hii
im listing files from directory..here is my code
i feel its nt a secure code
Is anyone knw secure code please let me knw
void Page_Load(object sender, EventArgs e)
{
string dirname = Session["projectid"].ToString();
string Path = Server.MapPath(".") + "\\" + dirname;
DirectoryInfo dirInfo = new DirectoryInfo(Path);
articleList.DataSource = dirInfo.GetFiles("*.*");
articleList.DataBind();
}
<asp:DataGrid runat="server" id="articleList" Font-Name="Verdana"
AutoGenerateColumns="False" AlternatingItemStyle-
BackColor="#eeeeee"
HeaderStyle-BackColor="Navy" HeaderStyle-ForeColor="White"
HeaderStyle-Font-Size="15pt" HeaderStyle-Font-Bold="True">
<Columns>
<asp:HyperLinkColumn DataNavigateUrlField="Name"
DataTextField="Name"
HeaderText="File Name" />
<asp:BoundColumn DataField="LastWriteTime" HeaderText="Last Write
Time"
ItemStyle-HorizontalAlign="Center" DataFormatString="{0:d}" />
<asp:BoundColumn DataField="Length" HeaderText="File Size"
ItemStyle-HorizontalAlign="Right"
DataFormatString="{0:#,### bytes}" />
</Columns>
</asp:DataGrid>
