Here is an aspx page that can be envoked as
image.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition
The select statement should return a field of the image type which contains a jpg image.
You would use it in an <img> tag as the src value.
<img src=http://www.webdeveloper.com/forum/archive/index.php/image.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition></img>
the resulting jpg will display on the page.
aspx page
-------------------------------------------------------------------------
<%@ Page language="c#" Codebehind="Image.aspx.cs" AutoEventWireup="false" Inherits="PayDentityRoot.Image" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>Image</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body>
<form id="Form1" method="post" runat="server">
</form>
</body>
</HTML>
--------------------------------------------------------------------------
cs file
--------------------------------------------------------------------------
using System;
using System.Data.SqlClient;
using System.Web.UI;
namespace PayDentityRoot
{
/// <summary>
/// Summary description for Image.
/// </summary>
public class Image : Page
{
protected SqlConnection cnn;
protected SqlCommand cmdImage;
private void Page_Load(object sender, EventArgs e)
{
try
{
this.cmdImage.CommandText=Request.Params["SQL"];
cnn.Open();
object o=cmdImage.ExecuteScalar();
byte[] bufr=(byte[])o;
Response.ContentType="image/JPEG";
Response.OutputStream.Write(bufr,0,bufr.Length);
}
catch(Exception except)
{
Response.Write(except.ToString()) ;
}
finally
{
cnn.Close();
}
}
#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form Designer.
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.cnn = new SqlConnection();
this.cmdImage = new SqlCommand();
//
// cnn
//
this.cnn.ConnectionString = "user id=xyz;data source=123.com;initial catalog=databasename;password=password";
//
// cmdImage
//
this.cmdImage.Connection = this.cnn;
this.Load += new EventHandler(this.Page_Load);
}
#endregion
}
}
--------------------------------------------------------------------------mage.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition
That's just begging for an SQL injection attack.
image.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition
The select statement should return a field of the image type which contains a jpg image.
You would use it in an <img> tag as the src value.
<img src=http://www.webdeveloper.com/forum/archive/index.php/image.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition></img>
the resulting jpg will display on the page.
aspx page
-------------------------------------------------------------------------
<%@ Page language="c#" Codebehind="Image.aspx.cs" AutoEventWireup="false" Inherits="PayDentityRoot.Image" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>Image</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body>
<form id="Form1" method="post" runat="server">
</form>
</body>
</HTML>
--------------------------------------------------------------------------
cs file
--------------------------------------------------------------------------
using System;
using System.Data.SqlClient;
using System.Web.UI;
namespace PayDentityRoot
{
/// <summary>
/// Summary description for Image.
/// </summary>
public class Image : Page
{
protected SqlConnection cnn;
protected SqlCommand cmdImage;
private void Page_Load(object sender, EventArgs e)
{
try
{
this.cmdImage.CommandText=Request.Params["SQL"];
cnn.Open();
object o=cmdImage.ExecuteScalar();
byte[] bufr=(byte[])o;
Response.ContentType="image/JPEG";
Response.OutputStream.Write(bufr,0,bufr.Length);
}
catch(Exception except)
{
Response.Write(except.ToString()) ;
}
finally
{
cnn.Close();
}
}
#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form Designer.
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.cnn = new SqlConnection();
this.cmdImage = new SqlCommand();
//
// cnn
//
this.cnn.ConnectionString = "user id=xyz;data source=123.com;initial catalog=databasename;password=password";
//
// cmdImage
//
this.cmdImage.Connection = this.cnn;
this.Load += new EventHandler(this.Page_Load);
}
#endregion
}
}
--------------------------------------------------------------------------mage.aspx?sql=select%20somefield%20from%20sometable%20where%20somecondition
That's just begging for an SQL injection attack.