//添加引用System.Text;
//添加引用System.IO;
/// <summary>
/// C#检测上传图片是否安全函数
/// </summary>
/// <param name="strPictureFilePath"></param>
public void CheckPictureSafe(string strPictureFilePath)
{
bool strReturn = true;
if (!File.Exists(strPictureFilePath))
{
StringBuilder str_Temp = new StringBuilder();
try
{
using (StreamReader sr = new StreamReader(strPictureFilePath)) //按文本文件方式读取图片内容
{
String line;
while ((line = sr.ReadLine()) != null)
{
str_Temp.Append(line + ",");
}
//检测是否包含危险字符串
if (str_Temp == null)
{
strReturn = false;
}
else
{
str_Temp = str_Temp.Replace("'", "''");
string DangerString = "script|iframe|.getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|.saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject|language=|include|filesystemobject|shell.application";
string[] sArray = DangerString.Split('|');
foreach (string i in sArray)
{
strReturn = true;
break;
}
}
sr.Close();
}
if (strReturn)
{
File.Delete(strPictureFilePath);
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
}