Link to home
Start Free TrialLog in
Avatar of Tricky1974
Tricky1974

asked on

How do I allow only images using the FileUpload control

Hello!

On the contact page of our website we have a form which allows website users to send attachments with their email.

It all works great, but for the sake of security, I'd like it to only be able to send images.  It seems easy enough to just check the file extension, but this could easily be worked around by renaming the file.

Any help would be much appreciated.
try
            {
                System.Net.Mail.MailMessage myMail = new System.Net.Mail.MailMessage();
                myMail.To.Add("example@example.com");
                myMail.From = new MailAddress("example@example.com");
                myMail.Subject = "Email";
                myMail.IsBodyHtml = true;
                myMail.Body = "From: " + name + " (" + email + ") - (" + phone + ")<br /> Message: " + message;
 
                string fileName = Path.GetFileName(FileUpload1.PostedFile.FileName);
                Attachment myAttachment = new Attachment(FileUpload1.FileContent, fileName);
                    
                myMail.Attachments.Add(myAttachment);
 
                SmtpClient mySmtpClient = new SmtpClient("example.example.com");
                mySmtpClient.Send(myMail);
 
                pnlSent.Visible = true;
            }
            catch (Exception ex)
            {
                lblError.Text = ex.Message;
            }

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of abel
abel
Flag of Netherlands image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Tricky1974
Tricky1974

ASKER

Thanks for the response abel.

I'm getting an error when using the code though:

Cannot implicitly convert type 'System.Drawing.Image' to 'System.Drawing.Bitmap'. An explicit conversion exists (are you missing a cast?)

Any ideas?
Avatar of abel
abel
Flag of Netherlands image
Ah, my mistake (I only checked syntax, didn't compile though), you need it like this, or you can remove the result, actually.

// correction for above
System.Drawing.Image img = Bitmap.FromStream(stream, false, true);
 
// or use this to discard the result right away
Bitmap.FromStream(stream, false, true);

Open in new window

Avatar of Tricky1974
Tricky1974

ASKER

That works perfectly abel.

Thanks for the help.
Avatar of Tricky1974
Tricky1974

ASKER

This coupled together with abels other comment below is the full solution to this problem