<% Response.Expires = 0 Response.ExpiresAbsolute = Now() - 1 Response.AddHeader "pragma", "no-cache" Response.AddHeader "cache-control", "private, no-cache, no-store, must-revalidate" %> <% If Not IsLoggedIn And Request.Cookies(ewProjectName)("autologin") = "autologin" And Request.Cookies(ewProjectName)("password") <> "" Then Response.Redirect "login.asp" Call LoadUserLevel() If IsLoggedIn Then ewCurSec = CurrentUserLevelPriv("nilecruises") Else ewCurSec = GetAnonymousPriv("nilecruises") End If If (ewCurSec And ewAllowList) <> ewAllowList Then Response.Redirect "nilecruiseslist.asp" %> <% Response.Buffer = True ' Get key x_NileCruiseID = Request.QueryString("NileCruiseID") If x_NileCruiseID = "" Or IsNull(x_NileCruiseID) Then Response.End ' Open Connection to the database Set conn = Server.CreateObject("ADODB.Connection") conn.Open xDb_Conn_Str sFilter = ewSqlKeyWhere If Not IsNumeric(x_NileCruiseID) Then sFilter = "0=1" ' prevent sql injection End If sFilter = Replace(sFilter, "@NileCruiseID", AdjustSql(x_NileCruiseID)) sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, sFilter, "") Set rs = Server.CreateObject("ADODB.Recordset") rs.Open sSql, conn If Not rs.Eof Then 'rs.MoveFirst Response.BinaryWrite rs("Photo5") End If rs.Close Set rs = Nothing conn.Close Set conn = Nothing %>