如何限制扩展名为.exe,.zip等的文件 [英] How to restrict files with extensions like .exe, .zip etc
本文介绍了如何限制扩展名为.exe,.zip等的文件的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如果我上传文件test.exe,那么我的应用程序会限制它并发出警告消息。
但是,如果我将文件重命名为test.exe.txt,应用程序会将其上传到数据库中成功。
如何限制test.exe.txt或test.zip.txt的上传?
请建议。
谢谢,
Sneha。
< b>我尝试了什么:
我试过限制文件的内容类型但是它没有按要求工作。
for ex:
If i upload a file test.exe, then my application restricts it and give an alert message.
But, if i rename the file as test.exe.txt the application uploads it in database successfully.
How to restrict the upload for test.exe.txt or test.zip.txt?
Please suggest.
Thanks,
Sneha.
What I have tried:
I have tried restricting the contenttype of a file but it is not working as required.
for ex:
If (fuAttachment.PostedFile.ContentType <> "text/HTML" And fuAttachment.PostedFile.ContentType <> "text/plain" And fuAttachment.PostedFile.ContentType <> "Application/msword" And fuAttachment.PostedFile.ContentType <> "image/jpeg" And fuAttachment.PostedFile.ContentType <> "image/GIF" And fuAttachment.PostedFile.ContentType <> "application/pdf" And fuAttachment.PostedFile.ContentType <> "Application/x-msexcel" And fuAttachment.PostedFile.ContentType <> "image/bmp" And fuAttachment.PostedFile.ContentType <> "application/vnd.ms-outlook" And fuAttachment.PostedFile.ContentType <> "image/tiff" And fuAttachment.PostedFile.ContentType <> "video/mp4" And fuAttachment.PostedFile.ContentType <> "application/rar" And fuAttachment.PostedFile.ContentType <> "video/mpeg") Then
lblMsg.Visible = True
lblMsg.Text = "Upload JPG / BMP / JPEG / TIF / PDF / Doc / Excel / Zip format / MP4 / MPEG / MPG/ RAR / TXT / HTML / MSG files only"
Return False
Exit Try
推荐答案
由于您无法信任文件扩展名,因此您必须至少阅读二进制文件的一些字节来告诉它的确切性质。例如,请参阅:文件签名列表 - 维基百科 [ ^ ]和可执行文件 - 如何判断文件是EXE还是DLL? - 堆栈溢出 [ ^ ]。
Since you cannot trust the file extension, then you have to read at least some bytes of the binary file to tell its exact nature. See, for instance: List of file signatures - Wikipedia[^] and executable - How to tell if a file is an EXE or a DLL? - Stack Overflow[^].
这篇关于如何限制扩展名为.exe,.zip等的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文