using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using Telerik.WebControls; using System.IO;namespace Honeywell { public partial class FileList : System.Web.UI.Page { private HttpCookie cookie = null; private string userAccount = ""; private string sql = ""; private string sqlPath = "\\Uploads\\"; protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { BindData(); } }
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using Telerik.WebControls;
using System.IO;namespace Honeywell
{
public partial class FileList : System.Web.UI.Page
{
private HttpCookie cookie = null;
private string userAccount = "";
private string sql = "";
private string sqlPath = "\\Uploads\\";
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
BindData();
}
}
/// <summary>
/// Bind datalist
/// </summary>
private void BindData()
{
if (Request.QueryString["prnum"] != null && Request.QueryString["prnum"].Trim() != "")
{
hfPRNumber.Value = Request.QueryString["prnum"].Trim();
sql = "SELECT *,(SELECT EnglishName FROM PR_Users WHERE USERID=UploadBy) as EName FROM PR_Attachment WHERE PRNumber = '" + hfPRNumber.Value.Trim() + "'";
DataTable dt = DBBase.GetDataTable(sql);
dlList.DataSource = dt;
dlList.DataBind();
}
if (Request.QueryString["status"] != null)
{
dvUp.Style.Add("display", "none;");
}
} protected void dlList_ItemDataBound(object sender, DataListItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.AlternatingItem || e.Item.ItemType == ListItemType.Item)
{
HiddenField hfUpBy = (HiddenField)e.Item.FindControl("hfUpBy"); cookie = Request.Cookies["adUser"];
userAccount = cookie == null ? "test" : cookie["account"].Trim();
LinkButton lbtn = (LinkButton)e.Item.FindControl("lbtnDelete");
lbtn.Visible = hfUpBy.Value.Trim() == userAccount ? true : false;
lbtn.Visible = Request.QueryString["status"] != null ? false : true;
}
} protected void dlList_ItemCommand(object source, DataListCommandEventArgs e)
{
if (e.CommandName == "delete")
{
sql = "DELETE PR_Attachment WHERE ID = '" + dlList.DataKeys[e.Item.ItemIndex].ToString() + "'";
DBBase.Update(sql);
BindData();
HiddenField hf = (HiddenField)e.Item.FindControl("hfAttachment");
File.Delete(Server.MapPath(hf.Value));
WebPage.ShowMessage("Delete success!");
}
} protected void btnSave_Click(object sender, EventArgs e)
{
if(ffFile.Text == "")
{
WebPage.ShowMessage("Please select the file.");
return;
}
if (txtDescription.Text == "")
{
WebPage.ShowMessage("Please add descriptions to the file you have uploaded.");
return;
} string Path = Server.MapPath(@"~/Uploads/"); //如果路径不存在,则创建
if (System.IO.Directory.Exists(Path) == false)
{
System.IO.Directory.CreateDirectory(Path);
}
//组合路径,file.GetName()取得文件名
Path = Path + fupload.FileName;
sqlPath += fupload.FileName;
//保存
fupload.SaveAs(Path); cookie = Request.Cookies["adUser"];
userAccount = cookie == null ? "test" : cookie["account"].Trim();
string pNo = Request.QueryString["pno"] != null ? Request.QueryString["pno"].Trim() : "test";
sql = "INSERT INTO PR_Attachment VALUES('" + pNo + "','" + fupload.FileName + "','" + fupload.PostedFile.ContentLength / 1024 + "','" + sqlPath + "','" + txtDescription.Text.Trim() + "','" + userAccount + "','" + DateTime.Now.ToString("MM/dd/yy") + "')";
DBBase.Update(sql);
BindData();
WebPage.ShowMessage("Upload file success!");
} protected void btnSave_Command(object sender, CommandEventArgs e)
{
if (ffFile.Text == "")
{
WebPage.ShowMessage("Please select the file.");
return;
}
if (txtDescription.Text == "")
{
WebPage.ShowMessage("Please add descriptions to the file you have uploaded.");
return;
} string Path = Server.MapPath(@"~/Uploads/"); //如果路径不存在,则创建
if (System.IO.Directory.Exists(Path) == false)
{
System.IO.Directory.CreateDirectory(Path);
} //组合路径,file.GetName()取得文件名
Path = Path + fupload.FileName;
sqlPath += fupload.FileName;
//保存
fupload.SaveAs(Path); cookie = Request.Cookies["adUser"];
userAccount = cookie == null ? "test" : cookie["account"].Trim();
string pNo = Request.QueryString["pno"] != null ? Request.QueryString["pno"].Trim() : "test";
sql = "INSERT INTO PR_Attachment VALUES('" + pNo + "','" + fupload.FileName + "','" + fupload.PostedFile.ContentLength / 1024 + "','" + sqlPath + "','" + txtDescription.Text.Trim() + "','" + userAccount + "','" + DateTime.Now.ToString("MM/dd/yy") + "')";
DBBase.Update(sql);
BindData();
WebPage.ShowMessage("Upload file success!");
}
}
}
document.getElementById("ffFile").value = document.getElementById("fupload").value;
}的问题input file 由于安全的原因,不允许 js 或其他方式的赋值,只能是用户自己点击
class="ltBtn" />
onclick="document.getElementById('fupload').click();"是这句的问题
document.getElementById("ffFile").value = document.getElementById("fupload").value;
}解决方案 把这个逻辑在后台实现
我现在后台可以获取路径,但保存到服务器只能用 SaveAs,用File.Copy 是不行的File流写入也不行。。 而 FileUpload.FileName 永远是 ""
http://www.cnblogs.com/Charles2008/archive/2008/07/20/1247084.html结贴~