Time to create our code for
showFile.asp. Remember, our first step is to verify that
the user has proper permissions to view the PDF file passed in:
Now, what comes after the
Else? Well, we've accomplished the first step, we've verified
that the user can view this file. Now we need to do two things: set the content type, and dump the
contents of the file.
Before I continue, let me take a step back and explain what Content Type is. When a web server sends
data to the client (a browser), it tells the browser what kind of data it is sending. This type
is known as Content Type. The browser takes this information and decides how to handle the incoming data.
If the content type is
image/gif, it runs the data through its GIF displayer. If the content
text/html, it runs the data through its HTML parser. To view all of the content types
your computer knows about, click on My Computer, then click on the View menu and go to Options.
You'll be shown a dialog box. Click on the File Types tab. Now, click on a file type, and you'll see
it's Content Type (MIME). The content type for PDF files is
Note that this value is passed in through the querystring to
showFile.asp. It is wise to
do it this way because we can now setup
showFile.asp to show ANY type of file. If you've
got text files you want to protect, we can do that; let's say you want to protect images, or wav files,
or html pages, or ANYTHING! WE CAN PROTECT IT!! :)
All we have to do is set the
Response.ContentType to the appropriate content type.
Pretty easy, eh? Since we're going to be dumping binary files to the user, we want to turn buffering on,
so that the user doesn't receive the data stream until the ASP page is finished executing. We can do
this by setting
Response.Buffer to true, like so:
We've only got one more task to perform, and that's to open the file, and dump its contents to the stream. To do this, we need to use a component, and I'm afraid the FileSystemObject just won't cut it, since it's not designed to handle binary files. We will use Software Artisans SA-FileManager V1.1. This is a free component, so go grab it. Once you have it installed, it is really easy to use. All we need to do is the following:
And that concludes
showFile.asp! Pretty straight forward, and a powerful way to protect
any type of file. To learn more about protecting files, be sure to check out
Protecting your Images. It protects images by only allowing
folks from a certain domain to view the image. Worth a read...
From alert reader Cynthia C.:|
"I found that the response.expires AND the
You may wish to edit your article to include the following page-protecting code, which I found was the only thing to truly force NO CACHING to work under IE:
Works like a dream!!!
Well, I hope this has enlightened you... Happy Programming!