堆栈内存溢出
  简体   繁体   English

如何识别上传的excel文件是否与下载的相同?

[英]How to identify if uploaded excel file is same as that is downloaded?

 原文  2013-09-03 13:03:09       java/ excel/ upload/ download/ jxl

问题描述

I am developing excel download & upload functionality using Java.我正在使用 Java 开发 excel 下载和上传功能。

I have a link on my screen through which, user will download an excel.我的屏幕上有一个链接,用户可以通过它下载一个 excel。

I provide functionality to upload the excel.我提供上传excel的功能。 But, while uploading, I want restrict user to upload only that excel file which is downloaded to maintain security.但是,在上传时,我想限制用户只上传为维护安全而下载的 excel 文件。

How will I be able to do that ?我将如何能够做到这一点?

I am using JXL API for Java.我正在为 Java 使用 JXL API。

EDIT: User will download the file, which will have all protected cells.编辑:用户将下载该文件,该文件将包含所有受保护的单元格。

User will change the details in it and then re-upload it.用户将更改其中的详细信息,然后重新上传。

User may copy the content of the excel and save in another excel file and then add some junk data in it which may come across some security concerns.用户可以复制excel的内容并保存在另一个excel文件中,然后在其中添加一些垃圾数据,这可能会遇到一些安全问题。

To avoid it while uploading the file, I want to identify if the file is same as that is downloaded.为了在上传文件时避免它,我想确定文件是否与下载的文件相同。

3 个解决方案

解决方案1
 0  2013-09-03 13:43:29

An idea would be to add an unique ID somewhere inside the file and lock those cells from editing.一个想法是在文件内的某处添加一个唯一 ID 并锁定这些单元格以防止编辑。

You could check this tutorial on how to Lock or unlock specific areas of a protected worksheet您可以查看本教程,了解如何锁定或解锁受保护工作表的特定区域

Also, you can compare the files' creation date timestamps and check if they're the same.此外,您可以比较文件的创建日期时间戳并检查它们是否相同。

解决方案2
 0  2013-09-03 13:50:10

It is not possible to do what you want.做你想做的事是不可能的。 The user will have access to everything you give them.用户将有权访问您提供给他们的所有内容。 If they are attacking you, they can use that to spoof that the file is the same.如果他们正在攻击您,他们可以使用它来欺骗文件是相同的。 You need to do data validation on what comes in from the user, just like any other time you ask the user for data.您需要对来自用户的内容进行数据验证,就像您向用户询问数据的任何其他时间一样。

Probably the closest you can get is to check that every locked cell is still locked with the same password.可能最接近的是检查每个锁定的单元格是否仍然使用相同的密码锁定。 There's still no guarantee that they haven't hacked your password, though, and once you're looking at every cell anyway, you may as well validate the value instead of the lock.但是,仍然不能保证他们没有破解您的密码,而且一旦您查看了每个单元格,您也可以验证值而不是锁。

解决方案3
 0  2020-07-02 19:26:31

  1. Protect sheet( or required cells) with a password.使用密码保护工作表(或所需的单元格)。
  2. On upload verify the password.上传时验证密码。
  3. Store the password in property files or in some secured location.将密码存储在属性文件或某个安全位置。

I have resolved my issue using Apache POI lib and "validateSheetPassword(pwd)" method.我已经使用 Apache POI lib 和“validateSheetPassword(pwd)”方法解决了我的问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何检查是否已下载相同的下载文件? - How to check if the same downloaded file is being uploaded? 如何处理上传的文件以及同一servlet中的数据? - How to process uploaded file and for data in same servlet? 如何删除目录中上传的相同文件? - how to delete the same file which is uploaded in a directory? Java上传的文件不一样 - Java Uploaded file is not the same 如何从服务器替换存储中具有相同文件名的下载图像? - How to replace downloaded image with same file name in storage from server? 如何从临时文件夹中呈现JSP页面中的上载Excel文件? - How to Render uploaded Excel file in JSP Page from a Temp Folder? 读取Excel文件时如何识别单元格为空,为空或为空 - How to identify a cell is blank or null or empty while reading a excel file 验证上载文件是否与下载的文件相同 - Verify if the uploading file is as same as the downloaded file 有没有办法读取从 Firebase 下载的 Excel 文件? - There is a way to read a Excel file downloaded from Firebase? 如何识别是否有文件? - How to identify if file or not a file?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM