从数据库中mvc4 _layout显示图像 [英] Display image from database in _layout in mvc4
问题描述
大家好,我有我的 _layout
如下其中工程按我的要求,但这里有几件事情我得到了strucked即我想显示相应的对于我写的图像如下
@if(会话[用户名]!= NULL)
{
< DIV CLASS =LOGGED_INID =user_navigation=服务器>
<标题=您的个人资料的href =>
< IMG ALT =SRC =@ Url.Action(GetPhoto,新的{PHOTOID =会话[用户名]})HEIGHT =50WIDTH =50级=图片/>
&所述; / A>
< / DIV>
}
但是,这是不是说明图像按需要我,所以可以有一个人帮助我,我想从数据库中显示图像用户登录后,我也想显示会议
在一些控制值太
这是我的控制器code
公众的ActionResult GetPhoto(字符串PHOTOID)
{
字节[]照片= NULL;
变种V = db.tblUsers.Where(P => p.UserName == PHOTOID)。选择(IMG = GT; img.Photo).FirstOrDefault();
照片= V;
返回文件(照片,图像/ JPEG);
}
您似乎有与℃的问题; IMG>
语法。它应该是这样的:
< IMG ALT =SRC =@ Url.Action(GetPhoto,用户,新{PHOTOID =会话[用户名]的ToString()} )HEIGHT =50WIDTH =50级=图片/>
根据你似乎已经习惯了在的WebForms实际code查看发动机(的意见章节<%= Html.En code(会话[用户名]) %方式>
)
这是说你有这个code一个更为严重的问题。当前认证的用户不应该作为参数传递。这是一个巨大的安全漏洞。因此,通过摆脱它启动:
< IMG ALT =SRC =@ Url.Action(GetPhoto,用户),HEIGHT =50WIDTH =50级=照片/>
和那么你的控制器动作里面,你可以找回它:
公众的ActionResult GetPhoto()
{
字符串用户=会话[用户名]作为字符串;
字节[] =照片分贝
.tblUsers
。凡(P => p.UserName ==用户)
。选择(IMG = GT; img.Photo)
.FirstOrDefault();
返回文件(照片,图像/ JPEG);
}
Hi all I am having my _layout
as follows which works as per my requirement, but here there are couple of things I got strucked i.e I would like to display the corresponding image for that I write as follows
@if (Session["UserName"] != null)
{
<div class="logged_in" id="user_navigation" runat="server">
<a title="Your Profile" href="">
<img alt="" src="@Url.Action("GetPhoto", new { photoId = Session["UserName"] })" height="50" width="50" class="photo" />
</a>
</div>
}
But this is not showing image as per required for me so can some one help me I would like to display the image from the database after user logged in also I would like to display the session
values in some control too
This is my controller code
public ActionResult GetPhoto(string photoId)
{
byte[] photo = null;
var v = db.tblUsers.Where(p => p.UserName == photoId).Select(img => img.Photo).FirstOrDefault();
photo = v;
return File(photo, "image/jpeg");
}
You seem to have a problem with the <img>
syntax. It should be like this:
<img alt="" src="@Url.Action("GetPhoto","User", new { photoId = Session["UserName"].ToString() })" height="50" width="50" class="photo" />
According to the comments section you seem to have used the WebForms view engine in your actual code (<%= Html.Encode(Session["UserName"]) %>
).
This being said you have a far more serious issue with this code. The currently authenticated user should never be passed as parameter. That's a huge security vulnerability. So start by getting rid of it:
<img alt="" src="@Url.Action("GetPhoto", "User")" height="50" width="50" class="photo" />
and then inside your controller action you could retrieve it:
public ActionResult GetPhoto()
{
string user = Session["UserName"] as string;
byte[] photo = db
.tblUsers
.Where(p => p.UserName == user)
.Select(img => img.Photo)
.FirstOrDefault();
return File(photo, "image/jpeg");
}
这篇关于从数据库中mvc4 _layout显示图像的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!