[C#] Extension Filter

[Chad]

Quick code I made for filtering out extensions for my C# Uploader I'm making.

PHP Code:

        static Boolean Evaluate_Extension(String Extension)
        {
            String[] Block = new String[] {".exe", ".html", ".php" };
            if (Block.Contains(Extension))
            {
                return false;
            }
            return true;
        } 


Example

PHP Code:

if(Evaluate_Extension(Path.GetExtension(@"C:\Users\Chad\Desktop\test.txt")) == true){
  Console.WriteLine("Continue with process...");
}else{
  Console.WriteLine("Inappropriate file!");
} 


[Artificial]

You may want to start using ternary operators for those simple true/false if statements. Those five lines can be shortened to:

PHP Code:

return (Block.Contains(Extension)) ? false : true; 


Also, it's not a good idea to rely on the filename passed by through the user as the determent for the file type. I can save an executable file as .jpg, and it would pass your blacklist, whereas it should get blocked. Food for thought

[Chad]

You may want to start using ternary operators for those simple true/false if statements. Those five lines can be shortened to:

PHP Code:

return (Block.Contains(Extension)) ? false : true; 


Also, it's not a good idea to rely on the filename passed by through the user as the determent for the file type. I can save an executable file as .jpg, and it would pass your blacklist, whereas it should get blocked. Food for thought

I honestly completely forgot about ternary. Thanks for reminding me.

[Chris]

You also forget that you want to make sure you are checking the final extension;

"test.gif.php" would technically be a php file, but if you blocked gif's you would still be excluded. I think C# has a mime filetype class, not sure.