事件处理程序上的方法签名不正确。您需要将 RepeaterCommandEventArgs 更改为RepeaterItemEventArgs。
protected void Repeater1_ItemDataBound(object source, RepeaterItemEventArgs e)
{
}
这将解决您的错误,但是对于您正在尝试做的事情,我不确定这是否是显示解密图像的好方法。我建议创建一个通用处理程序,通过传入 id 即时解密你的图像,一旦传递了 id,你就可以解密并写出到屏幕上。
public class DisplayImage : IHttpHandler
{
/// <summary>
/// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler" /> interface.
/// </summary>
/// <param name="context">An <see cref="T:System.Web.HttpContext" /> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param>
public void ProcessRequest(HttpContext context)
{
if (!this.HasAccess())
{
context.Response.End();
return;
}
string requestFileName = context.Request.QueryString["FileName"];
DecryptFile(requestFileName, context);
}
/// <summary>
/// Gets a value indicating whether another request can use the <see cref="T:System.Web.IHttpHandler" /> instance.
/// </summary>
/// <value><c>true</c> if this instance is reusable; otherwise, <c>false</c>.</value>
/// <returns>true if the <see cref="T:System.Web.IHttpHandler" /> instance is reusable; otherwise, false.</returns>
public bool IsReusable
{
get
{
return false;
}
}
/// <summary>
/// Determines whether the user has access to display an image.
/// </summary>
/// <returns><c>true</c> if this instance has access; otherwise, <c>false</c>.</returns>
private bool HasAccess()
{
// Check if user is logged in and has permissions
// to do the decryption
// use your own logic here
return true;
}
/// <summary>
/// Decrypts the file and outputs to the response buffer
/// </summary>
/// <param name="inputFile">The input file.</param>
/// <param name="context">The context.</param>
private void DecryptFile(string inputFile, HttpContext context)
{
if (PathTraversalCheck(inputFile))
{
context.Response.End();
return;
}
// get the base directory
inputFile = Path.Combine(ConfigurationManager.AppSettings["filedirectory"], inputFile);
if (!File.Exists())
{
context.Response.End();
return;
}
string password = @"myKey123"; // Your Key Here
UnicodeEncoding UE = new UnicodeEncoding();
byte[] key = UE.GetBytes(password);
using (FileStream encryptedFile = new FileStream(inputFile, FileMode.Open))
{
RijndaelManaged rijndael = new RijndaelManaged();
using (MemoryStream output = new MemoryStream())
{
using (CryptoStream cryptoStream = new CryptoStream(encryptedFile, rijndael.CreateDecryptor(key, key), CryptoStreamMode.Read))
{
// write to the memory stream
var buffer = new byte[1024];
var read = cryptoStream.Read(buffer, 0, buffer.Length);
while (read > 0)
{
output.Write(buffer, 0, read);
read = cryptoStream.Read(buffer, 0, buffer.Length);
}
cryptoStream.Flush();
// output to the response buffer
context.Response.ContentType = "image/jpeg";
context.Response.BinaryWrite(output.ToArray());
}
}
}
}
/// <summary>
/// Checks for a path traversal attack
/// </summary>
/// <param name="inputFile">The input file.</param>
/// <returns>System.String.</returns>
private bool PathTraversalCheck(string inputFile)
{
if (inputFile.Contains(".") || inputFile.Contains('\\') || inputFile.Contains('/'))
{
return true;
}
return false;
}
}
在您的转发器中,您只需将带有 src 设置的 img 标签放入处理程序。
<ItemTemplate>
<img src="DisplayImage.ashx?FIleName=<%# DataBinder.Eval(Container.DataItem, "FileName" )%>" />
</ItemTemplate>
我还要更改的其他内容是我不会将我的密钥存储在源代码中,通过反编译 dll 可以轻松读取。相反,您应该将其存储在您的 web.config 中并加密 web.config。查看http://msdn.microsoft.com/library/dtkwfdky.aspx以获取说明。