Example #1
0
        public ActionResult GetImage([FromQuery] Image imageObj)
        {
            if (imageObj.FileName.Contains(".."))
            {
                return(null);
            }


            var path = Path.Combine("/Image/" + imageObj.ContentType, imageObj.FileName);

            return(base.File(path, "image/" + imageObj.FileName.Substring(imageObj.FileName.Length - 3)));
        }
Example #2
0
        public async Task <ActionResult> DeleteImage([FromQuery] Image imageObj)
        {
            //delete from table
            using (IDbConnection conn = Connection)
            {
                Console.WriteLine("\n DeleteImage::" + imageObj.FileName + ", from:" + imageObj.ContentType);
                var sql          = "DELETE  FROM image WHERE file_name = @file_name";
                var affectedRows = conn.Execute(sql, new{ file_name = imageObj.FileName });
            }


            if (deleteImageInternal(imageObj.FileName, imageObj.FileName))
            {
                return(Json("Deleted::" + imageObj.FileName));
            }
            else
            {
                return(Json("Failed to delete Image"));
            }
        }