1. 首頁
  2. 問答
  3. 文件格式檢查,同時上傳文件在C#

文件格式檢查,同時上傳文件在C#

2017-07-26 39 views
0

雖然文件上傳我已經檢查了以下事情文件格式檢查,同時上傳文件在C#

if !(strExtension == ".jpg" || strExtension == ".jpeg" || strExtension == ".pdf" || strExtension == ".png") 

    Send Error

這是工作的罰款,

但我有一個問題,如果有人上傳了一個XLSX文件由剛改變其擴展名爲jpg我的上傳不會阻塞它,文件將被保存,這是一個xlsx文件

如何檢查文件的來源。沒有它的擴展。

感謝所有幫助

來源

2017-07-26 Parshuram Kalvikatte

+0

可能的重複[如何在c#中沒有擴展名時檢查文件類型](https://stackoverflow.com/questions/9747278/how-do-you-check-a-file-type-when - 有沒有擴展在C - 銳) –

+0

[博客]:檢查此問題https://stackoverflow.com/questions/58510/using-net-how-can-you-find-the-mime基於文件類型的文件簽名/ 58570#58570 –

+0

檢查此問題https://stackoverflow.com/questions/58510/using-net-how-can-you-find-所述-MIME類型對的一基於文件 - 上的文件的簽名/ 58570#58570 –

回答

0

編輯:只需使用Mime Detective

我使用的字節數組序列來確定正確的MIME類型給定的文件。通過查看文件名的文件擴展名,這一點的優點是,如果用戶要重命名文件以繞過某些文件類型上傳限制,則文件擴展名將無法捕獲該文件。另一方面,通過字節數組獲取文件簽名將停止發生惡作劇行爲。

這是在C#中的例子:

public class MimeType 
{ 
    private static readonly byte[] BMP = { 66, 77 }; 
    private static readonly byte[] DOC = { 208, 207, 17, 224, 161, 177, 26, 225 }; 
    private static readonly byte[] EXE_DLL = { 77, 90 }; 
    private static readonly byte[] GIF = { 71, 73, 70, 56 }; 
    private static readonly byte[] ICO = { 0, 0, 1, 0 }; 
    private static readonly byte[] JPG = { 255, 216, 255 }; 
    private static readonly byte[] MP3 = { 255, 251, 48 }; 
    private static readonly byte[] OGG = { 79, 103, 103, 83, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0 }; 
    private static readonly byte[] PDF = { 37, 80, 68, 70, 45, 49, 46 }; 
    private static readonly byte[] PNG = { 137, 80, 78, 71, 13, 10, 26, 10, 0, 0, 0, 13, 73, 72, 68, 82 }; 
    private static readonly byte[] RAR = { 82, 97, 114, 33, 26, 7, 0 }; 
    private static readonly byte[] SWF = { 70, 87, 83 }; 
    private static readonly byte[] TIFF = { 73, 73, 42, 0 }; 
    private static readonly byte[] TORRENT = { 100, 56, 58, 97, 110, 110, 111, 117, 110, 99, 101 }; 
    private static readonly byte[] TTF = { 0, 1, 0, 0, 0 }; 
    private static readonly byte[] WAV_AVI = { 82, 73, 70, 70 }; 
    private static readonly byte[] WMV_WMA = { 48, 38, 178, 117, 142, 102, 207, 17, 166, 217, 0, 170, 0, 98, 206, 108 }; 
    private static readonly byte[] ZIP_DOCX = { 80, 75, 3, 4 }; 

    public static string GetMimeType(byte[] file, string fileName) 
    { 

     string mime = "application/octet-stream"; //DEFAULT UNKNOWN MIME TYPE 

     //Ensure that the filename isn't empty or null 
     if (string.IsNullOrWhiteSpace(fileName)) 
     { 
      return mime; 
     } 

     //Get the file extension 
     string extension = Path.GetExtension(fileName) == null 
           ? string.Empty 
           : Path.GetExtension(fileName).ToUpper(); 

     //Get the MIME Type 
     if (file.Take(2).SequenceEqual(BMP)) 
     { 
      mime = "image/bmp"; 
     } 
     else if (file.Take(8).SequenceEqual(DOC)) 
     { 
      mime = "application/msword"; 
     } 
     else if (file.Take(2).SequenceEqual(EXE_DLL)) 
     { 
      mime = "application/x-msdownload"; //both use same mime type 
     } 
     else if (file.Take(4).SequenceEqual(GIF)) 
     { 
      mime = "image/gif"; 
     } 
     else if (file.Take(4).SequenceEqual(ICO)) 
     { 
      mime = "image/x-icon"; 
     } 
     else if (file.Take(3).SequenceEqual(JPG)) 
     { 
      mime = "image/jpeg"; 
     } 
     else if (file.Take(3).SequenceEqual(MP3)) 
     { 
      mime = "audio/mpeg"; 
     } 
     else if (file.Take(14).SequenceEqual(OGG)) 
     { 
      if (extension == ".OGX") 
      { 
       mime = "application/ogg"; 
      } 
      else if (extension == ".OGA") 
      { 
       mime = "audio/ogg"; 
      } 
      else 
      { 
       mime = "video/ogg"; 
      } 
     } 
     else if (file.Take(7).SequenceEqual(PDF)) 
     { 
      mime = "application/pdf"; 
     } 
     else if (file.Take(16).SequenceEqual(PNG)) 
     { 
      mime = "image/png"; 
     } 
     else if (file.Take(7).SequenceEqual(RAR)) 
     { 
      mime = "application/x-rar-compressed"; 
     } 
     else if (file.Take(3).SequenceEqual(SWF)) 
     { 
      mime = "application/x-shockwave-flash"; 
     } 
     else if (file.Take(4).SequenceEqual(TIFF)) 
     { 
      mime = "image/tiff"; 
     } 
     else if (file.Take(11).SequenceEqual(TORRENT)) 
     { 
      mime = "application/x-bittorrent"; 
     } 
     else if (file.Take(5).SequenceEqual(TTF)) 
     { 
      mime = "application/x-font-ttf"; 
     } 
     else if (file.Take(4).SequenceEqual(WAV_AVI)) 
     { 
      mime = extension == ".AVI" ? "video/x-msvideo" : "audio/x-wav"; 
     } 
     else if (file.Take(16).SequenceEqual(WMV_WMA)) 
     { 
      mime = extension == ".WMA" ? "audio/x-ms-wma" : "video/x-ms-wmv"; 
     } 
     else if (file.Take(4).SequenceEqual(ZIP_DOCX)) 
     { 
      mime = extension == ".DOCX" ? "application/vnd.openxmlformats-officedocument.wordprocessingml.document" : "application/x-zip-compressed"; 
     } 

     return mime; 
    } 


}

通知我處理DOCX文件類型不同,因爲DOCX真的只是一個ZIP文件。在這種情況下,我只需檢查文件擴展名,一旦我確認它具有該序列。這個例子對於一些人來說還遠遠沒有完成,但是你可以很容易地添加你自己的。

如果你想添加更多的MIME類型,你可以得到許多不同文件類型的字節數組序列from here。另外,有關文件簽名的here is another good resource

如果一切都失敗了,我會做很多次遍歷我正在尋找的特定類型的幾個文件,並在文件的字節序列中查找模式。最後,這仍然是基本驗證,不能用於100%確定文件類型的證明。

來源

2017-07-26 05:58:03 Ravikumar

相關問題

 相關問題