上传文件图像验证

本文关键字：验证图像文件 | 更新日期: 2023-09-27 18:01:29

在有人可以上传图像之前，我有这些代码作为我的验证。然而，当我尝试上传不同的文件，如视频文件等，它仍然通过?我遗漏了什么?这是我的全部代码。对不起，我不知道你在找什么。它只是接受我上传的所有东西，它上传了照片，但是没有图片。

protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["IslandGasAdminPM"] != null)
        {
            if (!IsPostBack)
            {
                GetCategories();
                AddSubmitEvent();
            }
            if (Request.QueryString["alert"] == "success")
            {
                Response.Write("<script>alert('Record saved successfully')</script>");
            }
        }
        else
        {
            Response.Redirect("LogIn.aspx");
        }
    }
    private void AddSubmitEvent()
    {
        UpdatePanel updatePanel = Page.Master.FindControl("AdminUpdatePanel") as UpdatePanel;
        UpdatePanelControlTrigger trigger = new PostBackTrigger();
        trigger.ControlID = btnSubmit.UniqueID;
        updatePanel.Triggers.Add(trigger);
    }
    private void GetCategories()
    {
        ShoppingCart k = new ShoppingCart();
        DataTable dt = k.GetCategories();
        if (dt.Rows.Count > 0)
        {
            ddlCategory.DataValueField = "CategoryID";
            ddlCategory.DataTextField = "CategoryName";
            ddlCategory.DataSource = dt;
            ddlCategory.DataBind();
        }
    }
    protected void DropDownList1_SelectedIndexChanged(object sender, EventArgs e)
    {
    }
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        if (uploadProductPhoto.PostedFile != null)
        {
            SaveProductPhoto();
            ShoppingCart k = new ShoppingCart()
            {
                ProductName = txtProductName.Text,
                ProductImage = "~/ProductImages/" + uploadProductPhoto.FileName,
                ProductPrice = txtProductPrice.Text,
                ProductDescription = txtProductDescription.Text,
                CategoryID = Convert.ToInt32(ddlCategory.SelectedValue),
                TotalProducts = Convert.ToInt32(txtProductQuantity.Text)
            };
            k.AddNewProduct();
            ClearText();
            Response.Redirect("/Admin/AddNewProduct.aspx?alert=success");
        }
        else
        {
            Response.Write("<script>alert('Please upload photo');</script>");
        }
    }
    private void ClearText()
    {
        uploadProductPhoto = null;
        txtProductName.Text = String.Empty;
        txtProductPrice.Text = String.Empty;
        txtProductDescription.Text = String.Empty;
        txtProductQuantity.Text = String.Empty;
    }
    private void SaveProductPhoto()
    {
        if (uploadProductPhoto.PostedFile != null)
        {
            string filename = uploadProductPhoto.PostedFile.FileName.ToString();
            string fileExt = System.IO.Path.GetExtension(uploadProductPhoto.FileName);
            //check filename length
            if (filename.Length > 96)
            {
                Response.Write("Image should not exceed 96 characters");
            }
            //check file type
            else if (fileExt != ".jpg" && fileExt != ".jpeg" && fileExt != ".png" && fileExt != ".bmp")
            {
                Response.Write("Only jpg,jpeg,bmp and png are allowed");
            }
            //check file size
            else if (uploadProductPhoto.PostedFile.ContentLength > 4000000)
            {
                Response.Write("Image should not exceed 4MB");
            }
            //Save images to folder
            else
            {
                uploadProductPhoto.SaveAs(Server.MapPath("~/ProductImages/" + filename));
            }
        }

上传文件图像验证

您似乎正在创建一个变量'filename'，然后在您试图获得扩展名时在下一行不使用它。我不知道你在做什么，但这对我来说是一个立即的危险信号，可能会涉及到。

如果你能提供一些'filename'和'uploadProductPhoto '的值的例子。然后我就能帮你弄清楚发生了什么

使用正则表达式验证控件，视频格式的表达式为:

ValidationExpression=/^(([a-zA-Z]:)|(''{2}'w+)'$?)(''('w['w].*))+(.avi|.AVI|.WMV|.wmv|.wav|.WAV|.mpg|.MPG|.mid|.MID|.asf|.ASF|.mpeg|.MPEG)$/

用于验证音频文件格式的正则表达式为:

ValidationExpression=/^(([a-zA-Z]:)|(''{2}'w+)'$?)(''('w['w].*))+(.mp3|.MP3|.mpeg|.MPEG|.m3u|.M3U)$/

Edit:验证图像文件格式的正则表达式为:

ValidationExpression=/^(([a-zA-Z]:)|(''{2}'w+)'$?)(''('w['w].*))+(.jpeg|.JPEG|.gif|.GIF|.png|.PNG|.JPG|.jpg|.bitmap|.BITMAP)$/

<asp:FileUpload ID="fileUploadVideo" runat="server" />           
<asp:RegularExpressionValidator ID="RegularExpressionValidator7"
 runat="server" ControlToValidate="fileUploadVideo"
ErrorMessage="Only .avi, .mpg, .wav, .mid, .wmv, .asf and .mpeg Video formats are allowed." ForeColor="Red"
ValidationExpression="/^(([a-zA-Z]:)|(''{2}'w+)'$?)(''('w['w].*))+(.avi|.AVI|.WMV|.wmv|.wav|.WAV|.mpg|.MPG|.mid|.MID|.asf|.ASF|.mpeg|.MPEG)$/"
ValidationGroup="PartnerProfileUpdate" SetFocusOnError="true"></asp:RegularExpressionValidator>

由于您的SaveProductPhoto在检查失败时不会抛出异常，因此有两种方法可以避免您的问题:

抛出异常/gh>
在Response.Write代码下面添加Response.End()

同样，验证文件ext不是一个好主意，您可以验证InputStream，读取前两个字节，并检查它们

//byte[] bytes = new byte[2];  
//string.Format("{0}{1}",bytes[0],bytes[1])  
//255216 is jpg;7173 is gif;6677 is BMP,13780 is PNG;7790 is exe,8297 is rar

用正则表达式算出来。下面是这个表达。

ValidationExpression="^.*'.(jpg|JPG|gif|GIF|doc|DOC|pdf|PDF|PNG|png)$"