When you have to work with complex directors and file structures, you need objects and methods to manipulate them, and ASP has several such built-in options.

In order to work with the files and folders from your web server, you have the FileSystemObject. It can manipulate files, folders, directory paths and retrieve information about them. The drives you work with can be the hard disk, or removable disks, such as a CDRom or a Floppy Disk unit, and even a network drive.

Before you start using this object, keep in mind that it's not 100% secure. After all, the applications created modify the files existing on your server, and may cause quite major safety glitches, so make sure you use passwords to protect your applications. Also, try not to make them public. For the same reasons, some (quite a few) web hosting companies do not support this object, so check with your host to see if you are allowed to use it.

The FileSystemObject has a property called Drives, which returns the drives available for the computer:

var fso;

fso = new ActiveXObject("Scripting.FileSystemObject");

drives = fso.Drives;

Note that the result is not a single object, but a collection of drives. If you want to display all of them, you can use a for loop. You can also check to see if a file exists on the server:

var fso;

fso = new ActiveXObject("Scripting.FileSystemObject");

if(fso.FileExists("c:\windows\1.txt"))

{

Response.Write("Found file!");

}

else

{

Response.Write("Files does not exist.");

}

This little piece of script checks if file called "1.txt" exists in the windows folder on the server, and prints the results. Note that, when you are done, you have to explicitly remove the file from the memory of the server by using the keyword "nothing".

There are more methods available for the FileSystemObject. We will list here some of them, with their respective parameters, but remember that they can be dangerous, if not used correctly, and you may delete or "misplace" important files on your server for good:

DeleteFolder (name, force) - deletes the designated folder. The name indicates the name of the folder, while force indicates its behavior towards read-only folders and files. If the force attribute is set to true, than these files and folders will also be deleted.

MoveFolder(source, destination) – moves the folder from the source path to the destination path

BuildPath(path, name) – adds the file or folder indicated by the name to the respective path

GetParentFolderName(name) – pretty obvious, returns the name of the parent folder

Much in the same way, there are methods for working with files, which work exactly like those described above, for the folders:

CopyFile(source, destination, overwrite)

DeleteFile(name, force)

FileExists(name)

GetFile(name)

MoveFile(source, destination)

In addition, you can create and open a file:

CreateTextFile (name, overwrite) – creates a new text file with the given name. The overwrite parameter, set to true, means that it will overwrite a file with the same name, if this already exists.

OpenTextFile(name, create, format) – not only opens the file, but also returns at TextStream object that you can use to access the file.

As you probably figured it out by now, there are methods for working with Drives as well, in the same intuitive manner:

DriveExists (name) - returns the value true if the designated driver exists, and the false value if it doesn't

GetDrive(name) - returns a reference to the specified drive object

You can understand now why leaving these applications unprotected can be dangerous. At the same time, you will be faced with situations when many users have to access files or folders from your web server, and maybe even all of them at the same time. We'll see how you can handle that.