1 person found this helpful
<cfdirectory...> to read the directory.
<cfoutput query="theDirectory"...>...</cfoutput> to output the results.
Inside the loop you would build HTML anchor <a ...> tags that link to the files found in that directory. How you build those links would depend are whether they are web accessible (http://...) or UNC accessible (file://...).
NOTE: Some browsers block some uses of the 'file;' protocol for links under their security models.
Now, the real question you are probably asking, but didn't, is how to ready a network directory. The default user that a ColdFusion service runs on under windows is the 'localSystem' account. This user account normally has no permissions to any network location. The solution is to either:
1) Give this user 'localSystem" account the desired network permissions (a generally bad idea),
2) Run the ColdFusion service as an existing domain user account that has the desired permissions to the network location (not a much better idea, but good for a brief 'proof of concept' test),
3) Create a domain user account for the ColdFusion service, give this account the desired permissions and modify the ColdFusion service to run with this user (the generally best practice idea).
The same issues generally apply to Unix installations except there is no default 'localSystem' account. When ColdFusion was installed, a user the ColdFusion dameon runs under was assigned by the installer. Give that user the desired permissions or change it to another user with them.
Thanks for the quick response. That gives me a solid way to approach this. I'm not familiar w/
<cfdirectory> as I'm used to <cfquery>. Just a quick follow up question. The site I'm creating will be in a secure app requiring a log in. After the user is authenticated they'll see the list of files in the directory as links. However, what's to prevent somebody from just entering the link w/out going through the log in? I guess what I'm asking is there a way to block access to the excel files from somebody who would know the URL and just type that in w/out going through the log in process?
There are two common approaches to that problem.
1) You can use the web server and|or the OS authentication and authorization mechinisms. The would normally require to not allow 'anomyous' login, but use one of the authentication methods supported by your web server of choice. Then the web server should be able to tell the OS who the user is and the OS can use that against the authoization data set on the files and or directories to see if that user is allows to access that file.
2) You can relocate the files to a directory that is outside the web root. In this case you would not offer links directly to the files themselves. Rather you would have links to a file delivery CFML code. This code would see what file is desired from the data in the link. It would fetch the file with <cffile...> functionality and the deliver the file with <cfcontent....> functionality. This solution allows all the authentication and authoization logic to reside in the CFML code base rather then invoking other technologies.
I'm having a bit of a brain-block moment here.
Can anyone help me with how to use cffile to copy a file so that when you click on the links generated in the following code it will fetch that file and allow it to be downloaded?
directory="#ExpandPath( './' )#"
<cftable query = "qfile">
<cfcol header = "name:"
text = "<a href = exports/#name#>#name#</A>">
1 person found this helpful
In response to your private message, to modify this to read from a secure location.
<cfdirectory action="list" directory="c://my/secure/path/" recurse="true" listinfo="name" name="qFile" filter="*.xls" /> <cftable query = "qfile"> <cfcol header = "name:" text = "<a href = "fileDelivery.cfm?file=#name#">#name#</A>"> </cftable>
Then in the fileDelivery.cfm file you would use a a <cfcontent...> tag to deliver that file as an attachement. You would probbly also want to use the <cfheader...> to give the file a proper #name#.xls name rather then "fileDeliver.cfm" which is what the browser would default to.
None of this code is tested, but this should be most of the pieces.
<cfheader name="content-disposition" value="attachment;filename=#url.file#"> <cfcontent type="application/msexel" file="c://my/secure/path/#url.file# deletefile="no">
I'm wondering if there are any 'best practices' for changing the coldfusion service from running as 'local system' to a 'domain account'. Does anyone have any pointers as far as how to emulate the local system w/out giving too much permission to the new domain account? As of now, when I switched over the service to the domain account on our test box none of the CF app's work anymore. I tried, for the hell of it, giving the domain account admin privaleges on the test web server with no luck as well.
actually making the domain account an administrator did work after a reboot. Obviously, this can't be the best solution.
Personally, I have never had this problem, and the majority of our ColdFusion services run as a domain account.
But here are two resources that discuss the ins and outs.
Running ColdFusion as a specific user