Thanks to http://forums.asp.net/p/1051895/2171502.aspx#2171502 for the image validation part of this code.
/// <summary>
/// Added to validate that an image is being uploaded - not just any document
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
private bool IsImage(byte[] data)
{
//read 64 bytes of the stream only to determine the type
string myStr = System.Text.Encoding.ASCII.GetString(data).Substring(0, 16);
//check if its definately an image.
if (myStr.Substring(8, 2).ToString().ToLower() != "if")
{
//its not a jpeg
if (myStr.Substring(0, 3).ToString().ToLower() != "gif")
{
//its not a gif
if (myStr.Substring(0, 2).ToString().ToLower() != "bm")
{
//its not a .bmp
if (myStr.Substring(0, 2).ToString().ToLower() != "ii")
{
//its not a tiff
//ProcessErrors("notImage");
myStr = null;
return false;
}
}
}
}
myStr = null;
return true;
}
public Response<List<SharepointDocumentDto>> AddAssetImageToSession(
string fileName, Stream contentStream, IWebPageView currentView, string parentWindow)
{
Response<List<SharepointDocumentDto>> response = GetAssetImageSingle();
if (string.IsNullOrEmpty(fileName))
{
response.Errors.Add(new Error(ErrorName.FileError, Errors.MissingFileName));
response.IsSuccessful = false;
}
else
{
SharepointDocumentDto item = new SharepointDocumentDto();
item.Name = fileName; //Set FileName
item.IsNewItem = true; //Flag as true so we know to save it when the asset is saved
item.GeneratedListItemId = Guid.NewGuid().ToString();
MemoryStream ms = new MemoryStream();
byte[] data = new byte[256];
int c = contentStream.Read(data, 0, data.Length);
//Check if it is a valid image
if (!IsImage(data))
{
response.Errors.Add(new Error(ErrorName.FileError, Errors.InvalidImageUploaded));
response.IsSuccessful = false;
return response; //invalid
}
//Read into buffer until end of file
while (c > 0)
No comments:
Post a Comment