放弃取客户端路径

纠结了好久怎么去取客服端文件的地址在网上也找了好久没找到后来仔细想想如果我们这般程序猿能随意知道客户的文件夹那客户不知任我们宰割了

么所以微软就不让我们取但是有时候我们又并没有恶意的想知道文件路径唉所以只能我现在这样将就了呵呵呵呵

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="uploadFile.aspx.cs" Inherits="uploadFile" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

</form>
</body>
</html>

-----------------------------------------------------------------------------------------

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;

public partial class uploadFile : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}
protected void btn_upload_Click(object sender, EventArgs e)
{
try
{

if (FileUpload1.HasFile)
{ string path = Server.MapPath("~/C/");
string realyPath = path + FileUpload1.FileName;
//if (IsAllowedExtension(FileUpload1))
//{

FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
if (IsAllowedExtension(FileUpload1, realyPath))
{
Response.Write("<script>alert(’上传成功’);</script>");
}
// }
else
{
Response.Write("<script>alert(’您只能上传jpg或者gif图片’);</script>");
}
}
else
{
Response.Write("<script>alert(’你还没有选择文件’);</script>");
}
}
catch (Exception error)
{
Response.Write(error.ToString());
}
}

public static bool IsAllowedExtension(FileUpload hifile,string path)
{

System.IO.FileStream fs = new System.IO.FileStream(path, System.IO.FileMode.Open, System.IO.FileAccess.Read);
System.IO.BinaryReader r = new System.IO.BinaryReader(fs);
string fileclass = "";
byte buffer;
try
{
buffer = r.ReadByte();
fileclass = buffer.ToString();
buffer = r.ReadByte();
fileclass += buffer.ToString();
}
catch
{ }
r.Close();
fs.Close();
if (fileclass == "255216" || fileclass == "7173")

{
return true;
}
else
{

// File.Delete(path);
return false;
}
}

}

改良后的东东

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="上传文件.aspx.cs" Inherits="文件上传问题.上传文件" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

后台

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;

namespace 文件上传问题
{
public partial class 上传文件 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}

protected void Button1_Click(object sender, EventArgs e)
{
try
{

if (FileUpload1.HasFile)
{
string path = Server.MapPath("~/C/");
string realyPath = path + FileUpload1.FileName;
Stream stream = Request.Files[0].InputStream;

// FileUpload1.PostedFile.SaveAs(path + FileUpload1.FileName);
if (IsAllowedExtension(FileUpload1, realyPath, stream))
{
Response.Write("<script>alert('上传成功');</script>");
}

else
{
Response.Write("<script>alert('您只能上传jpg或者gif图片');</script>");
}
}
else
{
Response.Write("<script>alert('你还没有选择文件');</script>");
}
}
catch (Exception error)
{
Response.Write(error.ToString());
}

}
public static bool IsAllowedExtension(FileUpload hifile, string path, Stream stream)
{

// System.IO.FileStream fs = new System.IO.FileStream(path, System.IO.FileMode.Open, System.IO.FileAccess.Read);
System.IO.BinaryReader r = new System.IO.BinaryReader(stream);
string fileclass = "";
byte buffer;
try
{
//读文件头
buffer = r.ReadByte();
fileclass = buffer.ToString();
buffer = r.ReadByte();
fileclass += buffer.ToString();
}
catch
{ }
r.Close();
//fs.Close();
//文件头的后缀标识
if (fileclass == "255216" || fileclass == "7173")
{
return true;
}
else
{

return false;
}
}
}
}

posted on 2013-03-18 00:22 简简单单2018 阅读(192) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

人本善良

导航

统计

公告

搜索

常用链接

我的标签

随笔分类

随笔档案

有用的链接

阅读排行榜

评论排行榜

推荐排行榜

最新评论

放弃取客户端路径