.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

File Listing and Session Modification

Posted By:      Posted Date: October 18, 2010    Points: 0   Category :ASP.Net
Hi Guys, After learning asp.net for a few months and viewing this forum for a few weeks, I have started to get confused with the setting and security issues of asp.net. Hope someone could answer me. Problem 1: I am curious why we have to encrypt connection string, appsetting and more in the web.config file even though file listing is set to "not allowed" on server setting. Does it mean some strangers can still view and steal such file from server? Problem 2: I know that session id is sort of protected but could hacker be able to change the information inside ? Let say hacker browser my webpage and some data are stored in the session cookies, could they change the information inside the session cookies? Thank you very much and I greatly appreciate your help.

View Complete Post

More Related Resource Links

how to check one time java script file download not every session

how to check one time java script file download not every session

i make a web site using frame but session is expire Error message is my Config file is attache

i make a web site using frame  but session is expire message is Object reference not set to an instance of an object Description: HTTP 500. Error processing request. Stack Trace: System.NullReferenceException: Object reference not set to an instance of an object at System.Web.UI.Control.OnLoad (System.EventArgs e) [0x00000] in <filename unknown>:0 at System.Web.UI.Control.LoadRecursive () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessLoad () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessPostData () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.InternalProcessRequest () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0 My Web Config file is<configuration>    <!-- store the database connection info here -->     <appSettings>        <add key="sBook_StoreDBConnectionString" value="Provider=Microsoft.Jet.OLEDB.4.0;User ID=Admin;Data Source=C:\Program Files\CodeCharge\Examples\BookStore\BookStore_MSAccess.mdb;Persist Security Info=False" />            </appSettings>  <system.web>  <httpRuntime executionTimeout=&quo

Session Expires on File Delete

Dear All, I am trying to delete Files and Directory through ASP.NET3.5 (C#)web application. But as soon as Directory\File is deleted It  automatically redirects me to Login Page. It means I am lossing my session on deleting File/Directory. Plz help me out.

Session State in ASHX file


Hi People,

I have been trying unsuccessfully to retrieve a Session varaible from within an ASHX file that i'm using to build an XML file.

What I am trying to achieve is quite simple really.

My ASHX file is used to dynamically build an XML file so that I can then bind it to a TreeView control later on. However the dynamic part isn't quite working because the ID that I need from the session seems to not be passed into the ASHX file.

I have tried using the following methods to do this:

1) Include interfaces IRequiresSessionState and IReadOnlySessionState

2) Tried accessing the value like this: Session["ID"] or context.Session["ID"] or HttpContext.Current.Session["ID"]

I am setting the Session variable in the MasterPage's code behind.

Can anyone help?



File Listing in Grid View


I have grid view in which i want list files in a particular folder and to view them in browser on click

Please help

Directory listing without showing file extension?



I've seen various tutorials and scripts online which show how to create a directory tree which list the file name, size etc.

My question is, I need a script that is basically a normal directory listing but it doesn't show the file extension.  If anyone can even point me in the right direction it'd be of much help!



Session call in .ashx file from .cs file.


How we can call session from .ashx file from .cs file.


i have store value in session in cs file.

eg. session["s"]="abc";

when i get this value in .ashx file  

string strDisplay = context.Session["Captcha"].ToString();

show error 

Object reference not set to an instance of an object.

how to call a session variable in Web service Method in Default.cs file



I have used a web service method in my Application. And as per the requirement using one user. I am searching for a list of schools to a particular area. When one person logged with the credentials , search criteria works fine when another person logs in there the problem like session variable is getting overriden . This is a issue which I am facing and as per its very urgent to solve the problem. Please help me and solve the Issue.

Please repond Immediately, as I am unable to sleep at nights.

I am also sending the code of a sample example 


using System;
using System.Configuration;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page
    //public string str;
   // SharedPersonalizationStateInfo string str;
    static string str1;
    static string strName;
    static  string strSqlquery;
    protected void Page_Load(object sender, EventArgs e)

        if (!IsPostBack)
            strName = Session["ID"].ToString();
            str1 = Session["FriendID"].ToString();

File Splitter in .Net

I love to do utility programs in .Net. And this is one of them. As I was playing with JSplit (a free file splitter program), I wondered if I could do it in .Net. The framework supports file operations like reading files in bytes and creating them. It is indeed easy to do file operations in .Net Basics on File operations

MS SQL Server: Disconnect Users From Database - Kill User Session

If you ever wanted to restore your database from a SQL backup file (.bak), but there are still users connected to your database, the backup operation will fail causing the error: Exclusive access could not be obtained because the database is in use.

Upload Multiple File using JQuery in asp.net

In this article I have explained how to upload multiple files using file upload control. I have used jQuery plugin for uploading multiple files.

I have also explained how to check for file type, file maximum size limit using jQuery & also using server side validation code.

Creating Excel file from C#

I used below coding for create a excel sheet.I got from on web site.
In below coding there is no problem.Its create the excel file.If i run second time,its ask to overwrite the current excel file.If I said "Yes" then it ok ,but If I select cancel button,its generate the Error message.The exception is

Upload a File to a SharePoint Document Library - Part I

The following helper class demonstrates a few techniques that allow documents to be uploaded to a SharePoint document library programmatically without using the API or a custom web service. You don't need to specify a document library name, and it will create any folders specified in the URL as required. File meta data will be updated if any properties are passed.

SmtpClient and Locked File Attachments

Got a note a couple of days ago from a client using one of my generic routines that wraps SmtpClient. Apparently whenever a file has been attached to a message and emailed with SmtpClient the file remains locked after the message has been sent. Oddly this particular issue hasn't cropped up before for me although these routines are in use in a number of applications I've built.

How to call an .exe file in .net

Sometimes a developer has to call an EXE from another EXE. While calling EXE there can be a requirement to pass parameter.

ClientAccessPolicy file in SharePoint 2010

I am upgrading my Silverlight demo code from the old beta to beta 2 and see that there are a few new considerations for the deployment of ClientAccessPolicy.xml files. In a previous post I demonstrated how to do this for SharePoint 2007. The heartburn that I get with that approach is any site collection owner or designer can drag the file into the site collection and open the site up to unwanted client access issues. In 2010 the virtual path provider no longer serves the files from the root of the site collection

Multi File Upload Using JQuery!

Everyone knows about the file upload in .NET. But the multi file upload is some what difficult in .NET. For that purpose we can have some AJAX or JQuery!. Jquery is the latest advanced version. It will give some animated upload. You can try it for your own!!!!
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend