2

I am a newcomer in .NET. When I am uploading an image, I get an error of

System.UnauthorizedAccessException:
Access to the path 'C:\Inetpub\vhosts\cmcnoida.com\httpdocs\i_image\123' is denied.

This code works on local very well, but at the live server above error is generating. What can I do?

My code:

protected void Button1_Click(object sender, EventArgs e)
{
    string t_sname, t_cname, t_pack, t_college, t_djoin;

    if (TextBox2.Text == "")
    { t_sname = "-"; }
    else
    { t_sname = TextBox2.Text; }
    if (TextBox3.Text == "")
    { t_cname = "-"; }
    else
    { t_cname = TextBox3.Text; }
    if (TextBox4.Text == "")
    { t_pack = "-"; }
    else
    { t_pack = TextBox4.Text + " lacs pa"; }
    if (TextBox5.Text == "")
    { t_college = "-"; }
    else
    { t_college = TextBox5.Text; }
    if (TextBox6.Text == "")
    { t_djoin = "-"; }
    else
    { t_djoin = TextBox6.Text; }

    // conn = new SqlConnection("Data Source=USER-PC;Initial Catalog=cmcnoida;Integrated Security=True");
    conn = new SqlConnection("Data Source=127.0.0.1;Integrated Security=False;User ID=kvch_db;Connect Timeout=200;Encrypt=False;Packet Size=4096;Database=cmcnoida;password=kv_12_2014");
    //conn = new SqlConnection("server=singhal;database=abc;Trusted_Connection=yes");
    comm = new SqlCommand();
    comm.Connection = conn;
    comm.CommandText = "select max(id) from placement";
    conn.Open();
    int i = (int)comm.ExecuteScalar();
    conn.Close();
    string a = (i + 1).ToString();

    DirectoryInfo dd2 = new DirectoryInfo(Server.MapPath("~\\i_image\\" + a));

    dd2.Create();
    dd2.Refresh();

    string fup;
    if (FileUpload1.HasFile == true)
    {
        fup = "~\\i_image\\" + a + "\\" + FileUpload1.FileName;
        FileUpload1.PostedFile.SaveAs(Server.MapPath(fup));
    }
    else
    {
        fup = "~\\i_image\\" + a + "\\dummy-man.jpg";
        File.Copy(Server.MapPath("~\\admin\\dummy-man.jpg"), Server.MapPath("~\\i_image\\" + a + "\\dummy-man.jpg"));
    }
    comm.Connection = conn;
    comm.CommandText = "insert into placement values('" + t_sname + "','" + t_cname + "','" + t_pack + "','" + t_college + "','" + t_djoin + "','" + fup + "')";
    conn.Open();
    comm.ExecuteNonQuery();
    conn.Close();
    // binddatagrid();
    TextBox2.Text = "";
    TextBox3.Text = "";
    TextBox4.Text = "";
    TextBox5.Text = "";
    TextBox6.Text = "";
    TextBox2.Focus();
    Response.Write("<script language=JavaScript> alert('Placement Record Inserted !!'); </script>");
}

What should I do to solve this issue?

Mikael Engver
  • 4,634
  • 4
  • 46
  • 53
user3253285
  • 9
  • 1
  • 4
  • Set the permissions *outside* of the application. Unless impersonation is used, it is likely that the account used for the ASP.NET app-pool needs to be given write access. – user2864740 Jan 31 '14 at 07:19

2 Answers2

0

If you are hosting this on your server you need to set permissions on the folder. Here is a good read on What are all the user accounts for IIS/ASP.NET and how do they differ?

But I doubt it not the case here. I think you are hosting it on a shared environment here.
If that's the case, you cannot set server folder security permissions using code. So you have to contact your hosting providers and ask them to give permissions to the i_image folder.

I mentioned i_image folder because the child folder 123 looks dynamic from your code. Setting permission to the root folder is enough.

Community
  • 1
  • 1
naveen
  • 53,448
  • 46
  • 161
  • 251
0

In many cases where access security is concerned you need to use ASP.NET Impersonation (run as Windows User Account). You then need to make some changes i web.config.

<configuration>
  <system.web>
    <identity impersonate="true"/>
  </system.web>
</configuration>

<identity impersonate="true" userName="DOMAIN\UserName" password="***" />

You need to supply the user credentials that have write access to the folder you want to write to.

These settings can also be done in IIS on the Application pool.

Mikael Engver
  • 4,634
  • 4
  • 46
  • 53