1. 首页
  2. 问答
  3. 文件格式检查,同时上传文件在C#

文件格式检查,同时上传文件在C#

2017-07-26 63 views
0

虽然文件上传我已经检查了以下事情文件格式检查,同时上传文件在C#

if !(strExtension == ".jpg" || strExtension == ".jpeg" || strExtension == ".pdf" || strExtension == ".png") 

    Send Error

这是工作的罚款,

但我有一个问题,如果有人上传了一个XLSX文件由刚改变其扩展名为jpg我的上传不会阻塞它,文件将被保存,这是一个xlsx文件

如何检查文件的来源。没有它的扩展。

感谢所有帮助

来源

2017-07-26 Parshuram Kalvikatte

+0

可能的重复[如何在c#中没有扩展名时检查文件类型](https://stackoverflow.com/questions/9747278/how-do-you-check-a-file-type-when - 有没有扩展在C - 锐) –

+0

[博客]:检查此问题https://stackoverflow.com/questions/58510/using-net-how-can-you-find-the-mime基于文件类型的文件签名/ 58570#58570 –

+0

检查此问题https://stackoverflow.com/questions/58510/using-net-how-can-you-find-所述-MIME类型对的一基于文件 - 上的文件的签名/ 58570#58570 –

回答

0

编辑:只需使用Mime Detective

我使用的字节数组序列来确定正确的MIME类型给定的文件。通过查看文件名的文件扩展名,这一点的优点是,如果用户要重命名文件以绕过某些文件类型上传限制,则文件扩展名将无法捕获该文件。另一方面,通过字节数组获取文件签名将停止发生恶作剧行为。

这是在C#中的例子:

public class MimeType 
{ 
    private static readonly byte[] BMP = { 66, 77 }; 
    private static readonly byte[] DOC = { 208, 207, 17, 224, 161, 177, 26, 225 }; 
    private static readonly byte[] EXE_DLL = { 77, 90 }; 
    private static readonly byte[] GIF = { 71, 73, 70, 56 }; 
    private static readonly byte[] ICO = { 0, 0, 1, 0 }; 
    private static readonly byte[] JPG = { 255, 216, 255 }; 
    private static readonly byte[] MP3 = { 255, 251, 48 }; 
    private static readonly byte[] OGG = { 79, 103, 103, 83, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0 }; 
    private static readonly byte[] PDF = { 37, 80, 68, 70, 45, 49, 46 }; 
    private static readonly byte[] PNG = { 137, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82 }; 
    private static readonly byte[] RAR = { 82, 97, 114, 33, 26, 7, 0 }; 
    private static readonly byte[] SWF = { 70, 87, 83 }; 
    private static readonly byte[] TIFF = { 73, 73, 42, 0 }; 
    private static readonly byte[] TORRENT = { 100, 56, 58, 97, 110, 110, 111, 117, 110, 99, 101 }; 
    private static readonly byte[] TTF = { 0, 1, 0, 0, 0 }; 
    private static readonly byte[] WAV_AVI = { 82, 73, 70, 70 }; 
    private static readonly byte[] WMV_WMA = { 48, 38, 178, 117, 142, 102, 207, 17, 166, 217, 0, 170, 0, 98, 206, 108 }; 
    private static readonly byte[] ZIP_DOCX = { 80, 75, 3, 4 }; 

    public static string GetMimeType(byte[] file, string fileName) 
    { 

     string mime = "application/octet-stream"; //DEFAULT UNKNOWN MIME TYPE 

     //Ensure that the filename isn't empty or null 
     if (string.IsNullOrWhiteSpace(fileName)) 
     { 
      return mime; 
     } 

     //Get the file extension 
     string extension = Path.GetExtension(fileName) == null 
           ? string.Empty 
           : Path.GetExtension(fileName).ToUpper(); 

     //Get the MIME Type 
     if (file.Take(2).SequenceEqual(BMP)) 
     { 
      mime = "image/bmp"; 
     } 
     else if (file.Take(8).SequenceEqual(DOC)) 
     { 
      mime = "application/msword"; 
     } 
     else if (file.Take(2).SequenceEqual(EXE_DLL)) 
     { 
      mime = "application/x-msdownload"; //both use same mime type 
     } 
     else if (file.Take(4).SequenceEqual(GIF)) 
     { 
      mime = "image/gif"; 
     } 
     else if (file.Take(4).SequenceEqual(ICO)) 
     { 
      mime = "image/x-icon"; 
     } 
     else if (file.Take(3).SequenceEqual(JPG)) 
     { 
      mime = "image/jpeg"; 
     } 
     else if (file.Take(3).SequenceEqual(MP3)) 
     { 
      mime = "audio/mpeg"; 
     } 
     else if (file.Take(14).SequenceEqual(OGG)) 
     { 
      if (extension == ".OGX") 
      { 
       mime = "application/ogg"; 
      } 
      else if (extension == ".OGA") 
      { 
       mime = "audio/ogg"; 
      } 
      else 
      { 
       mime = "video/ogg"; 
      } 
     } 
     else if (file.Take(7).SequenceEqual(PDF)) 
     { 
      mime = "application/pdf"; 
     } 
     else if (file.Take(16).SequenceEqual(PNG)) 
     { 
      mime = "image/png"; 
     } 
     else if (file.Take(7).SequenceEqual(RAR)) 
     { 
      mime = "application/x-rar-compressed"; 
     } 
     else if (file.Take(3).SequenceEqual(SWF)) 
     { 
      mime = "application/x-shockwave-flash"; 
     } 
     else if (file.Take(4).SequenceEqual(TIFF)) 
     { 
      mime = "image/tiff"; 
     } 
     else if (file.Take(11).SequenceEqual(TORRENT)) 
     { 
      mime = "application/x-bittorrent"; 
     } 
     else if (file.Take(5).SequenceEqual(TTF)) 
     { 
      mime = "application/x-font-ttf"; 
     } 
     else if (file.Take(4).SequenceEqual(WAV_AVI)) 
     { 
      mime = extension == ".AVI" ? "video/x-msvideo" : "audio/x-wav"; 
     } 
     else if (file.Take(16).SequenceEqual(WMV_WMA)) 
     { 
      mime = extension == ".WMA" ? "audio/x-ms-wma" : "video/x-ms-wmv"; 
     } 
     else if (file.Take(4).SequenceEqual(ZIP_DOCX)) 
     { 
      mime = extension == ".DOCX" ? "application/vnd.openxmlformats-officedocument.wordprocessingml.document" : "application/x-zip-compressed"; 
     } 

     return mime; 
    } 


}

通知我处理DOCX文件类型不同,因为DOCX真的只是一个ZIP文件。在这种情况下,我只需检查文件扩展名,一旦我确认它具有该序列。这个例子对于一些人来说还远远没有完成,但是你可以很容易地添加你自己的。

如果你想添加更多的MIME类型,你可以得到许多不同文件类型的字节数组序列from here。另外,有关文件签名的here is another good resource

如果一切都失败了,我会做很多次遍历我正在寻找的特定类型的几个文件,并在文件的字节序列中查找模式。最后,这仍然是基本验证,不能用于100%确定文件类型的证明。

来源

2017-07-26 05:58:03 Ravikumar

相关问题

 相关问题