Top ASP 101 Stories What is Adovbs.inc and Why Do I Need It? An Overview of ASP.NET Connections, Commands, And Procedures QUICK TIP: ASP and Personal Web Server Show All Tips >>  ASP 101 Updates

A No-Frills Text File Editor

There are times when it's nice to have a full blown development environment like Visual Studio to mangage your site with, but there are also times when a simple little web app fits the bill perfectly. That's the idea behind the code in this article. Adding a tool like this to your site's administration area can really be a godsend when you're on the road and need to make a change. Sometimes it's the little things that really make your day.

The User Interface

The user interface is as bare-bones as I could make it and consists of a TextBox for the filename, two buttons, and a text area where you can edit the file's contents.

The Code

The code involved is just as simple. Aside from some very simplistic error handling, there are really only two lines of code -- one for each button! So without any further delay, here's the code listing:

<%@ Page Language="VB" ValidateRequest="false" %>
<%@ Import Namespace="System.IO" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
    Protected Sub btnLoadFile_Click(ByVal sender As Object, ByVal e As System.EventArgs)
        Try
            txtFileText.Text = File.ReadAllText(Server.MapPath(txtFileName.Text))
        Catch ex As Exception
            Response.Write("Error: You probably specified a file that doesn't exist!")
            Response.Write("<br />")
            Response.Write(ex.InnerException)
            Response.Write("<br />")
            Response.Write(ex.Message)
            Response.Write("<br />")
            Response.Write(ex.ToString)
            Response.Write("<br />")
        End Try
    End Sub

    Protected Sub btnSaveFile_Click(ByVal sender As Object, ByVal e As System.EventArgs)
        File.WriteAllText(Server.MapPath(txtFileName.Text), txtFileText.Text)
    End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>File Editor</title>
</head>
<body>
    <form id="myForm" runat="server">
    <div>
        Filename: <asp:TextBox ID="txtFileName" runat="server" />
        <asp:Button ID="btnLoadFile" runat="server" Text="Load File"
            onclick="btnLoadFile_Click" />
        <asp:Button ID="btnSaveFile" runat="server" Text="Save File"
            onclick="btnSaveFile_Click" />
        <br />
        <asp:TextBox ID="txtFileText" runat="server"
            Columns="100"
            Rows="40"
            TextMode="MultiLine"
        />
    </div>
    </form>
</body>
</html>

You'll notice I've highlighted three things in red. The second and third are the two lines of code that do the real work. They read the file's contents from the server's file system and write the changed text back to the file when we're done editing it. The other highlighted section is the ValidateRequest property. Since the point of this script is to edit HTML and ASP.NET files, we need to tell .NET that it's alright that we'll be posting some scary looking data via the the form. By setting ValidateRequest to false, we tell ASP.NET not to examine input from the browser for dangerous values.

Using the Script

While it's extremely simple, there are a couple things of which you should be aware.

Security

As simple as this script it, it is just as dangerous. While the user will need NTFS permissions to write to any files they wish to edit via this script, that's the only level of control. There are no confirmation dialog boxes or file system browsing capabilities. The script doesn't care if you spell something wrong and is perfectly happy to overwrite any file within your Web site with no warning at all.

The script also makes no distinction between text and binary files -- despite the fact that it is only designed to handle plain text. This means that while opening an image file with it may be amusing, clicking the "Save File" button will destroy the file... so don't do it.

Which brings up another point... any file you can reference from your site, can probably be accessed via the script. This includes things in virtual directories, parent folders (using ..), etc.

Creating a File

Creating a file is as simple as typing a name in the "Filename:" textbox, typing the file contents into the text area, and clicking the "Save File" button. That's it.

Copying a File

Type the path to the file you want to copy into the "Filename:" textbox and click the "Load File" button. This will load the file's contents into the textarea. Now simply change the file name in the text box and click the "Save File" button.

Deleting a File

While it's simple to overwrite a file, as it stands the script offers no way to delete a file altogether.

Conclusion

Okay, so it's not the most exciting script around, but you never know when something like this will come in handy. Sure you've got Visual Studio on your laptop (which you never leave home without), but what happens when your laptop dies? When things get tough and you find yourself at a Kinko's in the middle of the night with nothing but a Web browser, a tool like this isn't such a bad thing to have in your arsenal. Just make sure you use it carefully.