ASP.NET上传判断类型,防止黑客上传非法文件
using System;
using System.Collections.Generic;
using System.Web.UI.WebControls;
using System.IO;
namespace 0x001.Pack
{
public enum FileExtension
{
JPG = 255216,
GIF = 7173,
BMP = 6677,
PNG = 13780
// 255216 jpg;
// 7173 gif;
// 6677 bmp,
// 13780 png;
// 7790 exe dll,
// 8297 rar
// 6063 xml
// 6033 html
// 239187 aspx
// 117115 cs
// 119105 js
// 210187 txt
//255254 sql
}
public class FileValidation
{
static bool IsAllowedExtension() static bool IsAllowedExtension(FileUpload fu, FileExtension[] fileEx)
{
int fileLen = fu.PostedFile.ContentLength;
byte[] imgArray = new byte[fileLen];
fu.PostedFile.InputStream.Read(imgArray, 0, fileLen);
MemoryStream ms = new MemoryStream(imgArray);
System.IO.BinaryReader br = new System.IO.BinaryReader(ms);
string fileclass = "";
byte buffer;
try
{
buffer = br.ReadByte();
fileclass = buffer.ToString();
buffer = br.ReadByte();
fileclass += buffer.ToString();
}
catch
{
}
br.Close();
ms.Close();
foreach (FileExtension fe in fileEx)
{
if (Int32.Parse(fileclass) == (int)fe)
return true;
}
return false;
&nbs
下一篇:Cookies 注入详解与指令