One, the security is relatively low, the text file 1.txt to 1.jpg can also be uploaded, but its implementation method is easy to understand, the implementation is simple, so many online or take this method.
Boolean fileOk = false; String path = Server.MapPath ("~/images/"); Determine if the file has been selected if (fileupload1.hasfile) {//Get the file extension and convert to lowercase string fileextension = System.IO.Path.GetExtension (fileupload1.filename). ToLower (); Limit upload only jpg and GIF images string[] allowextension = {". jpg", ". gif"}; The type of the uploaded file is a pair of int j = 0; for (int i = 0; i < allowextension.length; i++) {if (fileextension = = Allowextension[i]) {fileOk = true; Return } else {j + +; }} if (J > 0) {Response.Write (' <script>alert (' file format incorrect ') ;</script> "); Return }} else {response.write ("<script> alert (' You have not selected file ');</script> "); Return }//If the extension is eligible, upload if (fileOk) {FileUpload1.PostedFile.SaveAs (path + fileupload1.f Ilename); Response.Write ("<script>alert (' upload success ');</script>"); }
Second, does not detect the file suffix but detects the file MIME content type.
Boolean fileOk = false; String path = Server.MapPath ("~/images/"); Determines whether a file has been selected if (fileupload1.hasfile) { //Gets the file MIME content type String type = this. FileUpload1.PostedFile.ContentType.ToLower (); if (type. Contains ("image") ///Picture MIME type is "Image/xxx", here only to determine whether the picture. { fileOk = true; } else { Response.Write ("<script>alert (' malformed ') </script>");} } else { Response.Write ("<script>alert (' You have not selected file ');</script>"); } If the extension is eligible, upload if (fileOk) { FileUpload1.PostedFile.SaveAs (path + fileupload1.filename); Response.Write ("<script>alert (' upload success ');</script>"); }
Three, can realize the true sense of file type judgment
try {//To determine if the file has been selected if (fileupload1.hasfile) {i F (isallowedextension (FileUpload1)) {String path = Server.MapPath ("~/images/"); FileUpload1.PostedFile.SaveAs (path + fileupload1.filename); Response.Write ("<script>alert (' upload success ');</script>"); } else {Response.Write (' <script>alert (' You can only upload jpg or gif pictures ');</script> "); }} else {response.write (' <script>alert (' You have not selected a file ' );</script> "); }} catch (Exception error) {Response.Write (Error). ToString ()); } #endregion}//the key function to truly determine the file type public static bool Isallowedextension (FileUpload hifile) { System.IO.FileStream fs = new System.IO.FileStream (hifile. Postedfile.filename, System.IO.FileMode.Open, System.IO.FileAccess.Read); System.IO.BinaryReader r = new System.IO.BinaryReader (FS); String fileclass = ""; The bit length here is to be judged specifically. byte buffer; try {buffer = R.readbyte (); Fileclass = buffer. ToString (); Buffer = R.readbyte (); Fileclass + = buffer. ToString (); } catch {} r.close (); Fs. Close (); if (Fileclass = = "255216" | | fileclass = = "7173")//Description 255216 is jpg;7173 is gif;6677 is bmp,13780 is png;7790 is exe,8297 is rar { return true; } else {return false; } }