Beispiel #1
0
 public Menu()
 {
     ParentId = string.Empty;
     Id = DateTime.Now.ToString("yyddmmHHss");
     Page = new ContentPage();
 }
 public ActionResult AddPage(PageModel adPageModel)
 {
     if (!User.Identity.IsAuthenticated)
         return RedirectToAction("LogOn", "Account");
     string domain = Utilities.GetMyDomain(Request.Url);
     var scope = ObjectScopeProvider1.GetNewObjectScope();
     var users = (from c in scope.GetOqlQuery<UserAuthentication>().ExecuteEnumerable()
                  where
                      c.Username.ToLower().Equals(User.Identity.Name.ToLower()) &&
                      c.Domain.ToLower().Equals(domain.ToLower())
                  select c).ToList();
     if (users.Count == 0)
     {
         ViewData["Status"] = "You are not authorized for this domain [" + domain + "] control panel.";
         return View("Status");
     }
     if (ModelState.IsValid)
     {
         var contentPage = new ContentPage { Name = adPageModel.PageTitle, Content = adPageModel.Content, Id = DateTime.Now.Ticks.ToString(), DomainName = domain };
         scope.Transaction.Begin();
         scope.Add(contentPage);
         scope.Transaction.Commit();
         try
         {
             using (var connection = new SqlConnection("Data Source=208.91.198.196;Initial Catalog=admin_domain2hostcms;Persist Security Info=True;User ID=domain2hostcms;Password=password@123"))
             {
                 connection.Open();
                 string qry = "update content_page set [<_content>k___backing_field] = '" + adPageModel.Content.Replace("'", "''") + "' where [<_id>k___backing_field]='" + contentPage.Id + "'";
                 var command = new SqlCommand(qry, connection);
                 command.ExecuteNonQuery();
                 connection.Close();
             }
         }
         catch (Exception)
         {
             LoadPages();
             return View("Pages");
         }
         LoadPages();
         return View("Pages");
     }
     return View(adPageModel);
 }