asp.net(c#)上傳文件時檢測文件類型方法小結

上傳文件檢測類型到目前爲止我只看到過兩種,第一種是檢測文件的後綴名;第二種是檢測文件的頭部編碼,不同類型文件的頭部編碼是不一樣的(不知道這樣說恰當不,有錯誤希望大家指出),比如255216是jpg;7173是gif;6677是BMP,13780是PNG;7790是exe,8297是rar...這篇文章代碼多有參考網絡,特此說明.
前臺文件:兩種方法的前臺文件是一樣的.
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>無標題頁</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:FileUpload ID="FileUpload1" runat="server" />
<asp:Button ID="btn_upload" runat="server" Text="上傳" />
</div>
</form>
</body>
</html>

後臺文件:
第一種方法:安全性相對第二種低,把文本文件1.txt改成1.jpg照樣可以上傳,但其實現方法容易理解,實現也簡單,所以網上很多還是採取這種方法.
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btn_upload_Click(object sender, EventArgs e)
{
Boolean fileOk = false;
string path = Server.MapPath("~/images/");
//判斷是否已經選取文件
if (FileUpload1.HasFile)
{
//取得文件的擴展名,並轉換成小寫
string fileExtension = System.IO.Path.GetExtension(FileUpload1.FileName).ToLower();
//限定只能上傳jpg和gif圖片
string[] allowExtension = { ".jpg", ".gif" };
//對上傳的文件的類型進行一個個匹對
for (int i = 0; i < allowExtension.Length; i++)
{
if (fileExtension == allowExtension)
{
fileOk = true;
break;
}
}
}
else
{
Response.Write("<script>alert('你還沒有選擇文件');</script>");
}
//如果擴展名符合條件，則上傳
if (fileOk)
{
FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
Response.Write("<script>alert('上傳成功');</script>");
}
else
{
}
}
}
第二種方法,可以實現真正意義上的文件類型判斷,推薦使用這種方法.

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btn_upload_Click(object sender, EventArgs e)
{
try
{
//判斷是否已經選取文件
if (FileUpload1.HasFile)
{
if (IsAllowedExtension(FileUpload1))
{
string path = Server.MapPath("~/images/");
FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
Response.Write("<script>alert('上傳成功');</script>");
}
else
{
Response.Write("<script>alert('您只能上傳jpg或者gif圖片');</script>");
}
}
else
{
Response.Write("<script>alert('你還沒有選擇文件');</script>");
}
}
catch (Exception error)
{
Response.Write(error.ToString());
}
}
//真正判斷文件類型的關鍵函數
public static bool IsAllowedExtension(FileUpload hifile)
{
System.IO.FileStream fs = new System.IO.FileStream(hifile.PostedFile.FileName, System.IO.FileMode.Open, System.IO.FileAccess.Read);
System.IO.BinaryReader r = new System.IO.BinaryReader(fs);
string fileclass = "";
byte buffer;
try
{
buffer = r.ReadByte();
fileclass = buffer.ToString();
buffer = r.ReadByte();
fileclass += buffer.ToString();
}
catch
{
}
r.Close();
fs.Close();
if (fileclass == "255216" || fileclass == "7173")//說明255216是jpg;7173是gif;6677是BMP,13780是PNG;7790是exe,8297是rar
{
return true;
}
else
{
return false;
}
}
}