I need to implement a way for my users to upload material to me. Most of the users do not have a working knowledge of FTP, so I have been considering using a script.
The only thing that bothers me about this are the security issues, I want to make sure that I am not placing my server in jeopardy.
There are ways that users can upload content and you can feel safe, too.
Tools like ASPSimpleUpload, and ASPUpload are out there to implement on your site. They would offer better protection than FTP, because you can control what file types can be submitted through your form.
Customize your script to allow only the file types relevant to the files you want uploaded. For example, if you only wanted images, you could set a conditional statement to look at the last three chars of the file extension. If those letters = "jpg" or "gif" then the script will continue to process.. otherwise, Response.End()
Reply With Quote
Bookmarks