TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
mohammed jaseefar
NA
217
19.2k
How can check double extensions in file while file uploading
May 30 2017 1:31 AM
Hello,
How can restrict files like
I
ndex.php.png. sample.aspx.cs.txt
i need a solution for asp.net mvc5
My code below
here iam checking for single extension. but somebody can upload files like index.php.png
making critical security issue.
if any body know how i can modify this code for double extension checking, give me an answer.
var fileType = "";
if (files != null)
{
foreach (var file in files)
{
if (!string.IsNullOrEmpty(file.FileName) && !string.IsNullOrWhiteSpace(file.FileName))
{
string ext = System.IO.Path.GetExtension(file.FileName);
if (BasePage.CheckFileType(ext))
{
fileType = BasePage.FileRename(Path.GetExtension(file.FileName));
var physicalPath = Path.Combine(Server.MapPath("~/Uploads"), fileType);
file.SaveAs(physicalPath);
}
}
}
}
public bool CheckFileType(string ext)
{
string[] validFileTypes = { "PDF", "pdf", "png","PNG", "jpg","JPG","JPEG", "jpeg" };
bool isValidFile = false;
for (int i = 0; i < validFileTypes.Length; i++)
{
if (ext == "." + validFileTypes[i])
{
isValidFile = true;
break;
}
}
return isValidFile;
}
mohammed jaseefar
mohdjaseefar2gmail.com
Reply
Answers (
2
)
Reports in VS2015
How to create error log in MVC 5