Upload - Check file contents to ensure the field is really an image

Sample for ScriptUtils.FormField.String | Changes | Purchase | Download

Examples

     This function checks the uploaded file contents to ensure that the file is an image. You can check extension of the file or content-type. If the content-type begins with 'image/' or extension is in imageExts, the file is probably an image.
     But - someone can rename an .exe file and send the file as 'image'. So a second part of the check function tests file contents for usual characteristics of image files. You can use String or HexString property to get a part of contents of the file and compare it with image file characteristics.
     You can use this function to check other file types (compressed, executable, ) also.
These tables are from Richard Ogley's pages.

Jump to: Image files | Compressed files | Archive files | Executable files | Miscellaneous files

Image files

File type Typical
extension
Hex digits
xx = variable
Ascii digits
. = not an ascii char
Bitmap format .bmp 42 4d BM
FITS format .fits 53 49 4d 50 4c 45 SIMPLE
GIF format .gif 47 49 46 38 GIF8
Graphics Kernel System .gks 47 4b 53 4d GKSM
IRIS rgb format .rgb 01 da ..
ITC (CMU WM) format .itc f1 00 40 bb ....
JPEG File Interchange Format .jpg ff d8 ff e0 ....
NIFF (Navy TIFF) .nif 49 49 4e 31 IIN1
PM format .pm 56 49 45 57 VIEW
PNG format .png 89 50 4e 47 .PNG
Postscript format .[e]ps 25 21 %!
Sun Rasterfile .ras 59 a6 6a 95 Y.j.
Targa format .tga xx xx xx ...
TIFF format (Motorola - big endian) .tif 4d 4d 00 2a MM.*
TIFF format (Intel - little endian) .tif 49 49 2a 00 II*.
X11 Bitmap format .xbm xx xx
XCF Gimp file structure .xcf 67 69 6d 70 20 78 63 66 20 76 gimp xcf
Xfig format .fig 23 46 49 47 #FIG
XPM format .xpm 2f 2a 20 58 50 4d 20 2a 2f /* XPM */

Compressed files

File type Typical
extension
Hex digits
xx = variable
Ascii digits
. = not an ascii char
Bzip .bz 42 5a BZ
Compress .Z 1f 9d ..
gzip format .gz 1f 8b ..
pkzip format .zip 50 4b 03 04 PK..

Archive files

File type Typical
extension
Hex digits
xx = variable
Ascii digits
. = not an ascii char
TAR (pre-POSIX) .tar xx xx (a filename)
TAR (POSIX) .tar 75 73 74 61 72 ustar (offset by 257 bytes)

Excecutable files

File type Typical
extension
Hex digits
xx = variable
Ascii digits
. = not an ascii char
MS-DOS, OS/2 or MS Windows   4d 5a MZ
Unix elf   7f 45 4c 46 .ELF

Miscellaneous files

File type Typical
extension
Hex digits
xx = variable
Ascii digits
. = not an ascii char
pgp public ring   99 00 ..
pgp security ring   95 01 ..
pgp security ring   95 00 ..
pgp encrypted data   a6 00 ¦.
Upload - Check file contents to ensure the field is really an image 
Const imageExts = ".gif,.jpg,.png,.jpeg,.bmp"


'This function checks filename and CONTENTS of a field
'to recognize images
Function IsImage(Field)
  If Instr(1, imageExts & ",", Field.FileExt & ",", 1)>0 _
    Or Left(Field.ContentType, 5) = "image" Then 
    
    ' FFD8FF = JFIF
    ' 49492A00 = TIF
    If Field.HexString (0,3)="FFD8FF" Or Field.HexString (0,4)="49492A00" _
    Or Field.String(,6,4)="JFIF" Or Field.String(,0,3)="GIF" _
    Or Field.String(,1,3)="PNG"  Or Field.String(,0,2)="BM" Then
      IsImage = True
    End If
  End If
End Functio

Other links for the Upload - Check file contents to ensure the field is really an image sample

ScriptUtils.FormField

One form field. Member of FormFields collection.

ScriptUtils

Huge ASP upload is easy to use, hi-performance ASP file upload component with progress bar indicator. This component lets you upload multiple files with size up to 4GB to a disk or a database along with another form fields. Huge ASP file upload is a most featured upload component on a market with competitive price and a great performance . The software has also a free version of asp upload with progress, called Pure asp upload , written in plain VBS, without components (so you do not need to install anything on server). This installation package contains also ScriptUtilities library. Script Utilities lets you create hi-performance log files , works with binary data , you can download multiple files with zip/arj compression, work with INI files and much more with the ASP utility.

© 1996 - 2011 Antonin Foller, Motobit Software | About, Contacts | e-mail: info@pstruh.cz


Other Motobit links:   IISTracer, real-time IIS monitor   ASP file upload - upload files to ASP. 
ActiveX/VBSScript registry editor  ActiveX NT User account manager  Export MDB/DBF from ASP Active LogFile  Email export  ActiveX/ASP Scripting Dictionary object