View Single Post
  #15 (permalink)  
Old February 24th, 2007, 09:38 AM
Imar's Avatar
Imar Imar is offline
Wrox Author
Points: 72,073, Level: 100
Points: 72,073, Level: 100 Points: 72,073, Level: 100 Points: 72,073, Level: 100
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Utrecht, Netherlands.
Posts: 17,089
Thanks: 80
Thanked 1,587 Times in 1,563 Posts
Default

No, you don't have to do that. What you need to do is check the uploaded file at the server before you save it. How you do this depends on the server side technology you're using. For example, in ASP.NET with C# you could so something like this:
Code:
if (FileUpload1.PostedFile.FileName.EndsWith(".jpg"))
{
  FileUpload1.SaveAs(SomePath);
}
else
{
  throw new Exception("Can't save files other than .jpg");
}
Instead of throwing an exception you could explain the user what went wrong.

If you're only allowing images, you could even try to load the image into an Image object wit GDI+ to ensure that the file really contains a readable image.

Cheers,

Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004
While typing this post, I was listening to: Tragedy (For You) [12" Vox] by Front 242 (Track 1 from the album: Tragedy (For You)) What's This?
Reply With Quote