To re-create the issue, steps are provided below:
1. Browse this link ->http://www.codeguru.com/csharp/.net/net_asp/article.php/c19297/Pure-ASP-File-Upload.htm.
2. Download fileuploader.zip as shown below.
3. Unzip the file and rename the uploadform.htm to uploadform.hta.
4. Update the code of uploadexmple.asp to specify the target file location.
5. Deploy on configured windows 2008 server that can run asp classic.
6. Open IE explorer and browse on Windows 2008 64 bit server or Windows 7 64 bit the deployed uploadform.hta with a USER (not administrator) login credential.
7. Upload a file. Expected it will display "File(s) not uploaded."
Is there any security setting that need to be configured to work on user credential?
Is there a way of file uploading without using Request.BinaryRead?
So far:
In Security internet/local zone it's enabled the Include local directory path when uploading files to a server.
When debugging the returned value of Request.TotalBytes it returns 0 value and Request.BinaryRead(Request.TotalBytes) is nothing. Meaning the uploaded data from client to server not posted/received.
Note: It is working if you browse it with administrator credential.