This article mainly introduces the analysis of the upload file type detection process of Java. The example code is introduced in this article in detail, which has certain reference value for everyone's learning or work. Friends who need it can refer to it.
When uploading files, especially when opening the file upload function to ordinary users, the format of uploading files needs to be controlled to prevent hackers from uploading virus scripts. The way of simply intercepting the file name type is very easy to crack. The uploader only needs to change the virus to file name to complete the upload.
You can read the hexadecimal file header of the file to determine the true format of the file.
When reading the binary data of a file and converting it to hexadecimal, the file header data of the same type of file is the same. Even if its suffix is changed, this data will not change.
import .*;
import ;
public class GetFileType {
// Cache file header information - file header information public static final HashMap<String, String> mFileTypes = new HashMap<String, String>();
static {
("FFD8FFE0","jpg");
("89504E47","png");
("424DC6CC","bmp");
("47494638","gif");
}
/**
* Obtain file header information according to file path
*
* @param filePath file path
* @return File header information
*/
public static String getFileType(String filePath) {
String type = getFileHeader(filePath);
(type);
return (type);
}
/**
* Obtain file header information according to file path
*
* @param filePath file path
* @return File header information
*/
public static String getFileHeader(String filePath) {
FileInputStream is = null;
String value = null;
try {
is = new FileInputStream(filePath);
byte[] b = new byte[4];
/*
* int read() reads a data byte from this input stream. int read(byte[] b) will be the most from this input stream
* Bytes of data are read into a byte array. int read(byte[] b, int off, int len)
* Read up to len bytes of data from this input stream into a byte array.
*/
(b, 0, );
value = bytesToHexString(b);
} catch (Exception e) {
} finally {
if (null != is) {
try {
();
} catch (IOException e) {
}
}
}
return value;
}
/**
* Convert the byte array of the file to read the file header information into a string type representation
*
* @param src byte array of file to read file header information
* @return File header information
*/
private static String bytesToHexString(byte[] src) {
StringBuilder builder = new StringBuilder();
if (src == null || <= 0) {
return null;
}
String hv;
for (int i = 0; i < ; i++) {
// Return a string representation of an integer parameter in hexadecimal (base 16) unsigned integer form and convert it to uppercase hv = (src[i] & 0xFF).toUpperCase();
if (() < 2) {
(0);
}
(hv);
}
return ();
}
public static void main(String[] args) {
String path = "E:/file/";
String type = getFileType(path);
(type);
path = "E:/file/";
type = getFileType(path);
(type);
path = "E:/file/";
type = getFileType(path);
(type);
path = "E:/file/";
type = getFileType(path);
(type);
}
}
Run the output
89504E47 png FFD8FFE0 jpg 424DC6CC bmp 47494638 gif
The above is all the content of this article. I hope it will be helpful to everyone's study and I hope everyone will support me more.