ASP.NET中如何检测一个图片是否是真实图片 防范病毒上传
主要是用来判断客户端上传的图片是否为真实的图片,以防病毒侵入,保证上传的文件的安全。
主要代码如下:
需要引用
[csharp]
using system.io;
using system.io;
[csharp]
public void uploadfile()
{
try
{
httppostedfile postfile = request.files["file"];
string savepath = server.mappath("image/" + postfile.filename);
postfile.saveas(savepath);
filestream fs = new filestream(savepath, filemode.open, fileaccess.read);
binaryreader reader = new binaryreader(fs);
string fileclass;
byte buffer;
byte[] b = new byte[2];
buffer = reader.readbyte();
b[0] = buffer;
fileclass = buffer.tostring();
buffer = reader.readbyte();
b[1] = buffer;
fileclass += buffer.tostring();
reader.close();
fs.close();
if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
{
//255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
//response.write("图片可用");
//保存到中
}
else
{
//response.write("图片非法");
file.delete(savepath); //删除文件
return;
}
}
catch (exception)
{ //response.write("图片非法!");
return;
throw;
}
}
public void uploadfile()
{
try
{
httppostedfile postfile = request.files["file"];
string savepath = server.mappath("image/" + postfile.filename);
postfile.saveas(savepath);
filestream fs = new filestream(savepath, filemode.open, fileaccess.read);
binaryreader reader = new binaryreader(fs);
string fileclass;
byte buffer;
byte[] b = new byte[2];
buffer = reader.readbyte();
b[0] = buffer;
fileclass = buffer.tostring();
buffer = reader.readbyte();
b[1] = buffer;
fileclass += buffer.tostring();
reader.close();
fs.close();
if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
{
//255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
//response.write("图片可用");
//保存到数据库中
}
else
{
//response.write("图片非法");
file.delete(savepath); //删除文件
return;
}
}
catch (exception)
{ //response.write("图片非法!");
return;
throw;
}
}
mvc 中的代码如下,在这里我返回的json格式,当然可以返回content或其他:
[csharp]
/// <summary>
/// 上传头像
/// </summary>
/// <param name="userid">用户编号</param>
/// <returns>json(-1表示异常,-2表示文件不合法)</returns>
[httppost]
public jsonresult uploadavatar(string userid)
{
//上传头像
string folderpath = "/upload/avatar/";
//判断路径是否存在
if (!directory.exists(folderpath))
directory.createdirectory(folderpath);//创建文件路径
httppostedfilebase uploadfile = request.files["avatars"];
if (uploadfile != null)
{
string orifilename = uploadfile.filename;//原始文件名
string filename = userid + "_" + orifilename;
uploadfile.saveas(server.mappath(folderpath + filename));
filestream fs = new filestream(server.mappath(folderpath + filename), filemode.open, fileaccess.read);
binaryreader reader = new binaryreader(fs);
string fileclass;
byte buffer;
byte[] b = new byte[2];
buffer = reader.readbyte();
b[0] = buffer;
fileclass = buffer.tostring();
buffer = reader.readbyte();
b[1] = buffer;
fileclass += buffer.tostring();
reader.close();
fs.close();
if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
{
//255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
//response.write("图片可用");
//保存到数据库中
}
else
{
//response.write("图片非法");
fileinfo f = new fileinfo(server.mappath(folderpath + filename));
f.delete(); //删除文件
return json(-2, jsonrequestbehavior.allowget);
}
return json(server.htmlencode(folderpath + filename), jsonrequestbehavior.allowget);
}
return json(-1, jsonrequestbehavior.allowget);
}
/// <summary>
/// 上传头像
/// </summary>
/// <param name="userid">用户编号</param>
/// <returns>json(-1表示系统异常,-2表示文件不合法)</returns>
[httppost]
public jsonresult uploadavatar(string userid)
{
//上传头像
string folderpath = "/upload/avatar/";
//判断路径是否存在
if (!directory.exists(folderpath))
directory.createdirectory(folderpath);//创建文件路径
httppostedfilebase uploadfile = request.files["avatars"];
if (uploadfile != null)
{
string orifilename = uploadfile.filename;//原始文件名
string filename = userid + "_" + orifilename;
uploadfile.saveas(server.mappath(folderpath + filename));
filestream fs = new filestream(server.mappath(folderpath + filename), filemode.open, fileaccess.read);
binaryreader reader = new binaryreader(fs);
string fileclass;
byte buffer;
byte[] b = new byte[2];
buffer = reader.readbyte();
b[0] = buffer;
fileclass = buffer.tostring();
buffer = reader.readbyte();
b[1] = buffer;
fileclass += buffer.tostring();
reader.close();
fs.close();
if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
{
//255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
//response.write("图片可用");
//保存到数据库中
}
else
{
//response.write("图片非法");
fileinfo f = new fileinfo(server.mappath(folderpath + filename));
f.delete(); //删除文件
return json(-2, jsonrequestbehavior.allowget);
}
return json(server.htmlencode(folderpath + filename), jsonrequestbehavior.allowget);
}
return json(-1, jsonrequestbehavior.allowget);
}