System.UnauthorizedAccessException: Access to the path '~/uploads/getpo/getmrr/' is denied.

Last Reply on Dec 29, 2015 02:47 AM By Shashikant

Posted on Dec 29, 2015 02:45 AM

I have the following code and did not get an error before, but all of a sudden started getting error.

 

 

    protected void Upload(object sender, EventArgs e)
    {

        string getpono = txtPONo.Text;
        string getmrr = ddlMRR.Text;
        string getitem = txtItemNo.Text;
        string getreqno = txtReqNum.Text;

        for (int c = 0; c < Request.Files.Count; c++)
        {

            string path1 = "~/uploads/" + getpono + "/" + getmrr + "/";
            string path2 = "~/uploads/" + getpono + "/" + getmrr + "/" + getitem + "/";

            HttpPostedFile postedFile = Request.Files[c];

            string uploadFolderName = Request.Files.AllKeys[c].Contains("puzzleImageArea") ? path1.ToString() : path2.ToString() ;

            if (postedFile.ContentLength > 0)
            {

                try
                {
                    if (!System.IO.Directory.Exists(path1)) { System.IO.Directory.CreateDirectory(path1); }
                    if (!System.IO.Directory.Exists(path2)) { System.IO.Directory.CreateDirectory(path2); }

                    string fileName = Path.GetFileName(postedFile.FileName);
                    postedFile.SaveAs(Server.MapPath(uploadFolderName) + fileName);
                    lblMessage.Text += string.Format("<b>{0}</b> uploaded.<br />", fileName);

                    SqlCommand cmdUpload = new SqlCommand("insert into MAT_DOCS (PONO,ITEMNO,REQNO,MRR,FILENAME,Datapath,DateEntered,EnteredBy) values('" + getpono + "','" + getitem + "','" + getreqno + "','" + getmrr + "',@Name,@FilePath,@DateAdded,'" + hdnLoginID.Value + "')", sConn);
                    cmdUpload.Parameters.AddWithValue("@Name", Path.GetFileName(postedFile.FileName));
                    cmdUpload.Parameters.AddWithValue("@FilePath", uploadFolderName + Path.GetFileName(postedFile.FileName));
                    cmdUpload.Parameters.AddWithValue("@DateAdded", DateTime.Now);
                    sConn.Open();
                    cmdUpload.ExecuteNonQuery();
                    sConn.Close();

                }
                catch (Exception)
                {
                    throw;
                }
            }
        }
    }

Error:

 

 

Access to the path '~/uploads/getpo/getmrr/' is denied.
 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 
 
Exception Details: System.UnauthorizedAccessException: Access to the path '~/uploads/getpo/getmrr/' is denied. 
 
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user. 
 
To grant ASP.NET access to a file, right-click the file in File Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

 

I have checked and made sure the folder has r/w/w for IUSR_MACHINENAME. But randomely stopped working.

Any ideas?

Posted on Dec 29, 2015 02:47 AM

Hi,

You need to use Server.MapPath while creating directory.

C#

string getpono = "123";
string getmrr = "1258";
string getitem = "4875";
string getreqno = "1485";
for (int i = 0; i < Request.Files.Count; i++)
{
    string path1 = "~/uploads/" + getpono + "/" + getmrr + "/";
    string path2 = "~/uploads/" + getpono + "/" + getmrr + "/" + getitem + "/";

    HttpPostedFile postedFile = Request.Files[i];
    string uploadFolderName = Request.Files.AllKeys[i].Contains("puzzleImageArea") ? Server.MapPath(path1) : Server.MapPath(path2);
    if (postedFile.ContentLength > 0)
    {

        try
        {
            if (!System.IO.Directory.Exists(uploadFolderName)) { System.IO.Directory.CreateDirectory(uploadFolderName); }
            string fileName = Path.GetFileName(postedFile.FileName);
            postedFile.SaveAs(uploadFolderName + fileName);
        }
        catch (Exception)
        {
            throw;
        }
    }
}

VB

Dim getpono As String = "123"
Dim getmrr As String = "1258"
Dim getitem As String = "4875"
Dim getreqno As String = "1485"
For i As Integer = 0 To Request.Files.Count - 1
	Dim path1 As String = (Convert.ToString((Convert.ToString("~/uploads/") & getpono) + "/") & getmrr) + "/"
	Dim path2 As String = (Convert.ToString((Convert.ToString((Convert.ToString("~/uploads/") & getpono) + "/") & getmrr) + "/") & getitem) + "/"

	Dim postedFile As HttpPostedFile = Request.Files(i)
	Dim uploadFolderName As String = If(Request.Files.AllKeys(i).Contains("puzzleImageArea"), Server.MapPath(path1), Server.MapPath(path2))
	If postedFile.ContentLength > 0 Then

		Try
			If Not System.IO.Directory.Exists(uploadFolderName) Then
				System.IO.Directory.CreateDirectory(uploadFolderName)
			End If
			Dim fileName As String = Path.GetFileName(postedFile.FileName)
			postedFile.SaveAs(uploadFolderName & fileName)
		Catch generatedExceptionName As Exception
			Throw
		End Try
	End If
Next

 

I agree, here is the link: https://www.e-iceblue.com/Introduce/spire-office-for-net-free.html