how to prevent of uploading renamed .exe file in asp.net

Question

0.00/5 (No votes)

See more:

C#

C#4.0

ASP.NET4

Please provife me the code and file in asp.net,

how to prevent of uploading renamed .exe file in asp.net

Posted 22-Aug-13 20:40pm

LK11

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

**Zoltán Zörgő** · Answer 1 · 2013-08-22T20:51:00

Solution 1

You have to look in the binary file itself. There are many approaches. See some interesting ones here: http://stackoverflow.com/questions/2863683/how-to-find-if-a-file-is-an-exe[^] (except the one that is suggesting you to start it :), since that is a really bad idea)

Posted 22-Aug-13 20:51pm

Zoltán Zörgő

Updated 22-Aug-13 20:52pm

v2

OriginalGriff · Answer 2 · 2013-08-22T20:54:00

If you mean "how do I prevent the user from uploading the same file under a different name?", then the easiest way if to keep a hash value of each file with the file itself: for this application an MD5 should be fine (since this isn't secure information and MD5 is a lot shorter than the alternatives) or you could use an SHA hash, but they are longer, and slower to generate.
When the user uploads a file, you calculate the hash value and compare it against your database of existing files hash values. If you get a match, you can (optionally) compare the actual file data. If you don't, then the file does not exist under any file name.

MSDN and Google can help you with generating the hash value.