<%response.ContentType="image/JPEG"%> <% Response.Expires = 0 Response.ExpiresAbsolute = Now() - 1 Response.AddHeader "pragma", "no-cache" Response.AddHeader "cache-control", "private, no-cache, no-store, must-revalidate" %> <% If Not IsLoggedIn And Request.Cookies(ewProjectName)("autologin") = "autologin" And Request.Cookies(ewProjectName)("password") <> "" Then Response.Redirect "login.asp" Call LoadUserLevel() If IsLoggedIn Then ewCurSec = CurrentUserLevelPriv("packages") Else ewCurSec = GetAnonymousPriv("packages") End If If (ewCurSec And ewAllowList) <> ewAllowList Then Response.Redirect "packageslist.asp" %> <% Response.Buffer = True ' Get key x_PackageID = Request.QueryString("PackageID") If x_PackageID = "" Or IsNull(x_PackageID) Then Response.End ' Open Connection to the database Set conn = Server.CreateObject("ADODB.Connection") conn.Open xDb_Conn_Str sFilter = ewSqlKeyWhere If Not IsNumeric(x_PackageID) Then sFilter = "0=1" ' prevent sql injection End If sFilter = Replace(sFilter, "@PackageID", AdjustSql(x_PackageID)) sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, sFilter, "") Set rs = Server.CreateObject("ADODB.Recordset") rs.Open sSql, conn If Not rs.Eof Then 'rs.MoveFirst Response.BinaryWrite rs("PackageImage") End If rs.Close Set rs = Nothing conn.Close Set conn = Nothing %>