Now we get into the good stuff. This example uses a file streaming component to give a more full-featured experience.

    Security features include a "ceiling" to keep users within the desired directory structure, as well as a file size limit (set by a property in SA File-Up, or your preferred upload component).

Try it here.     Download it here (~8kb).

Updates:

6/28/2002: Another security hole patched
    A path check was missing from docOpen.asp, letting users climb into other folders accessible to the anonymous web user account; this has now been corrected (thanks, Gluck, for bringing this to my attention).

3/16/2002: Security hole patched
    In previous versions, users could climb above the administrator-defined "ceiling" by using the "../" switch in the URL. This is now precluded by an additional security check.

12/31/2001: v1.3 -- Filtering capability
    Keep crucial files away from prying eyes; filter by file extension with a simple delimited list. Filter by inclusion (hide specific files) or exclusion (hide all but specific files).
    Directory filtering by leading character is supported as well.

9/12/2000: The source code is here!
    Simply extract the zipfile into the desired folder under your web root -- remembering to check the "Use Folder Names" option -- and change the necessary variables at the top of browser.asp. Then start browsing! Remember if you're going to use the Delete function that you should be *very* careful with the ceiling you give your users.
    Stay tuned for future enhancements...