当前位置: 文江博客话题详情

使用 ASP.NET 网站和 Visual Studio 管理用户上传的文件

发布于 01-06 11:05 字数 1018 浏览 3 评论 0原文

我知道在互联网历史上的某个地方一定有人问过这个问题,但我似乎无法确定正确的术语来获得我需要的答案。这个问题很接近:什么是在网站中存储用户上传的文件的最佳方式吗?但我需要更多细节。

基本上,您应该如何有效地管理用户上传的文件,例如个人资料图片?我想知道的是关于在哪里创建目录结构的一些“最佳实践”。

上述问题的第二个答案提供了一些选项,例如将它们存储在网络根目录之外,这正是我最初想做的。但后来我开始思考...

1)我们如何将路径保存在数据库中?绝对?相对? 每个用户都有一个“ProfilePicPath”列。如果我们想将整个项目从一台服务器完全迁移到另一台服务器,并且出于某种原因我们无法将文件放在新服务器上的同一位置,该怎么办?每个链接都会被破坏。

2) 在安全方面应该如何处理?假设我们已将 Web 应用程序部署到 C:\websites\site1 等位置,但我们将用户个人资料图片存储在 C:\usercontent\profilepictures 中\?在我们加载个人资料图片的页面上,我们如何在后面的代码中以编程方式安全地访问该图片?我们不想把它们放在 C:\websites\site1\usercontent\profilepictures\ 中,对吗?我不喜欢将绝对路径放入数据库中,而且我也不想在后面的代码中的任何位置硬编码路径。

我们最初确实尝试使用 Web 项目内的文件,但后来它变得有点风险,因为这些用户文件是我们项目的一部分。更新/修改网站时复制/粘贴错误,我们可能会覆盖自上次从存储库检出项目以来用户上传的文件等。这是一个巨大的麻烦,整个场景让我尖叫,“你这个白痴,你做的这一切都是错的……”但我似乎找不到正确的指南来“正确”地做这件事。

需要明确的是,我们的需求很小 --- 这只是一个供内部使用的小项目,可能不超过 30 个用户,并且全部需要包含在一台 IIS 7 服务器上。

原文

I know that somewhere in the history of the internet this must have been asked somewhere, but I just can't seem to nail down the right terminology to get the answer I need. This question comes close: What is the best way to store user uploaded files in a website? But I need a little bit more detail.

Basically, how are you supposed to effectively manage files that users have uploaded, such as a profile picture? What I want to know are some "best practices" regarding WHERE to make the directory structure.

The second answer in the above question offers some options, such as storing them outside of the web root, which is what I originally thought about doing. But then I started thinking...

1) How do we save the paths in the database? Absolute? Relative? Each user has a column for "ProfilePicPath". What if we want to completely uproot the entire project from one server to another, and for whatever reason we can't put the files in the same place on the new server? Every link would be broken.

2) How should this be handled in terms of security? Say we have our web application deployed to like C:\websites\site1, but we store the user profile pictures in like C:\usercontent\profilepictures\? On a page where we load the profile picture, how do we safely access that programmatically in the code behind? We don't want to put them in like C:\websites\site1\usercontent\profilepictures\, right? I'm not a fan of putting an absolute path into the database, and I also don't want to hardcode a path in anywhere in the code behind.

We originally DID try with the files inside the web project, but then it became kind of a risk, because these user files were part of our project. One wrong copy/paste when updating/modifying the site and we might overwrite a file a user has uploaded since we last checked out the project from the repository, etc. It was a huge hassle, and the whole scenario just screamed to me, "you idiot, you're doing this all wrong..." but I just can't seem to find a proper guide to doing it "right."

Just to be clear, our needs are minimal --- this is just a small project for internal use, no more than maybe 30 users, and it all needs to be contained on one IIS 7 server.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

高冷爸爸2025-01-13 11:05:25

1)我们如何将路径保存到数据库中?绝对?相对的?每个用户都有一个“ProfilePicPath”列。如果我们想将整个项目从一台服务器完全迁移到另一台服务器,并且出于某种原因我们无法将文件放在新服务器上的同一位置,该怎么办?每个链接都会被破坏。

相对的。如果您想这样做,只需在 ProfilePicPath 中存储文件名即可。我有一个 Web 应用程序,我发现将图片存储在数据类型为“image”的 SQL 列中更容易。推理是,图片是应用程序数据的一部分,而不是应用程序代码的一部分,因此将其存储在数据库中。

2)在安全方面应该如何处理?假设我们已将 Web 应用程序部署到 C:\websites\site1 等位置,但我们将用户个人资料图片存储在 C:\usercontent\profilepictures\ 等位置?在我们加载个人资料图片的页面上,我们如何在后面的代码中以编程方式安全地访问该图片?我们不想把它们放在 C:\websites\site1\usercontent\profilepictures\ 中,对吗?我不喜欢将绝对路径放入数据库,而且我也不想在后面的代码中的任何位置硬编码路径。

在您的 web.config 中有一个像这样的 appSetting:

<add key="ProfilePicturePath" value="C:\usercontent\profilepictures\" />

您的代码可以使用 Path.Combine(s1, s2) 来将 AppSetting 与用户的数据库 ProfilePicPath 值组合起来。要提供图像文件,您可以引用 HTTP 处理程序,例如 。我用来从数据库获取图像的代码如下,但如果您从 a 文件夹获取数据,则可以使用 System.IO.File.Open() 来从 a 文件夹获取流文件系统代替。

public class Pic : IHttpHandler
{
    #region Properties

    public bool IsReusable
    {
        get
        {
            return true;
        }
    }

    #endregion

    #region Implemented Interfaces

    #region IHttpHandler

    public void ProcessRequest(HttpContext context)
    {
        var userRecord = DAL.GetCurrentUser();

        if (userRecord != null)
        {
            byte[] picture = userRecord.ProfilePicture.ToArray();

            context.Response.ContentType = "image/jpeg";
            context.Response.OutputStream.Write(picture, 0, picture.Length);
            context.Response.OutputStream.Close();
        }
    }

    #endregion

    #endregion
}

1) How do we save the paths in the database? Absolute? Relative? Each user has a column for "ProfilePicPath". What if we want to completely uproot the entire project from one server to another, and for whatever reason we can't put the files in the same place on the new server? Every link would be broken.

Relative. In ProfilePicPath simply store the filename if you wish to do it that way. I've a web application where I found it easier to store the picture in a SQL column with data type "image". The reasoning goes that the picture is part of the application's data rather than the application's code, so therefore store it in the database.

2) How should this be handled in terms of security? Say we have our web application deployed to like C:\websites\site1, but we store the user profile pictures in like C:\usercontent\profilepictures\? On a page where we load the profile picture, how do we safely access that programmatically in the code behind? We don't want to put them in like C:\websites\site1\usercontent\profilepictures\, right? I'm not a fan of putting an absolute path into the database, and I also don't want to hardcode a path in anywhere in the code behind.

In your web.config have an appSetting like so:

<add key="ProfilePicturePath" value="C:\usercontent\profilepictures\" />

And your code can use Path.Combine(s1, s2) to combine the AppSetting with the database ProfilePicPath value for the user. To serve the image file you can reference a HTTP Handler e.g. <img src="Pic.ashx" />. The code I use to get the image from the database is below, but if you were getting the data from the a folder you can use System.IO.File.Open() to get the stream from the file system instead.

public class Pic : IHttpHandler
{
    #region Properties

    public bool IsReusable
    {
        get
        {
            return true;
        }
    }

    #endregion

    #region Implemented Interfaces

    #region IHttpHandler

    public void ProcessRequest(HttpContext context)
    {
        var userRecord = DAL.GetCurrentUser();

        if (userRecord != null)
        {
            byte[] picture = userRecord.ProfilePicture.ToArray();

            context.Response.ContentType = "image/jpeg";
            context.Response.OutputStream.Write(picture, 0, picture.Length);
            context.Response.OutputStream.Close();
        }
    }

    #endregion

    #endregion
}
回复 原文
才能让你更想念2025-01-13 11:05:25

我对我的网站做了什么,

  1. 我创建了一个子域,我可以在其中访问文件(例如 static. domain.com)

  2. 在我的主站点中,我在 web.config 中为此类文件路径添加了一些 appSettings

  3. 我创建了一个返回我需要获取的目录的类一个特定的文件。
    我序列化了我的文件,以链接到数据库中的配置文件,其名称如下
    照片_1.png
    例如可以在配置文件目录下找到
    所以当我为帐户 ID 1 的个人资料寻找照片时
    我将像这样调用我的类

string ProfileDir = clsDirectory.GetProfileDirectory();

string filePath = ProfileDir + "photo_" + UserId + ".png";

What i did with my Web Site

  1. I created a subdomain to where i can access the files (e.g static.domain.com)

  2. In my main site, I added some appSettings in the web.config for the file paths like these

       <add key="MainPath" value="http://static.domain.com/ImageDatabase/" />
   <add key="Profile" value="Profile/" />         
   <add key="Advertisements" value="Ads/" />

  3. I created a class that returns the directory i need to get a specific file.
    I serialized my files to be linked to the profiles in my database having names like
    photo_1.png
    which could be found for example under Profile Directory
    so when im looking for a photo for a profile for account id 1
    i will just call my class like these

string ProfileDir = clsDirectory.GetProfileDirectory();

string filePath = ProfileDir + "photo_" + UserId + ".png";
回复 原文
~没有更多了~

关于作者

殊姿

暂无简介

文章
评论
29 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lylex099819

文章 0 评论 0

yg

文章 0 评论 0

mb_PT8LkUS5

文章 0 评论 0

埋情葬爱

文章 0 评论 0

佚名

文章 0 评论 0

奢望

文章 0 评论 0

更多

友情链接

文江博客
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文