Description of "download.asp"

This script is used by all the download links. It takes two parameters, either as QueryString variables or Form variables, which give it the file name and indicate whether it should send the file "inline" or as an attachment.

The files are all in the same directory and the physical path is found by using Server.MapPath. It could have been hard coded instead. In this example the files are in a sibling directory. If a higher level of security was required they could be stored outside the web site directory structure which would prevent them from being accessed by a URL.

The file extension is found by taking the last 3 characters in the file name and this is used to set the Response.ContentType property. This tells the browser what type of file will follow.

The file is streamed by setting the FileName property to the full path and file name, and then calling the StreamFile method.

Response.Expires = 0
Response.Buffer = true

Set Download = Server.CreateObject("csFileDownload.Binfile")
Path = Server.MapPath("../notshared") & "\"
FileName = Path & Request("File")
Extension = Ucase(Right(FileName, 3))

Select Case Extension
  Case "ZIP" : MIME = "application/x-zip-compressed"
  Case "PDF" : MIME = "application/pdf"
  Case "GIF" : MIME = "image/gif"
  Case "JPG" : MIME = "image/jpeg"
  Case "HTM" : MIME = "text/html"
  Case "DOC" : MIME = "application/msword"
  Case "TXT" : MIME = "text/plain"
End Select

Response.ContentType = MIME
If Request("Attachment") = "True" Then
  Download.Attachment = true
  Download.Attachment = false
End If

Download.FileName = FileName

If any user verification was required, such as checking a password, it would be done before streaming the file. If any logs or database records needed updating they could be done at the end.

Return to the download page.