Limiting the Upload Size

You've seen how to upload multiple files and access each of their individual properties, as well as how to read properties of the file, such as the TotalBytes of the upload.

There are several properties that can be set as well. One very useful property is called MaxBytes. MaxBytes allows you to set a firm limit on the size of the uploaded file, ensuring that malicious users do not fill up your server's hard disk with huge files.

When you set the MaxBytes property (before saving the file!), SA-FileUp will write up to the number you specify and then stop. Any additional data will be discarded. You can set MaxBytes once and it will apply to all files in the current upload, limiting each of them to the value that you specify.

By default, there is no limit on the size of file to accept. If you have set a limit, and want to remove this limit, set MaxBytes equal to zero (0).

In the following example, we use the same simple form used in the first upload:

	<HTML>
	<HEAD>
	<TITLE>Please Upload Your File</TITLE>
	</HEAD>
	<BODY>
	<form enctype="multipart/form-data" method="post" action="formrespmax.asp">
	Enter a big file to upload: <input type="file" name="f1"><br>
	<input type="submit">
	</form>
	</BODY>
	</HTML>

Here is the response file, formrespmax.asp:

	<%@ LANGUAGE="VBSCRIPT" %>
	<HTML>
	<HEAD>
	<TITLE>Upload File Results</TITLE>
	</HEAD>
	<BODY>
	Thank you for uploading your file.<br>
	<% Set upl = Server.CreateObject("SoftArtisans.FileUp") %>
	<% upl.MaxBytes = 1000 '--- limit the upload size to 1000 bytes %>
	The maximum file size that you are permitted to upload is <%=upl.MaxBytes%> bytes.<br>
	<% upl.SaveAs "C:\temp\upload.out" %>
	Total Bytes Written: <%=upl.TotalBytes%><br>
	Server File Name: <%=upl.ServerName%><br>
	Total Bytes Transmitted: <%=Request.TotalBytes%>
	</BODY>
	</HTML>

Let's look at the form's processing (formrespmax.asp).

First, the MaxBytes:

	<% upl.MaxBytes = 1000 '--- limit the upload size to 1000 bytes %>
	The maximum size that you are permitted to upload is <%=upl.MaxBytes%> bytes per file.<br>

We are setting MaxBytes as a limit for all files in this upload, even if there is more than one.

MaxBytes is Read/Write property, meaning that it is possible to both set its value and retrieve its value.

If you try to upload a file larger than 1000 bytes, notice that only the first 1000 bytes would be written to the hard disk.

We also added a new property called ServerName. ServerName is the name of file as it is stored on the web server, including the full path.

	Server File Name: <%=upl.ServerName%><br>

And finally we displayed an ASP intrinsic property that displays the precise total number of bytes transmitted by the browser.

	Total Bytes Transmitted by you: <%=Request.TotalBytes%>

You may have noticed that the total number of bytes transmitted by you is larger than your original file's size on disk. This is normal, since the browser must add information such as headers and encoding information. Request.TotalBytes reports the total including the file, encoding information and other form elements that may be present.


What did we learn?

What if you want to restrict the types of files uploaded?

 

 

Previous Page Next Page