//Handles search button click
    public void SearchButton_Click(Object s, EventArgs e)
    {
        //Instantiate validation object
        Utility Util = new Utility();

        //Check for minimum keyword character
        int MinuiumSearchWordLength = 2;
        int SearchWordLength;
        SearchWordLength = find.Value.Length;
        if (SearchWordLength <= MinuiumSearchWordLength)
        {
            //Redirect to keyword too short page
            Util.PageRedirect(10);
        }

        if (this.SelectedValue != null)
        {
            SDropName.SelectedValue = this.SelectedValue;
        }

        string targetUrl = "searchrecipe.aspx";

        targetUrl += "?find=" + Util.FormatTextForInput(find.Value) + "&catid=" + SDropName.SelectedValue;

        //Redirect to the search page
        Response.Redirect(targetUrl);
    }
Beispiel #2
0
    //Handles insert article
    public void Update_Article(Object s, EventArgs e)
    {
        //Instantiate database field
        ArticleInfo UpdateArticle = new ArticleInfo();

        UpdateArticle.ID = (int)Util.Val(Request.QueryString["aid"]);

        UpdateArticle.Title   = Request.Form["Title"];
        UpdateArticle.Content = Request.Form["Content"];
        UpdateArticle.Author  = Request.Form["Author"];
        UpdateArticle.CatID   = int.Parse(Request.Form["CAT_ID"]);
        UpdateArticle.Keyword = Request.Form["Keyword"];
        UpdateArticle.Summary = Request.Form["Summary"];

        Caching.PurgeCacheItems("Newest_Articles");

        //Notify user if error occured.
        if (UpdateArticle.Update() != 0)
        {
            JSLiteral.Text = Util.JSProcessingErrorAlert;
            return;
        }

        //Release allocated memory
        UpdateArticle = null;

        //If success, redirect to article update confirmation page.
        Util.PageRedirect(7);

        Util = null;
    }
        /// <summary>
        /// Perform Admin username and password session validation.
        /// </summary>
        public static void ValidateAdminUserNameandPass()
        {
            //Instantiate utility object
            Utility Util = new Utility();

            Blogic myBL = new Blogic();

            //If it is null, redirect to login page.
            if ((HttpContext.Current.Session["adminuserid"] == null) && (HttpContext.Current.Session["adminpassword"] == null))
            {
                //Redirect to admin login page.
                Util.PageRedirect(6);
                return;
            }

            try
            {
                //Get admin username stored in the database
                IDataReader dr = myBL.AdminGetCredentialSessionValidation;

                dr.Read();

                //Check whether admin username or password match from the admin user database, else redirect to the login page.
                if (HttpContext.Current.Session["adminuserid"].ToString() != dr["uname"].ToString() || HttpContext.Current.Session["adminpassword"].ToString() != dr["password"].ToString())
                {
                    //Redirect to admin login page.
                    Util.PageRedirect(6);
                }

                //Release allocated memory.
                dr.Close();
                dr = null;
                Util = null;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
    //Handles final login process with validation
    private void ProcessLoginCheck(string Username, string UserPwd)
    {
        //Instantiate validation
        Utility Util = new Utility();

        //Instantiate stored procedure logic
        Blogic myBL = new Blogic();

        //Check whether admin username and password exist in the admin user database.
        if (!myBL.AdminUserNameExist(Username))
        {
            lblerror.Text = "Username does not exist";
            JSLiteral.Text = Util.JSAlert("Username does not exist");
            return;
        }
        else if (!myBL.AdminPasswordExist(UserPwd))
        {
            lblerror.Text = "Invalid Password";
            JSLiteral.Text = Util.JSAlert("Invalid Password");
            return;
        }
        else
        {
            //Assign variable for username and password to use for the session.
            string Getadminusername;
            string Getadminpassword;
            Getadminusername = myBL.GetAdminUserNameSession(Username);
            Getadminpassword = myBL.GetAdminPasswordSession(UserPwd);

            myBL = null;

            //Store admin username and password construct in session state
            Session.Add("adminuserid", Getadminusername);
            Session.Add("adminpassword", Getadminpassword);

            //If everything is okay, then redirect to the Admin Recipe Manager page.
            //5 = recipemanager
            Util.PageRedirect(5);
        }
    }
        /// <summary>
        /// Get article title, author, date, hits, rating and content from the DB matching the Article ID provided.
        /// </summary>
        public override void fillup()
        {
            //Instantiate Action Stored Procedure object
            Blogic FetchData = new Blogic();

            //Instantiate object
            Utility Util = new Utility();

            //Parameter 1 = we are dealing with the articledetail.aspx not the admin article update  which is 2.
            IDataReader dr = FetchData.GetArticleDetail(ID, WhatPageID);

            dr.Read();

            if (WhatPageID == constant.intArticleDetails) //Populate articledetail.aspx
                {
                    try
                    {
                        if (dr["Title"] != DBNull.Value)
                        {
                            this._Title = (string)dr["Title"];
                        }
                        if (dr["Author"] != DBNull.Value)
                        {
                            this._Author = (string)dr["Author"];
                        }
                        if (dr["No_Rates"] != DBNull.Value)
                        {
                            this._NoRates = dr["No_Rates"].ToString();
                        }
                        if (dr["HITS"] != DBNull.Value)
                        {
                            this._Hits = (int)dr["HITS"];
                        }
                        if (dr["Rates"] != DBNull.Value)
                        {
                            this._Rating = dr["Rates"].ToString();
                        }
                        if (dr["Content"] != DBNull.Value)
                        {
                            this._Content = (string)dr["Content"];
                        }
                        if (dr["CAT_NAME"] != DBNull.Value)
                        {
                            this._Category = (string)dr["CAT_NAME"];
                        }
                        if (dr["CAT_ID"] != DBNull.Value)
                        {
                            this._CatID = (int)dr["CAT_ID"];
                        }
                        if (dr["Post_Date"] != DBNull.Value)
                        {
                            this._Date = (DateTime)(dr["Post_Date"]);
                        }
                    }
                    catch
                    {
                        //Redirect to page not found.
                        //1 = pagenotfound.aspx
                        Util.PageRedirect(1);
                    }

                    return;
                }
                else if (WhatPageID == constant.intArticleAdminUpdate) //Populate Admin/updatearticle.aspx
                {
                    try
                    {
                        if (dr["Title"] != DBNull.Value)
                        {
                            this._Title = (string)dr["Title"];
                        }
                        if (dr["Author"] != DBNull.Value)
                        {
                            this._Author = (string)dr["Author"];
                        }
                        if (dr["CAT_NAME"] != DBNull.Value)
                        {
                            this._Category = (string)dr["CAT_NAME"];
                        }
                        if (dr["Content"] != DBNull.Value)
                        {
                            this._Content = (string)dr["Content"];
                        }
                        if (dr["Summary"] != DBNull.Value)
                        {
                            this._Summary = (string)dr["Summary"];
                        }
                        if (dr["Keyword"] != DBNull.Value)
                        {
                            this._Keyword = (string)dr["Keyword"];
                        }
                        if (dr["CAT_ID"] != DBNull.Value)
                        {
                            this._CatID = (int)dr["CAT_ID"];
                        }
                        if (dr["Post_Date"] != DBNull.Value)
                        {
                            this._Date = (DateTime)(dr["Post_Date"]);
                        }
                    }

                    catch
                    {
                        //Redirect to page not found.
                        //1 = pagenotfound.aspx
                        Util.PageRedirect(1);
                    }

                    return;
                }
                else if (WhatPageID == constant.intArticleAdminPreview) //Populate Admin/articlepreview.aspx
                {
                    try
                    {
                        if (dr["Title"] != DBNull.Value)
                        {
                            this._Title = (string)dr["Title"];
                        }
                        if (dr["Content"] != DBNull.Value)
                        {
                            this._Content = (string)dr["Content"];
                        }
                    }
                    catch
                    {
                        //Redirect to page not found.
                        //1 = pagenotfound.aspx
                        Util.PageRedirect(1);
                    }

                    return;
                }

                //Release allocated memory
                dr.Close();
                dr = null;
                FetchData = null;
                Util = null;
        }
        /// <summary>
        /// Get recipe name, author, date, hits, rating, ingredients, instructions and other field from the DB matching the Recipe ID provided.
        /// </summary>
        public override void fillup()
        {
            //Instantiate Action Stored Procedure object
            Blogic FetchData = new Blogic();

            //Instantiate object
            Utility Util = new Utility();

            /* The reason why we have to use a conditional statement is because we are dealing with 3 diffrent
             * stored procedures to return the data. Each sproc has its number of columns declared and diffrent where clauses.
             */

            if (WhatPageID == constant.intRecipeDetails) //Populate Recipedetail.aspx database fields
            {
                try
                {
                    IDataReader dr = FetchData.GetRecipeDetail(ID);

                    dr.Read();

                    if (dr["Name"] != DBNull.Value)
                    {
                        this._RecipeName = (string)dr["Name"];
                    }
                    if (dr["Author"] != DBNull.Value)
                    {
                        this._Author = (string)dr["Author"];
                    }
                    if (dr["CAT_ID"] != DBNull.Value)
                    {
                        this._CatID = (int)dr["CAT_ID"];
                    }
                    if (dr["NO_RATES"] != DBNull.Value)
                    {
                        this._NoRates = dr["NO_RATES"].ToString();
                    }
                    if (dr["HITS"] != DBNull.Value)
                    {
                        this._Hits = (int)dr["HITS"];
                    }
                    if (dr["Rates"] != DBNull.Value)
                    {
                        this._Rating = dr["Rates"].ToString();
                    }
                    if (dr["Category"] != DBNull.Value)
                    {
                        this._Category = (string)dr["Category"];
                    }
                    if (dr["Ingredients"] != DBNull.Value)
                    {
                        this._Ingredients = (string)dr["Ingredients"];
                    }
                    if (dr["Instructions"] != DBNull.Value)
                    {
                        this._Instructions = (string)dr["Instructions"];
                    }
                    if (dr["Date"] != DBNull.Value)
                    {
                        this._Date = (DateTime)(dr["Date"]);
                    }
                    if (dr["TOTAL_COMMENTS"] != DBNull.Value)
                    {
                        this._CountComments = (int)dr["TOTAL_COMMENTS"];
                    }
                    if (dr["LINK_APPROVED"] != DBNull.Value)
                    {
                        this._Approved = (int)dr["LINK_APPROVED"];
                    }
                    if (dr["RecipeImage"] != DBNull.Value)
                    {
                        this._RecipeImage = (string)dr["RecipeImage"];
                    }

                    //Release allocated memory
                    dr.Close();
                    dr = null;
                }
                catch
                {
                    //Redirect to page not found.
                    //1 = pagenotfound.aspx
                    Util.PageRedirect(1);
                }

                return;
            }
            else if (WhatPageID == constant.intRecipeAdminViewing) //Populate Admin/viewing.aspx database fields
            {
                try
                {
                    IDataReader dr = FetchData.AdminRecipeApprovalReview(ID);

                    dr.Read();

                    if (dr["Name"] != DBNull.Value)
                    {
                        this._RecipeName = (string)dr["Name"];
                    }
                    if (dr["Author"] != DBNull.Value)
                    {
                        this._Author = (string)dr["Author"];
                    }
                    if (dr["HITS"] != DBNull.Value)
                    {
                        this._Hits = (int)dr["HITS"];
                    }
                    if (dr["Category"] != DBNull.Value)
                    {
                        this._Category = (string)dr["Category"];
                    }
                    if (dr["Ingredients"] != DBNull.Value)
                    {
                        this._Ingredients = (string)dr["Ingredients"];
                    }
                    if (dr["Instructions"] != DBNull.Value)
                    {
                        this._Instructions = (string)dr["Instructions"];
                    }
                    if (dr["Date"] != DBNull.Value)
                    {
                        this._Date = (DateTime)(dr["Date"]);
                    }
                    if (dr["LINK_APPROVED"] != DBNull.Value)
                    {
                        this._Approved = (int)dr["LINK_APPROVED"];
                    }
                    if (dr["HIT_DATE"] != DBNull.Value)
                    {
                        this._HitDate = (DateTime)dr["HIT_DATE"];
                    }

                    //Release allocated memory
                    dr.Close();
                    dr = null;
                }
                catch
                {
                    //Redirect to page not found.
                    //1 = pagenotfound.aspx
                    Util.PageRedirect(1);
                }

                return;
            }
            else if (WhatPageID == constant.intRecipeAdminEditing) //Populate Admin/editing.aspx database fields
            {
                try
                {
                    IDataReader dr = FetchData.GetRecipeDetailForUpdate(ID);

                    dr.Read();

                    if (dr["Name"] != DBNull.Value)
                    {
                        this._RecipeName = (string)dr["Name"];
                    }
                    if (dr["Author"] != DBNull.Value)
                    {
                        this._Author = (string)dr["Author"];
                    }
                    if (dr["HITS"] != DBNull.Value)
                    {
                        this._Hits = (int)dr["HITS"];
                    }
                    if (dr["Ingredients"] != DBNull.Value)
                    {
                        this._Ingredients = (string)dr["Ingredients"];
                    }
                    if (dr["Instructions"] != DBNull.Value)
                    {
                        this._Instructions = (string)dr["Instructions"];
                    }

                    //Release allocated memory
                    dr.Close();
                    dr = null;
                }
                catch
                {
                    //Redirect to page not found.
                    //1 = pagenotfound.aspx
                    Util.PageRedirect(1);
                }

                return;
            }

            //Release allocated memory
            FetchData = null;
            Util = null;
        }
    //Handles comment posting
    public void Add_Comment(Object s, EventArgs e)
    {
        //Perform spam validation by matching the value of the textbox security code to the session variable
        //that store the random number.
        if (Page.IsValid && (txtsecfield.Text.ToString() == Session["randomStr"].ToString()))
        {
            //Instantiate object
            Utility Util = new Utility();

            //If all the fields are filled correctly, then process the comment post.
            //Instantiate the SQL command object
            CommentInfo AddComm = new CommentInfo();

            AddComm.ID = (int)Util.Val(Request.QueryString["id"]);

            //Filters harmful scripts from input string.
            AddComm.Author = Util.FormatTextForInput(Request.Form[AUTHOR.UniqueID]);
            AddComm.Email = Util.FormatTextForInput(Request.Form[EMAIL.UniqueID]);
            AddComm.Comments = Util.FormatTextForInput(Request.Form[COMMENTS.UniqueID]);

            #region Comment Form Input Validator
            //Validate for empty name
            if (AddComm.Author.Length == 0)
            {
                JSLiteral.Text = Util.JSAlert("Error: Name is empty, please enter your name.");
                lbvalenght.Text = "<br>Error: Name is empty, please enter your name.";
                lbvalenght.Visible = true;
                txtsecfield.Text = "";
                return;
            }
            //Validate for empty email
            if (AddComm.Email.Length == 0)
            {
                JSLiteral.Text = Util.JSAlert("Error: Email is empty, please enter your email.");
                lbvalenght.Text = "<br>Error: Email is empty, please enter your email.";
                lbvalenght.Visible = true;
                txtsecfield.Text = "";
                return;
            }
            //Validate for empty comments
            if (AddComm.Comments.Length == 0)
            {
                JSLiteral.Text = Util.JSAlert("Error: Comment is empty, please your comment.");
                lbvalenght.Text = "<br>Error: Comment is empty, please your comment.";
                lbvalenght.Visible = true;
                txtsecfield.Text = "";
                return;
            }

            //Name maximum of 50 char allowed
            if (AddComm.Author.Length > 50)
            {
                JSLiteral.Text = Util.JSAlert("Error: Name is too long. Max of 50 characters.");
                lbvalenght.Text = "<br>Error: Name is too long. Max of 50 characters.";
                lbvalenght.Visible = true;
                AUTHOR.Value = "";
                txtsecfield.Text = "";
                return;
            }
            //Email maximum of 50 char allowed
            if (AddComm.Email.Length > 50)
            {
                JSLiteral.Text = Util.JSAlert("Error: Email is too long. Max of 50 characters.");
                lbvalenght.Text = "<br>Error: Email is too long. Max of 50 characters.";
                lbvalenght.Visible = true;
                EMAIL.Value = "";
                txtsecfield.Text = "";
                return;
            }
            //Comments maximum of 200 char allowed
            if (AddComm.Comments.Length > 200)
            {
                JSLiteral.Text = Util.JSAlert("Error: Comments is too long. Max of 200 characters.");
                lbvalenght.Text = "<br>Error: Comments is too long. Max of 200 characters.";
                lbvalenght.Visible = true;
                txtsecfield.Text = "";
                return;
            }
            #endregion

            //Notify user if error occured.
            if (AddComm.Add() != 0)
            {
                JSLiteral.Text = Util.JSAlert("A database error occured while processing your request.");
                return;
            }

            //Instantiate email template object
            EmailTemplate SendEmail = new EmailTemplate();

            SendEmail.ItemID = AddComm.ID;
            SendEmail.ItemName = strRName;

            //Send an email notification to the webmaster in HTML format.
            SendEmail.SendEmailCommentNotify();

            //Release allocated memory
            SendEmail = null;
            AddComm = null;

            //If success, redirect to confirmation and thank you page.
            Util.PageRedirect(4);

            Util = null;
        }
        else
        {
            //Javascript validation
            JSLiteral.Text = Util.JSAlert("Invalid security code. Make sure you type it correctly.");
            return;

           // lblinvalidsecode.Text = "Invalid security code. Make sure you type it correctly.";
           // lblinvalidsecode.Visible = true;
        }
    }