How do I Validate the File Type of a File Upload?

javascript asp.net file validation upload

Seems like you are going to have limited options since you want the check to occur before the upload. I think the best you are going to get is to use javascript to validate the extension of the file. You could build a hash of valid extensions and then look to see if the extension of the file being uploaded existed in the hash.

HTML:

<input type="file" name="FILENAME"  size="20" onchange="check_extension(this.value,"upload");"/>
<input type="submit" id="upload" name="upload" value="Attach" disabled="disabled" />

Javascript:

var hash = {
  'xls'  : 1,
  'xlsx' : 1,
};

function check_extension(filename,submitId) {
      var re = /\..+$/;
      var ext = filename.match(re);
      var submitEl = document.getElementById(submitId);
      if (hash[ext]) {
        submitEl.disabled = false;
        return true;
      } else {
        alert("Invalid filename, please select another file");
        submitEl.disabled = true;

        return false;
      }
}

It's pretty simple using regulare expression validator. 

<asp:RegularExpressionValidator
id="RegularExpressionValidator1"
runat="server"
ErrorMessage="Only zip file is allowed!"
ValidationExpression ="^.+(.zip|.ZIP)$"
ControlToValidate="FileUpload1"
> </asp:RegularExpressionValidator>

Client-Side Validation of File Types Permissible to Upload


From javascript, you should be able to get the filename in the onsubmit handler. So in your case, you should do something like:

<form onsubmit="if (document.getElementById('fileUpload').value.match(/xls$/) || document.getElementById('fileUpload').value.match(/xlsx$/)) { alert ('Bad file type') ; return false; } else { return true; }">...</form>

I agree with Chris, checking the extension is not validation of the type of file any way you look at it. Telerik's radUpload is probably your best option, it provides a ContentType property of the file being uploaded, which you can compare to known mime types. You should check for:

application/vnd.ms-excel,

application/excel,

application/x-msexcel

and for the new 2k7 format:

application/vnd.openxmlformatsofficedocument.spreadsheetml.sheet

Telerik used to sell radUpload as an individual component, but now its wrapped into the controls suite, which makes it a little more expensive, but by far its the easiest way to check for the true type

Related

Is is possible to export functions from a C# DLL like in VS C++?
Difference between .string and .text BeautifulSoup
Is float for layout bad? What should be used in its place?
How do you do non-blocking console I/O on Linux in C?
Key Listeners in python?
How to use jquery or ajax to update razor partial view in c#/asp.net for a MVC project
Simple function to sort an array of objects
How to get Printer Info in .NET?
How do I switch to the active tab in Selenium?
Is there a Windows command shell that will display Unicode characters?
Starting Tasks In foreach Loop Uses Value of Last Item [duplicate]
PInvoke for C function that returns char *