Using Microsoft's Posting Acceptor in ASP Pages
A Data Access Worldwide
White Paper
by Dennis Piccioni
August 25, 2000
Last Edited: August 2, 2005
The ability for browser users to upload files to a Web application is a feature that many developers may want to implement at some point. An example use for this might be an Intranet application where employees can share files.
Note: The Microsoft Posting Acceptor is no longer supported on newer operating systems, starting with Windows Server 2003. There are many controls available on the internet, JavaScript controls, for example, that you can use instead.
The first real life application I used the posting acceptor in is the in-house version of the Data Access Worldwide Technical Knowledge Base. This application, written using WebApp Server 2.1, allows Data Access Worldwide technical staff to author Knowledge Base articles from where ever they are in the world. Using the posting acceptor, article authors can add files to articles and the application moves the files to the correct location and adds links to the articles for each file.
This paper will show you how to install the Microsoft Posting Acceptor, how to prepare your IIS Server to use it and how to implement this component in ASP pages.
The Posting Acceptor is a free component of Microsoft Site Server that allows Internet Information Server (IIS) applications to accept file uploads from browser clients.
Microsoft's own documentation for using this component leaves much to be desired. I was only able to get the Posting Acceptor working after extensive research in the Microsoft Newsgroups, the Microsoft Knowledge Base and many third party Web sites, piecing together bits of information from all of them. I prepared this document so that you do not have to go through as much trouble as I did to get this powerful little component into your Web applications.
I successfully tested the Microsoft Posting Acceptor 1 on the following systems:
Preliminaries
Conclusion
<form>
</form>Specific code that is being discussed in the particular section of the document may be bolded to emphasize it.
Here are some brief explanations of terms that are used throughout this document. You are expected to be familiar with the terms that are not explained here (i.e. HTML, URL, localhost). I encourage you to find out more about any terms that you are not already familiar with. Information on just about anything discussed in this document is easily found using Web search engines and there are hundreds of books available on HTML, ASP, JavaScript and VBScript, the main technologies used here.
The scripts virtual directory is one of the default virtual directories installed with IIS. The physical location of this directory is usually right below the IIS installed default Web Site directory, such as:
X:\InetPub\Scripts
where X is the server drive on which IIS is installed
The virtual path refers to the path to a file or directory using its virtual directory pathing, as assigned using the Microsoft Management Console. This is the path used to access a file or directory using a Web browser (URL), as opposed to the physical path, which is the location of that file or directory on a disk drive.
For most intents and purposes, cpshost.dll is the Microsoft Posting Acceptor. This is the DLL that is the main component and that actually accepts and uploads the files from the client computer(s). Some additional files do get installed with the Posting Acceptor, but they are merely accessory and/or example script (ASP) pages.
The default Web site is the Web site that comes up in a browser on the local Web server by default, as installed when installing IIS from the Windows NT Option Pack is http://locahost/. The corresponding physical directory is
X:\Inetpub\wwwroot
where X is the server drive on which IIS is installed
Installation
Installing
the Microsoft Posting Acceptor The Microsoft Knowledge Base,
and all other pages I found on the Microsoft site that talk about Posting
Acceptor, point to an incorrect file (a Web Publishing Wizard update) as a
Posting Acceptor install and give incorrect information regarding the operating systems under which the component
can be installed. The Posting
Acceptor cannot be directly installed on Windows NT 4 Workstation (not directly anyway).
I'll show you how to
do this manually in the Installing
Posting Acceptor on Windows NT 4 Workstation section). You
can install the Microsoft Posting Acceptor on Windows NT 4 Server from the NT 4
Option Pack CD. Here are the steps to add Posting Acceptor to an existing IIS
installation:
Preparing
IIS to use the Posting Acceptor Next, you need to prepare your
IIS Server to use the Posting Acceptor. See the terms section for more information on the scripts virtual directory. Here are the steps for allowing
anonymous access to the scripts virtual directory: NOTE: The scripts
virtual directory is where the cpshost.dll file must reside. Create
a virtual directory for
uploaded files
On Windows NT 4 Server:
Start > Programs > Windows NT 4 Option Pack > Internet
Information Server > Internet Service Manager
On Windows NT 4 Workstation:
Start > Programs > Windows NT 4 Option Pack > Microsoft Personal
Web Server > Internet Service Manager
On Windows 2000:
Start > Control Panel > Administrative Tools > Internet Service
Manager
This may already be checked, if so, simply leave it as is.
This will be the directory into which the files are uploaded from the browser.
I recommend that you place this directory in one of the following locations:
- Somewhere below the default Web Site directory
For example:
X:\Inetpub\wwwroot\uploads
where X is the server drive on which IIS is installed- Somewhere below the virtual directory for your Web application
For example:
X:\MyWebApp\AppHtml\uploads
where X:\MyWebApp\AppHtml is the virtual directory for your Web application
- Start the Microsoft Management Console (Internet Service Manager)
On Windows NT 4 Server:
Start > Programs > Windows NT 4 Option Pack > Internet Information Server > Internet Service Manager
On Windows NT 4 Workstation:
Start > Programs > Windows NT 4 Option Pack > Microsoft Personal Web Server > Internet Service Manager- Select Default Web Site
- Right click and select New > Virtual Directory
- Enter the Alias to be used
This is the name this directory will be accessed by using the browser, so you will want to choose something meaningful and probably not excessively long- Enter or select the physical directory path (the one we just created above)
- When setting permissions for this new virtual directory, check the following:
Allow Read Access, Allow Script Access, Allow Write Access
We must allow write access, since this is the place to which we will upload files to.
Use the Windows Registry editor (regedit.exe) to do the following:
- Create (if it does not already exist) the Registry key HKey_Local_Machine/Software/Microsoft/WebPost/Acceptors/CPSHost
- To the above Registry key, add a DWord value named AllowAnonymous with value 1
- You must reboot the PC after this step
Installing Posting Acceptor on Windows NT 4 Workstation
You cannot directly install the Microsoft Posting Acceptor on Windows NT 4 Workstation, since Site Server is not one of the installation options when installing the NT 4 Option Pack on Windows NT 4 Workstation.
I, like many WebApp developers, want to be able to use this component on NT Workstation, since that is what I run on my laptop and where I do most of my testing & debugging before I deploy Web applications on an actual live server.
In my testing, I found that you can use the Microsoft Posting Acceptor on Windows NT 4 Workstation, you just need to install it manually. Here are the steps to accomplish this:
This includes cpshost.dll and a number of additional ASP files installed into the scripts virtual directory when installing Microsoft Posting Acceptor.
You can install the Microsoft Posting Acceptor on an NT 4 Server by following the steps in the section Installing the Microsoft Posting Acceptor and then copying the files installed on the NT Server to your NT Workstation.
Since these files are hard to come by (see section Download Troubles), I am including the files that worked for me on Windows NT 4 Workstation and Server with this White Paper (PostingAcceptorFiles.zip) The version of cpshost.dll included in this zip file is 6.1.27.0. Check with Microsoft regarding updates to this component and DLL.
Now, let's get started on
some coding.
Creating a file input
element in an HTML form
This
is the easy part; it's just plain HTML.
Inside of an HTML form, we can add a file input element using the <input> tag with the
TYPE attribute set
to "file": <form> Just using
this simple HTML code, you will see a window in your browser, followed by
a Browse button that, when clicked, brings up a dialog that allows you to select
a file on your local machine, and the path to the selected file is placed in the
window. Try it:
We can make this code a bit
fancier by specifying a size for the window to be large enough to hold a
longer path and adding some text telling the user what to do: <form> Here is the result:
NOTE:
A minor annoyance of the file input element is that the browse
button cannot be formatted, so depending on the looks of the rest of your page,
it may look somewhat out of place.
Setting the ENCTYPE
form attribute
HTML
specifications state that when using a file input element, the form's ENCTYPE
attribute should be set to "multipart/form-data". This isn't
really necessary right now, since we are just selecting a file, but once we
need to actually do something with that file (in the following sections of
this paper), it will be necessary. So, we add it: <form
enctype="multipart/form-data"> Now, once
we have selected a file, we get to the tricky part: getting the file from the
user's client computer and uploaded to the server.
There are several ways of doing
this:
We will use the Microsoft Posting
Acceptor, which uses the last method, a server side DLL call. Implementing
the Posting Acceptor in an ASP page As you have seen above, it
is simple to create a file input element in a form that allows the user to
select a file from the client computer. Now, let's get to the business of
doing something once that file is selected. In our case, we are going to
upload that file to the server. We'll start with the simple ASP page with a
form that we created in example 2. Then, we'll add
some other necessary features.
<input type="file">
</form>
Choose a file on your computer: <input type="file"
size="40">
</form>
Choose a file on your computer: <input type="file"
size="40">
</form>
Setting the form's method attribute to "POST" will allow the upload to start on any submit executed for this form.
<form enctype="multipart/form-data"
method="POST">
Choose a file on your computer: <input type="file"
size="40">
</form>
The action of the form must be the virtual path to cphost.dll, followed by ?PUBLISH
<form enctype="multipart/form-data"
method="POST" action="http://localhost/scripts/cphost.dll?PUBLISH">
Choose a file on your computer: <input type="file"
size="40">
</form>
Add an optional page for relocation to the action attribute
Following the ?PUBLISH, you can add another ? and the virtual path to another page that will load after the file upload is complete.
For this example, we'll use the repost.asp file, which comes with the Microsoft Posting director and is installed in the scripts virtual directory. This file is provided as an example of how to retrieve information about the uploaded file once the upload is complete.
<form enctype="multipart/form-data"
action="http://localhost/scripts/cpshost.dll?PUBLISH?http://localhost/scripts/repost.asp">
</form>
The value of this input element has to be the upload directory (the directory created in section Create a virtual directory for uploaded files). There is no need for the user to see this form element, so we'll make it a hidden form.
For this example, we'll assume the upload location is a directory called uploads, located immediately below the default Web Site directory.
<input type="hidden" name="TargetURL" value="http://localhost/uploads/">
A submit type form button
Since the form method is "POST", clicking any "submit" button in this form will start the upload.
<input type="submit" value="Upload">
Now we'll put together all of the needed items outlined above into a working example of an ASP page that allows uploading of a file from the client browser using the Microsoft Posting Acceptor.
<form enctype="multipart/form-data" method="POST" action="http://localhost/scripts/cphost.dll?PUBLISH?http://localhost/scripts/repost.asp">
Choose a file on your computer: <input type="file" size="40">
<input type="hidden" name="TargetURL" value="http://localhost/uploads/">
<input type="submit" value="Upload">
</form>An ASP page with this sample is provided with this paper as MSPAExample4.asp.
Using multiple forms in an ASP page
If you have a need for a form that processes a "GET" rather than a "POST", or need additional form processing (e.g. WebApp data entry) on the same page from which you are doing the file upload, you can place several forms on a single ASP page.
Using a different virtual directory for the cpshost.dll file
The Microsoft documentation tells you to place the Posting Acceptor dll (cpshost.dll) into the Scripts virtual directory. Depending on the security settings and requirements on your Web Server, you may want to place this file into another virtual directory. You can do so by simply creating a new virtual directory, with read and execute (including scripts) rights and anonymous access rights granted. If you do so, remember to change all references to the scripts directory in your ASP pages.
One problem with the Microsoft Posting Acceptor version 1 is that on upload there is no overwrite protection. If a file with the same name already exists in the upload target directory, it is simply replaced with the new one.
One way to get around this is to make the upload target directory only a temporary directory. You can upload a file to it, and then have another process move that file to the permanent directory. This is quite simple to do if you use WebApp Server.
Download
Troubles The first
place I ran into problems when trying to use the Microsoft Posting Acceptor was
trying to find out how and from where to actually install it. I read about this
component in numerous places I visited in my research, but all the links on the
Microsoft sites to the download for the Posting Acceptor pointed to a file that
installs an update for the Web Publishing Wizard, which does install on Windows
NT 4 Workstation, but does not install the files needed for the Posting
Acceptor.
Home of the WebApp Server product suite, the fastest tool for Web database
applications. Microsoft maintains an
extensive number of newsgroups to support its products. This is a good
technical resource, especially for getting tips from other developers (peer
support). This is also an excellent
technical resource: Knowledge Base and online support. If you develop in Windows or
using IIS & ASP, you should visit this site frequently. If you do any type of Web
development, this site is an invaluable resource. This is usually the first
place I go to find HTML and JavaScript documentation and examples. Contacting
Data Access Worldwide Data Access
Worldwide Data Access Worldwide - Asia Pacific Data Access Worldwide - Brasil Data Access Worldwide - Europe Data Access Technical
Support
Data Access Technical Knowledge
Base http://www.dataaccess.com/kbase Copyright Notice DataFlex is a registered trademark of Data
Access Corporation. NO LIABILITY FOR CONSEQUENTIAL DAMAGES
You can access the Technical White Papers from the Support section of the Data Access
Worldwide Web Site or directly at http://www.dataaccess.com/whitepapers.
14000 SW 119 Ave
Miami, FL
33186
305-238-0012
Domestic Sales: 800-451-3539
Fax:
305-238-0017
email: sales@dataaccess.com
Newsgroup Server:
news.dataaccess.com
Internet:
http://www.dataaccess.com
Suite 5, 333 Wantirna Road, Wantirna VIC 3152 Australia
Phone: +61 3 9800 4233 f: +61 3 9800 4255
Sales: asiapacific@DataAccess.com
Support: support.asiapacific@DataAccess.com
Internet: http://www.DataAccess.com/AsiaPacific
Av.Paulista, 1776 - 21st.Floor
São Paulo -SP - Brazil
CEP 01310-921
Phone: 5511-3262-2000
Fax 5511-3284-1579
Sales: info@dataaccess.com.br
Support: suporte@dataaccess.com.br
Internet: http://www.dataaccess.com.br
Lansinkesweg 4
7553 AE Hengelo
The Netherlands
Telephone: +31 74 - 255 56 09
Fax: +31 74 - 250 34 66
Sales: info@dataaccess.nl
Support: support@dataaccess.nl
Internet: http://www.dataaccess.nl
800-451-3539 / 305-232-3142
email: support@dataaccess.com
Visit our Support Home page to see all of our Support
options: http://www.dataaccess.com/support
Many answers to technical problems can be found
online in the Data Access Technical Knowledge Base. Here, you can access the
same live data that Data Access Worldwide technical support and development
staff use to
enter and track technical articles.
This document is property of Data
Access Corporation. With credit to Data Access Corporation for its authorship, you are encouraged to reproduce this
information in any format either on paper or electronically, in whole or in part. You may publish this paper as a stand
alone document within your own publications conditional on the maintenance of the intent, context, and
integrity of the material as it is presented here.
To the maximum extent permitted by applicable law, in no
event shall Data Access Corporation be liable for any special, incidental,
indirect, or consequential damages whatsoever (including, without limitation,
damages for loss of business profits, business interruption, loss of business
information, or any other pecuniary loss) arising out of the use of or inability
to use any information provided in this document, even if Data Access
Corporation has been advised of the possibility of such damages. Because some
states and jurisdictions do not allow the exclusion or limitation of liability
for consequential or incidental damages, the above limitation may not apply to
you.