2/07/2010

SharePoint: Prevent Accidental Overwrites when Uploading to a Library

This applies to both SharePoint 2007 and SharePoint 2010. The only difference is the page name, upload.aspx for SP 2007 and uploadex.aspx for SP 2010.

 

Problem… Users are uploading files and are accidentally overwriting existing files, or if versioning is enabled, accidentally adding a new version to the wrong file (one with the same name as the upload).

 

One possible solution would be to modify the upload.aspx page (uploadex.aspx in 2010) to change the default of the "Overwrite existing files" checkbox. This normally defaults to checked. (I tell people that "Overwrite existing files" is short for "Overwrite existing files and don't tell me that I'm about to destroy days of someone else's work")

        Click for full size

 

You will need access to the web servers…
The edit is simple, but you will be modifying a LAYOUTS page on the web server. This generally to avoided as it may get overwritten on the next service pack update, and the change must be part of your disaster recovery plan and these files are not backed up with the content databases.


That said... do the following at your own risk...

  1. On the web server (and this must be duplicated on each web server) drill down to the SharePoint 12 hive and find "12\TEMPLATE\LAYOUTS\upload.aspx".  (NOTE: for SharePoint 2010 edit uploadex.aspx)
     
  2. Play it safe and Right-click, Copy and Right-click Paste to make a backup!
  3. Open the file with Notepad. Search for "Overwritesingle" and just after that change "true" to "false"
        <asp:CheckBox id="OverwriteSingle" Checked="false" ...
     
  4. Search for "Overwritemultiple" and just after that change "true" to "false"
        <asp:CheckBox id="OverwriteMultiple" Checked="false" ...
  5. Save the file and go upload a file and see if it does what you want

This takes care of Upload and Upload Multiple.


Windows Explorer will prompt the user by default "This folder already contains a file named....", so that’s covered.

This edit will not impact email enabled libraries and overwrites or new versions are still possible.


One final note... the same checkbox is used for versioning and says "Add as a new version to existing files" instead of "Overwrite existing files". After the above edits if the user forgets to checkmark the box, they just get a "file exists" error.

 

 

.

13 comments:

Anonymous said...

Hi Mike,

Both upload.aspx and uploadex.aspx are available in 2010. Do you know what the difference is? I am trying to create a custom upload page by following this article - http://msdn.microsoft.com/en-us/library/cc713554.aspx - but I'm not having any success. Maybe you can shed some light?

Thanks.

Mike Smith said...

Anonymous...

upload.aspx is the "old style" page that would be used if you have not enabled the new style dialog boxes. uploadex.aspx is display in the new dialog boxes. (Think in terms of a complete master page for the old style version and a very minimal master page for the dialog box version.)

To cover all of the bases, update both.

Mike

Amy said...

Hi Mike,

Thank you for the quick response and the info about the two different pages.
I figured out what I was missing in my approach. The problem that I was having was that it looked like my custom upload page was never getting rendered properly. It turns out that in upload.aspx (the page I am inheriting from for my custom upload page) the code in the OnPreInit method is doing a Server.Transfer to the 'CustomUploadPage' property of the current Web if it is not empty. This property is set to '/_layouts/UploadEx.aspx' (by default I guess).
Thus, the URL showed my custom upload page URL, but it was actually uploadex.aspx that was getting rendered...
What I did was override OnPreInit and set the 'CustomUploadPage' property to an empty string so that the Server.Transfer doesn't occur and my custom upload page gets rendered as expected.
Still not sure this is a proper approach, but seems to work and I will post again if I find anything goes wrong.

Thanks again,
Amy

Mike Smith said...

Amy,

Thanks for the follow up. Keep us posted!

You are going to blog about your final solution aren't you? :-)

Mike

Anonymous said...

Hi AMy,
Could you please explain how did you overwrite OnPreint and set the 'CustomUploadPage' property to an empty string.

Thanks,
Viji

Mike Smith said...

Viji,

It looks like Amy, or someone with the same question, discussed it here:
http://social.technet.microsoft.com/Forums/br/sharepoint2010programming/thread/c8d005fc-6d27-4c9b-9622-023ca05c7e3d

Mike

Anonymous said...

Thanks Mike, it worked...

Anonymous said...

Hi and thanks for your useful post,
but I had similar problem in SharePoint 2010 and tried to modify uploadex.aspx. it didn't work but when I tried to modify upload.aspx. it words.

Anonymous said...

Hello,

I assume this would affect all libraries under the same site, correct? Would there be a way to single out one library in particular?

Thanks!

Mike Smith said...

Anonymous,

This edit would apply to all sites in all site collections in all web applications on the farm!

You could add some JavaScript to the page to look at the URL and set the checkbox based on the name of the site or library.

Mike

Anonymous said...

Thanks Mike, worked out well. I also added an inline style tag to the TR preceding this, and set the display to none, which removes the ability for someone to re-check the box!

Mark Richardson said...

Should the above information (editing the upload.aspx page to uncheck overwrite box) - also work in pretty much the same way for SharePoint 2013?

Or is anything different?

Mike Smith said...

Mark,

Yes, 2013 is the same. You will find both upload.aspx and uploadex.aspx in both the 14 and 15 hives...

C:\Program Files\Common Files\microsoft shared\Web Server Extensions\14\TEMPLATE\LAYOUTS

C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\TEMPLATE\LAYOUTS

Mike

Note to spammers!

Spammers, don't waste your time... all posts are moderated. If your comment includes unrelated links, is advertising, or just pure spam, it will never be seen.