\"  set ofs = server.createobject("scripting.filesystemobject") if not ofs.folderexists(spath) exit sub  set ofile = ofs.createtextfile(spath & filename, true)  nindex = 1 lenb(filedata) ofile.write chr(ascb(midb(filedata,nindex,1))) next  ofile.close end sub  public sub savetodatabase(byref ofield) if lenb(filedata) = 0 exit sub  if isobject(ofield) ofield.appendchunk filedata end if end sub  end class %>

submit.asp

<!-- #include file="upload.asp" --> <% response.buffer = true  dim uploader, file, i, j set uploader = new fileuploader  uploader.upload() dim brandnm, filename brandnm = uploader.form("brandname")  dim objrsa, objcmda, stra set objcmda  = server.createobject("adodb.connection") set objrsa   = server.createobject("adodb.recordset") objcmda.open mm_conndudirectory_string  stra = "select * brand" objrsa.open stra,objcmda,1,2  if uploader.files.count <> 0 file = uploader.files.items() file(0).savetodisk server.mappath("upload/brands") 'folder path image save filename = file(0).filename else filename = "" end if  objrsa.addnew objrsa.fields("brand_name") = brandnm objrsa.fields("brand_createddt") = now() if filename <>"" objrsa.fields("brand_picpath") = filename  each file in uploader.files.items objrsa("brand_ctype")   = file.contenttype next objrsa.update  objrsa.close set objrsa = nothing set objcmda = nothing %>

please me out of issue.

if want rename follow known pattern in example ("filename(number).ext"), must use pseudo-code this:

let counter  = 1 let original = file(0).filename let current  = file(0).filename while(current file exists)     current  = original-without-extension + (counter) + original-extension     counter  = counter + 1 end

however, think better store user provided filename database , choose random-like filename store actual file filesystem.

let current = userlogin + (currenttime yyyymmddhhmmss) + ".uploaded"

by using bogus file extension make application way more secure, file not interpretable/executable -- imagine malicious user uploading .asp file , executing it.

if break image mime type, should consider creating .asp page read database discover appropriate mime type based on user provided file extension, write content-type , binary file content.

tl;dr: don't use user provided file name, create new one. avoid server hacking.


-

Comments

Post a Comment

Popular posts from this blog

c# - Binding a comma separated list to a List<int> in asp.net web api -

the default binder in web api expecst http://url.com/webapi/report/?pageids=3243&pageids=2365 to bind public ihttpactionresult report(list<int> pageids){ // exciting webapi code} i wish bind http://url.com/webapi/report/?pageids=3243,2365 as running out of space in url get . i have created class public class commaseparatedmodelbinder : system.web.http.modelbinding.imodelbinder { public bool bindmodel(httpactioncontext actioncontext, modelbindingcontext bindingcontext) { //binding in here } } and registered in webapiconfig.cs var provider = new simplemodelbinderprovider( typeof(list<int>), new commaseparatedmodelbinder()); config.services.insert(typeof(modelbinderprovider), 0, provider); i have altered method signature use model binder so public ihttpactionresult report( [modelbinder] list<int> pageids){ // exciting webapi code} however break point in binder not being
Read more

Delphi 7 and decode UTF-8 base64 -

in delphi 7, have widestring encoded base64(that received web service widestring result) : pd94bwwgdmvyc2lvbj0ims4wij8+dqo8c3ryaw5nptiq2lpyqjwvc3ryaw5npg== when decoded it, result not utf-8: <?xml version="1.0"?> <string>طھط³طھ</string> but when decoded base64decode.org, result true : <?xml version="1.0"?> <string>تست</string> i have use encddecd unit decodestring function. the problem have using decodestring . function, in delphi 7, treats decoded binary data being ansi encoded. , problem text utf-8 encoded. to continue encddecd unit have couple of options. can switch decodestream . instance, code produce utf-8 encoded text file data: {$apptype console} uses classes, encddecd; const data = 'pd94bwwgdmvyc2lvbj0ims4wij8+dqo8c3ryaw5nptiq2lpyqjwvc3ryaw5npg=='; var input: tstringstream; output: tfilestream; begin input := tstringstream.create(data); try output := tfilestream.
Read more

html - Is there any way to exclude a single element from the style? (Bootstrap) -

so, have img logo, overlaid on div styled background-image: url("...") , , both elements inside 2 div classes .to-color , .to-overlay respectively, black transparent overlay. is there way exclude logo style given these 2 classes? here's jsfiddle example: link html , css example: - html - <div class="to-color"> <div class="to-overlay"> <div class="respo"> <div class="row"> <div class="col-xs-4 col-xs-offset-4 text-center"> <img src="http://ansonalex.com/wp-content/uploads/2011/06/google-logo-768x260.png" alt="..." class="img-responsive"> </div> </div> </div> </div> </div> - css - .to-color { background-color: #000; } .to-overlay { opacity : 0.5; } .respo { background-image: url("https://source.unsplash.com/category/objects/1600x900"); background-position: center center;
Read more