上传文件类型验证，防止伪造文件上传

最新推荐文章于 2021-03-10 13:45:56 发布

weixin_30739595

最新推荐文章于 2021-03-10 13:45:56 发布

阅读量226

点赞数

文章标签： php 前端 ui ViewUI

原文链接：http://www.cnblogs.com/glt3260053/archive/2012/06/06/2537929.html

版权

//验证类

using System;
using System.Collections.Generic;
using System.Web.UI.WebControls;
using System.IO;
namespace FileValidation
{
          public enum FileExtension
         {
                 JPG = 255216,
                 GIF = 7173,
                 BMP = 6677,
                 PNG = 13780
                  // 208207 doc
                  // 8075 docx
                  // 208207 xls
                  // 8075 xlsx
                  // 7368 mp3
                  // 4838 wma
                  // 7784 mid
                  // 255216 jpg;
                  // 7173 gif;
                  // 6677 bmp,
                  // 13780 png;
                  // 7790 exe dll,
                  // 8297 rar
                  // 6063 xml
                  // 6033 html
                  // 239187 aspx
                  // 117115 cs
                  // 119105 js
                  // 210187 txt
                  // 255254 sql
                  // 6787 swf
                  // 8075 zip
                  // 55122 7z

         }
          public class FileValidation
         {
static bool IsAllowedExtension() static bool IsAllowedExtension(FileUpload fu, FileExtension[] fileEx)
                 {
                          int fileLen = fu.PostedFile.ContentLength;
                          byte[] imgArray = new byte[fileLen];
                         fu.PostedFile.InputStream.Read(imgArray, 0, fileLen);
                         MemoryStream ms = new MemoryStream(imgArray);
                         System.IO.BinaryReader br = new System.IO.BinaryReader(ms);
                          string fileclass = "";
                          byte buffer;
                          try
                         {
                                 buffer = br.ReadByte();
                                 fileclass = buffer.ToString();
                                 buffer = br.ReadByte();
                                 fileclass += buffer.ToString();
                         }
                          catch
                         {
                         }
                         br.Close();
                         ms.Close();
                          foreach (FileExtension fe in fileEx)
                         {
                                  if (Int32.Parse(fileclass) == ( int)fe)
                                          return true;
                         }
                          return false;
                 }
         }
}

1 protected void Button1_Click( object sender, EventArgs e)
2     {
3          string filename = "";
4         Boolean fileOK = false;
5          if (FileUpload1.HasFile)
6         {
7             String fileExtension = System.IO.Path.GetExtension(FileUpload1.FileName).ToLower();
8             String[] allowedExtensions = { " .gif ", " .png ", " .jpeg ", " .jpg " };
9              for ( int i = 0; i < allowedExtensions.Length; i++)
10             {
11                  if (fileExtension == allowedExtensions[i])
12                 {
13                     fileOK = true;
14                 }
15             }
16         }
17
18         FileExtension[] fe = { FileExtension.BMP, FileExtension.GIF, FileExtension.JPG, FileExtension.PNG };
19          if (fileOK && FileValidation.IsAllowedExtension(FileUpload1, fe))
20         {
21              string fileExt = System.IO.Path.GetExtension(FileUpload1.FileName).ToLower();
22             filename = " Images/ " + DateTime.Now.ToString( " yyyyMMddHHmmss ") + fileExt;
23             FileUpload1.PostedFile.SaveAs(Server.MapPath(filename));
24         }
25          else
26         {
27             Response.Write( " <script>alert('只支持以下格式的图片\\rJPG,BMP,GIF,PNG！');</script> ");
28              return;
29         }
30
31     }
32 }

转载于:https://www.cnblogs.com/glt3260053/archive/2012/06/06/2537929.html