欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

ASP.NET中如何检测一个图片是否是真实图片 防范病毒上传

程序员文章站 2023-02-28 15:28:18
主要是用来判断客户端上传的图片是否为真实的图片,以防病毒侵入,保证上传的文件的安全。   主要代码如下: 需要引用 [csharp] using system.io;  usi...

主要是用来判断客户端上传的图片是否为真实的图片,以防病毒侵入,保证上传的文件的安全。

 


主要代码如下:

需要引用

[csharp]
using system.io; 

using system.io;

[csharp]
public void uploadfile() 

try 
            {  
                httppostedfile postfile = request.files["file"];  
                string savepath = server.mappath("image/" + postfile.filename); 
                postfile.saveas(savepath);  
                filestream fs = new filestream(savepath, filemode.open, fileaccess.read); 
                binaryreader reader = new binaryreader(fs);  
                string fileclass;  
                byte buffer;  
                byte[] b = new byte[2];  
                buffer = reader.readbyte();  
                b[0] = buffer;  
                fileclass = buffer.tostring();  
                buffer = reader.readbyte();  
                b[1] = buffer;  
                fileclass += buffer.tostring();   
                reader.close();  
                fs.close(); 
                 
                if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780") 
                { 
                    //255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar   
                    //response.write("图片可用");   
                    //保存到中  
                }  
                else 
                {  
                    //response.write("图片非法");   
                    file.delete(savepath); //删除文件  
                    return;  
                }  
            }  
            catch (exception) 
            { //response.write("图片非法!");   
                return;  
                throw;  
            } 

public void uploadfile()
{
try
            {
                httppostedfile postfile = request.files["file"];
                string savepath = server.mappath("image/" + postfile.filename);
                postfile.saveas(savepath);
                filestream fs = new filestream(savepath, filemode.open, fileaccess.read);
                binaryreader reader = new binaryreader(fs);
                string fileclass;
                byte buffer;
                byte[] b = new byte[2];
                buffer = reader.readbyte();
                b[0] = buffer;
                fileclass = buffer.tostring();
                buffer = reader.readbyte();
                b[1] = buffer;
                fileclass += buffer.tostring(); 
                reader.close();
                fs.close();
               
                if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
                {
                    //255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
                    //response.write("图片可用");
                    //保存到数据库中
                }
                else
                {
                    //response.write("图片非法");
                    file.delete(savepath); //删除文件
                    return;
                }
            }
            catch (exception)
            { //response.write("图片非法!");
                return;
                throw;
            }
}
mvc 中的代码如下,在这里我返回的json格式,当然可以返回content或其他:

 

 

[csharp]
/// <summary>  
        /// 上传头像  
        /// </summary>  
        /// <param name="userid">用户编号</param>  
        /// <returns>json(-1表示异常,-2表示文件不合法)</returns>  
        [httppost]  
        public jsonresult uploadavatar(string userid) 
        { 
            //上传头像  
            string folderpath = "/upload/avatar/"; 
            //判断路径是否存在  
            if (!directory.exists(folderpath)) 
                directory.createdirectory(folderpath);//创建文件路径  
            httppostedfilebase uploadfile = request.files["avatars"]; 
            if (uploadfile != null) 
            { 
                string orifilename = uploadfile.filename;//原始文件名  
                string filename = userid + "_" + orifilename; 
                uploadfile.saveas(server.mappath(folderpath + filename)); 
                filestream fs = new filestream(server.mappath(folderpath + filename), filemode.open, fileaccess.read); 
                binaryreader reader = new binaryreader(fs); 
                string fileclass; 
                byte buffer; 
                byte[] b = new byte[2]; 
                buffer = reader.readbyte(); 
                b[0] = buffer; 
                fileclass = buffer.tostring(); 
                buffer = reader.readbyte(); 
                b[1] = buffer; 
                fileclass += buffer.tostring(); 
                reader.close(); 
                fs.close(); 
                if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780") 
                { 
                    //255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar   
                    //response.write("图片可用");   
                    //保存到数据库中  
                } 
                else 
                { 
                    
                    //response.write("图片非法");   
                    fileinfo f = new fileinfo(server.mappath(folderpath + filename)); 
                    f.delete(); //删除文件  
                    return json(-2, jsonrequestbehavior.allowget); 
                } 
                return json(server.htmlencode(folderpath + filename), jsonrequestbehavior.allowget); 
            } 
            return json(-1, jsonrequestbehavior.allowget); 
 
        } 

/// <summary>
        /// 上传头像
        /// </summary>
        /// <param name="userid">用户编号</param>
        /// <returns>json(-1表示系统异常,-2表示文件不合法)</returns>
        [httppost]
        public jsonresult uploadavatar(string userid)
        {
            //上传头像
            string folderpath = "/upload/avatar/";
            //判断路径是否存在
            if (!directory.exists(folderpath))
                directory.createdirectory(folderpath);//创建文件路径
            httppostedfilebase uploadfile = request.files["avatars"];
            if (uploadfile != null)
            {
                string orifilename = uploadfile.filename;//原始文件名
                string filename = userid + "_" + orifilename;
                uploadfile.saveas(server.mappath(folderpath + filename));
                filestream fs = new filestream(server.mappath(folderpath + filename), filemode.open, fileaccess.read);
                binaryreader reader = new binaryreader(fs);
                string fileclass;
                byte buffer;
                byte[] b = new byte[2];
                buffer = reader.readbyte();
                b[0] = buffer;
                fileclass = buffer.tostring();
                buffer = reader.readbyte();
                b[1] = buffer;
                fileclass += buffer.tostring();
                reader.close();
                fs.close();
                if (fileclass == "255216" || fileclass == "7173" || fileclass == "6677" || fileclass == "13780")
                {
                    //255216是jpg;7173是gif;6677是bmp,13780是png;7790是exe,8297是rar
                    //response.write("图片可用");
                    //保存到数据库中
                }
                else
                {
                  
                    //response.write("图片非法");
                    fileinfo f = new fileinfo(server.mappath(folderpath + filename));
                    f.delete(); //删除文件
                    return json(-2, jsonrequestbehavior.allowget);
                }
                return json(server.htmlencode(folderpath + filename), jsonrequestbehavior.allowget);
            }
            return json(-1, jsonrequestbehavior.allowget);

        }