Read and Display Binary Data   
 
In many cases you may have files that you don't want Joe Blow Web User to have access to when they visit your site. If these files are for clients only, you don't want somebody to be able to "hack" your pages and find out directory or filename structure.

The only real way to secure these files is to store them outside the web directory.

"Doesn't this defeat the purpose of sharing files over the web", you say?"

Normally it probably would but in this case its the perfect( well almost ) scenario for securing your files.


The method I use for securing files is by using a Component to read the binary file from a directory and then write it back to the web browser.

There is also a link to the MSKB about this
http://support.microsoft.com/support/kb/articles/Q193/9/98.ASP

The Code 
<%
'On Error Resume Next
If Not Response.isClientConnected Then
    Response.end
End If
Response.buffer = true

'Specify a MIME type such as "text/html", "image/gif" or "application/pdf"
Response.contenttype = "application/msword"
'Useful in cases for unknown file types
'Response.contenttype = "application/octet-stream"

'Custom server component
Set objBinFile = Server.CreateObject("ASPBinFile.clsASPBinFile")

'Beware of cases of file name in case some systems differentiate them
mFile = "c:\inetpub\wwwroot\test\serverop.doc"

mStream = objBinFile.BinFileRead(mFile)
Response.Addheader "Content-Disposition", "inline; filename=" & "ado.pdf"

'Response.Addheader "Content-Disposition", "inline; filename=" & "serverop.doc"
Response.CacheControl = "public"

Response.binarywrite mstream
Set objBinFile = Nothing
Response.End
%>

 As you can see the code is very small. 

You need to set your MIME type so that the browser knows what kind of file this is. If you are serving multiple kinds of files I would write a case statement to handle all the MIME types and for the CASE ELSE you can use octet-stream.

Octet-Stream is the catch-all datatype. If you look in your web server's properties under MIME types you will likely see a long list with MIME types and their associated applications. For Octet-Stream you will see all or *. This is because octet-stream is the straight binary and will just let you download or open the file. Kind of like writing it straight to the browser.

mFile is the variable you will need to set the path in. What I would do here is hardcode the main path into your asp page and then just Response.Write your filename into the page.

You will also need to create your instance of the BinaryRead/Write object I have created.

Below I have also included the code for the Component I wrote to handle the Binary Read portion of this article. This is a simple ActiveX Dll. Just open VB and name the Project File - ASPBinFile and the Class File - clsASPBinFile. You should be rocking and good to go after this.

Option Explicit

Function BinFileRead(ByVal inFileSpec As String) As Variant
     On Error GoTo errHandler
     Dim mHandle
     Dim lngFileLen As Long
     Dim arrData() As Byte

     mHandle = FreeFile
     Open inFileSpec For Binary Access Read As #mHandle

     lngFileLen = FileLen(inFileSpec)
     ReDim arrData(lngFileLen)

     Get #mHandle, , arrData
     Close #mHandle

     BinFileRead = arrData
     Exit Function

errHandler:
End Function

My3C's
perrychicker
It's easy... it's a PSACAKE!
Back | Tell A Friend | Search this Site
© 1998 - 2010 psacake.com
Version 3.23

Send me One Million FREE Guaranteed Visitors