关闭

asp.net(c#)上传文件时检测文件类型方法小结

2360人阅读 评论(0) 收藏 举报

上传文件检测类型到目前为止我只看到过两种,第一种是检测文件的后缀名;第二种是检测文件的头部编码,不同类型文件的头部编码是不一样的(不知道这样说恰当不,有错误希望大家指出),比如255216是jpg;7173是gif;6677是BMP,13780是PNG;7790是exe,8297是rar...这篇文章代码多有参考网络,特此说明.

前台文件:两种方法的前台文件是一样的.

<%@ Page Language="C#" AutoEventWireup="true"   CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
     <title>无标题页</title>
</head>
<body>
     <form id="form1" runat="server">
     <div>
         <asp:FileUpload ID="FileUpload1" runat="server" />
         <asp:Button ID="btn_upload" runat="server" OnClick="btn_upload_Click" Text="上传" />
     </div>
     </form>
</body>
</html>


后台文件:

第一种方法:安全性相对第二种低,把文本文件1.txt改成1.jpg照样可以上传,但其实现方法容易理解,实现也简单,所以网上很多还是采取这种方法.

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class _Default : System.Web.UI.Page
{
     protected void Page_Load(object sender, EventArgs e)
     {

     }
     protected void btn_upload_Click(object sender, EventArgs e)
     {
         Boolean fileOk = false;
         string path = Server.MapPath("~/images/");
         //判断是否已经选取文件
         if (FileUpload1.HasFile)
         {
             //取得文件的扩展名,并转换成小写
             string fileExtension = System.IO.Path.GetExtension(FileUpload1.FileName).ToLower();
             //限定只能上传jpg和gif图片
             string[] allowExtension = { ".jpg", ".gif" };
             //对上传的文件的类型进行一个个匹对
             for (int i = 0; i < allowExtension.Length; i++)
             {
                 if (fileExtension == allowExtension[i])
                 {
                     fileOk = true;
                     break;
                 }
             }
         }
         else
         {
             Response.Write("<script>alert('你还没有选择文件');</script>");
         }
         //如果扩展名符合条件,则上传
         if (fileOk)
         {
             FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
             Response.Write("<script>alert('上传成功');</script>");
         }
         else
         {
         }

     }
}

第二种方法,可以实现真正意义上的文件类型判断,推荐使用这种方法.

 

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class _Default : System.Web.UI.Page
{
     protected void Page_Load(object sender, EventArgs e)
     {

     }
     protected void btn_upload_Click(object sender, EventArgs e)
     {
         try
         {
             //判断是否已经选取文件
             if (FileUpload1.HasFile)
             {
                 if (IsAllowedExtension(FileUpload1))
                 {
                     string path = Server.MapPath("~/images/");
                     FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
                     Response.Write("<script>alert('上传成功');</script>");
                 }
                 else
                 {
                     Response.Write("<script>alert('您只能上传jpg或者gif图片');</script>");
                 }

             }
             else
             {
                 Response.Write("<script>alert('你还没有选择文件');</script>");
             }
         }
         catch (Exception error)
         {
             Response.Write(error.ToString());
         }
     }
     //真正判断文件类型的关键函数
     public static bool IsAllowedExtension(FileUpload hifile)
     {
         System.IO.FileStream fs = new System.IO.FileStream(hifile.PostedFile.FileName, System.IO.FileMode.Open, System.IO.FileAccess.Read);
         System.IO.BinaryReader r = new System.IO.BinaryReader(fs);
         string fileclass = "";
         byte buffer;
         try
         {
             buffer = r.ReadByte();
             fileclass = buffer.ToString();
             buffer = r.ReadByte();
             fileclass += buffer.ToString();

         }
         catch
         {

         }
         r.Close();
         fs.Close();
         if (fileclass == "255216" || fileclass == "7173")//说明255216是jpg;7173是gif;6677是BMP,13780是PNG;7790是exe,8297是rar
         {
             return true;
         }
         else
         {
             return false;
         }

     }
}

 
0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:823074次
    • 积分:9281
    • 等级:
    • 排名:第1956名
    • 原创:32篇
    • 转载:476篇
    • 译文:0篇
    • 评论:97条
    最新评论
    电子商务网站导航点评