In my project i have created a file upload.Now it is required that any exe file or exe file in a zip folder having .zip as extension, be prevented from being uploaded. Can someoe suggest me a solution?
+3
A:
For each of your task, you have to implement separate algorithm for check.
- Check extension before upload (see possible duplicate question)
- Check that uploaded zip is really an archive (mime type, libmagic, etc)
- Check that uploaded archive doesn't contain exe (unzip it, see previous paragraph)
abatishchev
2010-05-12 20:31:50
+1 For libmagic suggestion. Its the brains behind the file() command.Instead of enumerating badness, the OP should attempt to enumerate goodness instead.
Yann Ramin
2010-05-12 20:40:53
but how to unzip a file
Niraj Choubey
2010-05-12 20:44:15
@Niraj Choubey: See Robb's answer below http://stackoverflow.com/questions/2822521/exe-file-upload-prevention/2822560#2822560
abatishchev
2010-05-12 20:45:01
+2
A:
This post has a nice collection of C# libraries for unzipping: recommend-a-library-api-to-unzip-file-in-c#
Robb
2010-05-12 20:35:02