开发者

File Upload in asp.net

问答 作者:

I am using FileUpload control to facilitat开发者_开发问答e Image file upload on my website. I want to restrict a user to upload only Image file. I am using 

 if (fupFirmLogo.PostedFile.ContentType == "image/Jpeg")
            { 

            }

to check if the file is a image or not. I want to allow all image extensions like PNG, GiF, Jpeg, tif , BMP etc. How should I do it.

you should use regular expression to validate that is an image or not, might be the better option

some thing like:

 public static bool IsValidImage(this string fileName)
    {           
        Regex regex = new Regex(@"(.*?)\.(jpg|JPG|jpeg|JPEG|png|PNG|gif|GIF|bmp|BMP)$");
        return regex.IsMatch(fileName);
    }

Then you check:

if (fupFirmLogo.FileName.IsValidImage())
{
    //Do your code
}
else
 {
    //Not a valid image
  }

You could define an array of known image types:

public static readonly string[] _imageMimeTypes = new[] { "image/jpeg", "image/png" };

and then test whether the posted content type is in this array:

if (_imageMimeTypes.Contains(fupFirmLogo.PostedFile.ContentType))
{
    // ...
}

I hope this will help you out. Try below code.

    Image uploadedImage = null;  
    if (ImageUpload.HasFile && ImageUpload.FileName != string.Empty && ImageUpload.FileContent.Length > 0)  
    {  
        try  
        {  
            uploadedImage = Image.FromStream(ImageUpload.PostedFile.InputStream);  
        }  
        catch (Exception ex)  
        {  
            lblUploadStatus.Text = "Selected file is not an image.<br />" + ex.Message;  
       }  

       if (uploadedImage != null)  
       {  
           string savePath = string.Format("{0}/{1}", Server.MapPath("~/images/orig/upload_temp"), ImageUpload.FileName);  
           uploadedImage.Save(savePath, ImageFormat.Jpeg);  
       }  
   }

The only problem with the solutions above is that the file will have to be uploaded to the server before you can check their file types.

If you put some Javascript in the onSubmit call, you can read the filename and test there, returning false if its not a valid file name.

This will be much more friendly on your bandwidth.

<form method="post" enctype="multipart/form-data" onsubmit="return submit(this)">
  <input id="inputControl" name="file" type="file" />
</form>

Then

function submit(form) {
  var fileName = $('#inputControl').val().replace(/.*(\/|\\)/, '');
  // check the filename here, return false if its not an image.
}

Checking file name against regex for matching image file extension is not appropriate. Hackers can use this functionality to promote their websites. I have personally experienced it. So, here is how you can make it certain that uploaded file is an image in VB.net:

  Public Function IsFileAnImage(ByRef uploadedFile As HttpPostedFile) As Boolean
    Try
      Dim uploadedImage As Drawing.Image = Drawing.Image.FromStream(uploadedFile.InputStream)
      uploadedImage.Dispose()
      Return True
    Catch
      Return False
    End Try
  End Function

I know this is old but just validate the content type. The content type is just a string. 

if (fupFirmLogo.PostedFile.ContentType.Contains("image/")
{ 
   //This is an Image
}
else
{
  //not and image
}

This will allow any file that has a content type starting with "image/" which is all images.

继续阅读:.netasp.netfile-upload

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9