ASP.NET中如何检测一个图片是否是真实图片 防范病毒上传
主要是用来判断客户端上传的图片是否为真实的图片,以防病毒侵入,保证上传的文件的安全。
主要代码如下:
需要引用
/// <summary> /// 上传头像 /// </summary> /// <param name="userId">用户编号</param> /// <returns>Json(-1表示系统异常,-2表示文件不合法)</returns> [HttpPost] public JsonResult UploadAvatar(string userId) { //上传头像 string folderPath = "/upload/avatar/"; //判断路径是否存在 if (!Directory.Exists(folderPath)) Directory.CreateDirectory(folderPath);//创建文件路径 HttpPostedFileBase uploadFile = Request.Files["avatars"]; if (uploadFile != null) { string oriFileName = uploadFile.FileName;//原始文件名 string fileName = userId + "_" + oriFileName; uploadFile.SaveAs(Server.MapPath(folderPath + fileName)); FileStream fs = new FileStream(Server.MapPath(folderPath + fileName), FileMode.Open, FileAccess.Read); BinaryReader reader = new BinaryReader(fs); string fileClass; byte buffer; byte[] b = new byte[2]; buffer = reader.ReadByte(); b[0] = buffer; fileClass = buffer.ToString(); buffer = reader.ReadByte(); b[1] = buffer; fileClass += buffer.ToString(); reader.Close(); fs.Close(); if (fileClass == "255216" || fileClass == "7173" || fileClass == "6677" || fileClass == "13780") { //255216是jpg;7173是gif;6677是BMP,13780是PNG;7790是exe,8297是rar //Response.Write("图片可用"); //保存到数据库中 } else { //Response.Write("图片非法"); FileInfo f = new FileInfo(Server.MapPath(folderPath + fileName)); f.Delete(); //删除文件 return Json(-2, JsonRequestBehavior.AllowGet); } return Json(Server.HtmlEncode(folderPath + fileName), JsonRequestBehavior.AllowGet); } return Json(-1, JsonRequestBehavior.AllowGet); }