Situation, a user MAY upload a file and MAY trigger the spam filter. If it does trigger the spam filter i save all the post data and show a captcha. If the 'bot' doesnt succeed by the time the session times out the HttpPostedFile data (which includes uploaded file) should discard.
情况,用户可以上传文件并可以触发垃圾邮件过滤器。如果它确实触发了垃圾邮件过滤器,我会保存所有帖子数据并显示验证码。如果'bot'在会话超时之前没有成功,那么HttpPostedFile数据(包括上传的文件)应该丢弃。
I am assuming i dont want to put the uploaded data into session (it is likely to be a few Kb but may be 20mb+). So how i store/discard this data efficiently and properly
我假设我不想将上传的数据放入会话中(可能是几Kb但可能是20mb +)。因此,我如何有效和正确地存储/丢弃这些数据
1 个解决方案
#1
Save the file in a safe directory (no permissions to execute or access from the site), probably with a guid as a filename, then store that guid in session. That way after your captcha you can go back and grab the file from the directory.
将文件保存在安全目录中(无权从站点执行或访问),可能使用guid作为文件名,然后将该guid存储在会话中。在你的验证码之后,你可以返回并从目录中获取文件。
You can clean up this directory on success / failures, or also run a job just to remove anything over a certain age.
您可以在成功/失败时清理此目录,也可以运行作业以删除超过特定年龄的任何内容。
#1
Save the file in a safe directory (no permissions to execute or access from the site), probably with a guid as a filename, then store that guid in session. That way after your captcha you can go back and grab the file from the directory.
将文件保存在安全目录中(无权从站点执行或访问),可能使用guid作为文件名,然后将该guid存储在会话中。在你的验证码之后,你可以返回并从目录中获取文件。
You can clean up this directory on success / failures, or also run a job just to remove anything over a certain age.
您可以在成功/失败时清理此目录,也可以运行作业以删除超过特定年龄的任何内容。