图片image和byte处理,fileupload上传图片 Virus

--
这是通过浏览某图片，把他存放到数据库中

string filename = txt_filename.Text;
        string filecomment = txt_filecomment.Text;
        string SlaveFileName = FileUpload1.PostedFile.FileName;
        byte[] FileContent_img = null;
        DateTime UploadTime = DateTime.Now.Date;

        string id = lbl_id.Text;
        RemoteRule remoteRule = (RemoteRule)GetRemoteingObjectByType(typeof(RemoteRule), "remoterule");
        DataSet ds = new DataSet();
        if (id == "")
        {
            ds = remoteRule.GetRuleByID(-1);
            DataRow dr = ds.Tables[0].NewRow();
            if (SlaveFileName != "")
            {
                //读取所上传的文件的二进制流
                HttpPostedFile file1 = FileUpload1.PostedFile;
                int filelength = Convert.ToInt32(file1.InputStream.Length);
                FileContent_img = new byte[filelength];
                file1.InputStream.Read(FileContent_img, 0, filelength);//这里所说的二进制流表现为什么样
            }
            else
            {
                SlaveFileName = null;
            }

            dr["FileName_ch"] = filename;
            dr["FileDesc_ch"] = filecomment;
            dr["SlaveFileName_ch"] = SlaveFileName;
            dr["FileContent_img"] = FileContent_img;
            dr["UploadUser_ch"] = this.SystemModuleSettings.UserManage.CurrUserInfo["RealName"].ToString();
            dr["UploadTime_dt"] = UploadTime;
            ds.Tables[0].Rows.Add(dr);
            string result = remoteRule.InsRule(ds);
            if (result == "")
            {
                Response.Write(" <script>alert('插入不成功') </script>");
            }
            else
            {
                if (result != "f")
                {
                    Response.Write(" <script>alert('插入成功') </script>");
                    ViewState["PageState"] = "edit";
                    lbl_id.Text = result.Substring(result.IndexOf(",") + 1);
                    setControlsValue();
                }
                else
                {
                    Response.Write(" <script>alert('插入不成功') </script>");
                }
            }
        } 

--
显示图片的

byte[] Image_img = (byte[])ds_image.Tables[0].Rows[0]["Image_im"];
                            if (Image_img.Length == 0)
                                return;
                            int filelength = Image_img.Length;
                            string imageName = ds_image.Tables[0].Rows[0][1].ToString() + "1" + ".jpg";
                            string myUrl = HttpContext.Current.Server.MapPath(this.Request.ApplicationPath) + @"\TempDownLoad\" + imageName;
                            FileStream fs = new FileStream(myUrl, FileMode.OpenOrCreate);
                            BinaryWriter w = new BinaryWriter(fs);
                            w.BaseStream.Write(Image_img, 0, filelength);
                            w.Flush();
                            w.Close();

                            Image1.ImageUrl = Context.Request.ApplicationPath + "/TempDownLoad/" + imageName;
                            Bitmap bitmap = new Bitmap(myUrl);
                            Image1.Width = bitmap.Width;
                            Image1.Height = bitmap.Height;