|
You need to validate the filename passed in the query-string. You only want the code to be used to read images directly within the specified path, but it could currently be used to read images anywhere on the server.
You should also use Path.Combine to combine the folder path and file name:
Dim filename As String = Request.QueryString("filename")
If filename.IndexOfAny(System.IO.Path.GetInvalidFileNameChars()) <> -1 Then
Throw New HttpException(400, "Bad request")
End If
Dim width As Integer = Integer.Parse(Request.QueryString("width"))
Dim serverPath As String = Server.MapPath("~/images/")
Dim imagePath As String = System.IO.Path.Combine(serverPath, filename)
GenerateThumbnail(imagePath, width)
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
|
HI,
Every Body,
Can anyone tell me,What is Eval()and Bind() method in asp.net and What it's use???
And
What is difference between Eval() and Bind() Method???
|
|
|
|
|
You can find full details either by a Google search, or by looking at the MSDN documentation.
|
|
|
|
|
The first Google result for "asp.net eval bind" has the answer:
Data-Binding Expressions Overview[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
EVal is one way binding, Bind is two way
If you bind a value using Eval, it is like a read only. You can only view the data.
If you bind a value using Bind, and if you do some change on the value it will reflect on the database also
|
|
|
|
|
|
the eval use in front page(*.aspx)like <%#Eval("article_title")%>
the bind is from code page(*.cs),is from a void of a control's databind.
you can search in google
|
|
|
|
|
Hai All,
I am having two methods in a single service below. I will host this service in IIS. I will be having only one service URL. Client will consume this service by creating the proxy class as usual. But Mehod1 should only be displayed to Client A, Mehod2 should only be displayed to Client B. How can I overcome this scenario?.. Can you please clarify my doubt..? Thanks in Advance
namespace serviceHide
{
[ServiceContract]
interface IServiceHide
{
[OperationContract]
string Method1(string id);
[OperationContract]
string Method2(string id);
}
}
|
|
|
|
|
You're obviously working on the same project as this guy:
1 wcf service and 2 client[^]
The options haven't changed since last week.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I can see it now....task given to Employee A who thinks "I'll just ask on CP". Doesn't get a simple "here is the code" answer as the requirement is essentially flawed, so he can't do his task. Task is taken off him and given to Employee B. Employee B thinks "I'll just ask on CP" ....
|
|
|
|
|
Don't edit spam in QA, even to add a "Spam" tag.
When you do, you risk the automated system thinking you are the author and you getting the "spammer" votes.
And if you edit it to remove the spam, then you can confuse the spam detector which results in more "false positives" when it picks up "spam / abuse" kicks later.
Best thing to do is just hit the "spam" flag and / or report it in the Spam and Abuse forum - a Protector or Staff member will delete it.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Thanks for the heads up, don't think I edited that question? Could be wrong, but I'll keep that in mind anyway. Hard to know when thinks are marked as spam though as you only know it has been reported when you report it yourself.
|
|
|
|
|
No, you came up as the edit link on this one: How to create Play store Developer account[^] - if you click the "(no name)" link it goes to your user page!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Mmm, I did report that as being off-topic but I didn't edit it, I didn't add the spam tag.
|
|
|
|
|
|
Weird, it was actually me (and I take your point above). Click on the v2 link and it shows me as the last editor.
|
|
|
|
|
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class plrsmkt_calculation : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
int totalrs = 0;
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e.Row.RowType == DataControlRowType.DataRow)
{
totalrs += Convert.ToInt32(DataBinder.Eval(e.Row.DataItem, "rs"));
}
else if (e.Row.RowType == DataControlRowType.Footer)
{
e.Row.Cells[1].Text = "Total";
e.Row.Cells[1].Font.Bold = true;
e.Row.Cells[2].Text = totalrs.ToString();
e.Row.Cells[2].Font.Bold = true;
e.Row.Cells[3].Text = totalrs.ToString();
e.Row.Cells[3].Font.Bold = true;
}
}
protected void TextBox1_TextChanged(object sender, EventArgs e)
{
}
}
The above coding display me Total of a column with display of all rows as per database
but now i want to display total of same column(without rows) on other page of my web site. Can u help me
modified 4-Jun-15 13:48pm.
|
|
|
|
|
What total, what footer, what other page? Please edit your question and explain exactly what your issue is.
|
|
|
|
|
|
I have a very very simple asp.net application with a very very simple page on it, the defaul.aspx.
In the page's code behind I have the usual Page_Load handler where I simply ask myself if it is a postback or not ( if (!IsPostBack) {...}).
How is it possible that, without having any controls on the page, I run into the !IsPostBack three times as I simply call the page ? It is like the page is called three times ....
Is there any explaination to this ridiculous behaviour ?
MSDN doesn' t absolutely talk about details of Load event , it just says it is called at a certain point of the "page life cicle" .-...
|
|
|
|
|
Something is requesting your page multiple times. Maybe it's a misunderstanding about master pages? Or update panels? As you haven't posted any code or given any relevant details and we can't access your system I'm not sure how you are expecting someone to help. Use a tool like Fiddler to capture the network traffic and see if that will help you determine where the requests are coming from.
|
|
|
|
|
Since you haven't provided any code, I'll have to take a guess: your event handler is wired up multiple times.
There are several ways event handlers can be wired to events in ASP.NET; if you've used more than one, then the event will be fired multiple times.
- If AutoEventWireup[^] is set to "True", methods with names like
Page_Load will automatically be wired up to the equivalent event. - If you're using VB.NET, adding the
Handles clause to a method will wire it up to the specified event. - If you have an
OnEventName="Handler" attribute in your markup, that method will be wired up to the specified event. - If you have a
default.aspx.designer.cs / default.aspx.designer.vb file in your project, you might find that it contains code to wire up the event handler.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I have a C# ASP Web project where I’m required to produce a 200+ page PDF to eventually download and open on the browser. I have no experience in building a PDF file, and I was wondering if someone could point me in the right direction. I need a component / product / method that would be able to handle such a large report.
Thank you in advance.
|
|
|
|
|