I developed a web application using C#, I upload file to SQL Server. I need to auto-download it to a folder.
Here is my code for that:
string sql = "select * from tblFiles where ID = " + ID ;
DataTable dt = dbs.MNTSQLSelect(sql);
if (dt.Rows.Count > 0)
{
Response.Clear();
Response.Buffer = true;
Response.ContentType = dt.Rows[0]["contentType"].ToString();
Response.AddHeader("content-disposition", "attachment;filename=" + dt.Rows[0]["fileName"].ToString());
Response.Charset = "";
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.BinaryWrite((byte[])dt.Rows[0]["filedata"]);
Response.End();
}
Unfortantly the download location as a genreal rule is controlled by the "end user" browser settings.
For up-loading, then you ONLY ever get just the file name, and information about the client side computer is "hands off". If you could set/pick/choose a file name, then while you come to my site to view a picture of a cute cat?
Then I could start rummanging around on your hard drive. Steal your emails, or how about files in a folder called "banking". or how aobut looking for a Excel sheet called passwords?
It turns out that while file up-loads don't allow ANY kind of path information, or even exposing path names to your web server?
You can try passing a path name + file name when sending a file to a client computer. But, then again, this might be an adroid phone, iPad, and as such, things like drive letters don't even exist!
So, I have found that I can supply a path name - Edge seems to accept the path name, but at the end of the day, it the end users browser settings that has and will control where a file location is downloaded to (in most cases - it defaults to the folder called "downloads").
so, you really don't have much choice in this matter - the end user computer + browser settings will ultimately control the location of such downloads, and once again, if any old location could be set, then I might as well download some.exe program into your windows startup folder or whatever - and again that would be a security risk beyond anything that any user would allow or tolerate.
You can't mess around with my computer JUST because I decide to visit your site, and as noted, no end user would use a browser or the inte.net if this was possible.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.