Check Content Type of a file before uploading it to server


Hello readers. Below is the small but an important code to check file contents before uploading to server. There may be a chance that the user want to play with the file upload code. Suppose user want to upload a file, but instead of uploading an image file, he changes the extension of a text file from .txt to .jpg and click on upload,,,,, File uploaded. Because code is checking for extension of uploading file not for the content so he can use the trick to upload an invalid file. To prevent this trick read the code. Code is self explanatory and simple. Just by checking the content type of file. Remember that first check the length of file. If it is greater than than 0 then proceed next, because if you rename a text file .txt to .jpg without writing and text in it, its content type becomes the image content type an user is able to upload a invalid image file of size 0 bytes. After this you can use the rest of code to check maximum file size.

ASPX Page Cdoe

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:FileUpload ID="fluFile" runat="server" />
        <asp:Button ID="btnUpload" runat="server" Text="Upload" OnClick="btnUpload_Click" />
    </div>
    </form>
</body>
</html>

Code Behind Page Code 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnUpload_Click(object sender, EventArgs e)
    {
        string[] types = new[] { "image/pjpeg","image/jpeg", "image/png", "image/gif" };

        if (fluFile.PostedFile.ContentLength > 0)
        {
            if (!types.Contains(fluFile.PostedFile.ContentType.ToString()))
            {
                Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "msg", "<script>alert('Not a image file');</script>");
            }
        }
        else
        {
            Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "msg", "<script>alert('Invalid File..!');</script>");
        }
       
    }
}

Comments

Post a Comment

Popular posts from this blog

Get Query String Values With Javascript

Image
JavaScript Code To  Retrieve Query String Values This topic shows you how you can retrieve the query string values from a URL using JavaScript. The code is simple and understandable. Below is the complete code. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Query String using Javascript</title> <script type="text/javascript" language="javascript">     function getquerystring()     {         var qsarr = new Array();                  var qs = location.search.substring(1);         var singleqs = new Array();         var str ="";         qsarr = qs.split('&');         for( i=0; i<qsarr.length; i++)         {             singleqs = qsarr[i].split('=');             str += 'Query String Name
Read more

Change Css Class of li in ul onclick

Image
Below is the simple and a short code to change or set the background color of item in menu onclick or active tab of menu (i.e. li of ul) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>List Item</title> <style type="text/css"> ul {     list-style-type:none;     float:left;     border-bottom: solid 2px Red;     padding-right:40px; } ul li {     float:left;     width:auto;     padding:8px;     display:block;     cursor:pointer; } </style> <script type="text/javascript" language="javascript">     function checklist(ctrl)     {                 var list = document.getElementById("menu").getElementsByTagName('li&#
Read more

Change Text Color with Javascript

Below is the simple and sweet code of changing text color after fraction of second automatically. Copy n Paste and run... <html> <head> <title>Text Color Change</title> <script type="text/javascript" language="javascript"> elmColor = 0;     function changeColor(elmColor)     {                    switch(elmColor)         {             case 0:             document.getElementById('colorChange').style.color = '#000000';             elmColor++;              break;                          case 1:             document.getElementById('colorChange').style.color = '#ff0000';              elmColor++;             break;                          case 2:             document.getElementById('colorChange').style.color = '#00ff00';              elmColor++;             break;                          case 3:             document.getElementById('colorChange').style
Read more