所以我正在使用以下代码进行查看:
<form action="" method="post" enctype="multipart/form-data"> <label for="file">Filename:</label> <input type="file" name="file" id="file" /> <input type="submit" /> </form>
对于模型:
[HttpPost] public ActionResult Index(HttpPostedFileBase file) { if (file.ContentLength > 0) { var fileName = Path.GetFileName(file.FileName); var path = Path.Combine(Server.MapPath("~/App_Data/uploads"), fileName); file.SaveAs(path); } return RedirectToAction("Index"); }
除非用户添加不是图像的文件,否则效果很好。如何确保上传的文件是图片。谢谢
如果它可以帮助任何人,这是HttpPostedFileBase的静态方法,该方法检查给定的上传文件是否为图像:
public static class HttpPostedFileBaseExtensions { public const int ImageMinimumBytes = 512; public static bool IsImage(this HttpPostedFileBase postedFile) { //------------------------------------------- // Check the image mime types //------------------------------------------- if (!string.Equals(postedFile.ContentType, "image/jpg", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFile.ContentType, "image/jpeg", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFile.ContentType, "image/pjpeg", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFile.ContentType, "image/gif", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFile.ContentType, "image/x-png", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFile.ContentType, "image/png", StringComparison.OrdinalIgnoreCase)) { return false; } //------------------------------------------- // Check the image extension //------------------------------------------- var postedFileExtension = Path.GetExtension(postedFile.FileName); if (!string.Equals(postedFileExtension , ".jpg", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFileExtension , ".png", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFileExtension , ".gif", StringComparison.OrdinalIgnoreCase) && !string.Equals(postedFileExtension , ".jpeg", StringComparison.OrdinalIgnoreCase)) { return false; } //------------------------------------------- // Attempt to read the file and check the first bytes //------------------------------------------- try { if (!postedFile.InputStream.CanRead) { return false; } //------------------------------------------ // Check whether the image size exceeding the limit or not //------------------------------------------ if (postedFile.ContentLength < ImageMinimumBytes) { return false; } byte[] buffer = new byte[ImageMinimumBytes]; postedFile.InputStream.Read(buffer, 0, ImageMinimumBytes); string content = System.Text.Encoding.UTF8.GetString(buffer); if (Regex.IsMatch(content, @"<script|<html|<head|<title|<body|<pre|<table|<a\s+href|<img|<plaintext|<cross\-domain\-policy", RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.Multiline)) { return false; } } catch (Exception) { return false; } //------------------------------------------- // Try to instantiate new Bitmap, if .NET will throw exception // we can assume that it's not a valid image //------------------------------------------- try { using (var bitmap = new System.Drawing.Bitmap(postedFile.InputStream)) { } } catch (Exception) { return false; } finally { postedFile.InputStream.Position = 0; } return true; } }
编辑2/10/2017:根据建议的编辑,添加了finally语句以重置流,因此我们以后可以使用它。
