问题
I have a scenario where users of my ASP.NET web application submit testimonials consisting of text info and images. The submit process has the following steps:
- First the user inputs the content and chooses a path to an image
- When he clicks preview, the info is once again shown so that he can confirm
- Once confirmed the info is persisted in the database
The problem with this is that I don't want to store uploaded images in the DB before the user actually confirms. Instead I store them as temporary files and put them in DB only after final confirmation.
Since I also want my application to run in medium trust, I have write permissions only to the application directory and nowhere outside. I even want to limit write permissions for the ASPNET / NETWORK SERVICE user to the ~/App_Data folder. The problem with my scenario is that once a temporary file is created in this folder, the application pool is recycled and I don't want that on every testimonial submit.
How do you advise I keep these temp files instead? The pool is not restarted if I update a file - only on create or rename. But I don't think I can store whole images in a single file for all users. What do you think?
UPDATE: I should note that I'm using a third party control for upload. It gives me programmatic access to the binary stream of the file contents after upload, but I cannot keep this after a second postback (the first step and postback actually does the upload).
回答1:
I would recommend IsolatedStorage. It's a kind of virtual folder.
Here is an excerpt from an example on CodeProject:
IsolatedStorageFileStream stream =
new IsolatedStorageFileStream(ISOLATED_FILE_NAME,
FileMode.Create, isoStore);
StreamWriter writer = new StreamWriter( stream );
writer.WriteLine( "This is my first line in the isolated storage file." );
writer.WriteLine( "This is second line." );
writer.Close();
UPDATE: To clean up your file just do this:
string fileName = "isolatestorage.txt";
IsolatedStorageFile storage = IsolatedStorageFile.GetStore(
IsolatedStorageScope.User | IsolatedStorageScope.Assembly, null, null);
string[] files = storage.GetFileNames(fileName);
foreach(string file in files) {
if(file == fileName) {
storage.DeleteFile(file);
break;
}
}
回答2:
The default web_mediumtrust.config file that Microsoft ships is notoriously impractical.
Here is a snippet from the default web_mediumtrust.config file. By default, you cannot use System.IO to discover or write to the temp folder.
<IPermission
class="FileIOPermission"
version="1"
Read="$AppDir$"
Write="$AppDir$"
Append="$AppDir$"
PathDiscovery="$AppDir$"
/>
Although I haven't experirement with Isolated Storage as mentioned by @Seb, it seems to be permitted by the default config file.
回答3:
You can still use the normal Path.GetTempFilename() method to get a temporary file in ASP.NET scenarios.
It should give you a temp file path that is writable by NETWORK_SERVICE but also lives in one of the actual Windows' temp folders, not your application folder.
If your host configured his server correctly, that should works fine.
回答4:
This is a reply to Leppie who commented on my question (to avoid the char limit)
From: http://blogs.msdn.com/johan/archive/2007/05/16/common-reasons-why-your-application-pool-may-unexpectedly-recycle.aspx
...sometimes your application pool inexplicably recycles for no obvious reason. This is usually a configuration issue or due to the fact that you're performing file system operations in the application directory.
Are you sure it's not supposed to recycle?
来源:https://stackoverflow.com/questions/271944/storing-temporary-user-files-in-asp-net-in-medium-trust