/// <summary>
///
/// </summary>
/// <param name="data"></param>
/// <param name="thread_id"></param>
/// <param name="files"></param>
/// <param name="dump">File in each post</param>
/// <param name="count_files"></param>
/// <param name="con"></param>
/// <returns></returns>
public static int ReplyTo(OPData data, int thread_id, HttpPostedFile[] files, bool dump, bool count_files, DbConnection con)
{
if (files.Length > 1) //multiple files
{
data.HasFile = true;
if (dump) //file in each post
{
int file_count = files.Length;
int last_post_id = 0;
for (int file_index = 0; file_index < file_count; file_index++)
{
HttpPostedFile file = files[file_index];
if (count_files)
{
if (file_index == 0)
{
//first post, keep comment data
data.Comment = data.Comment + Environment.NewLine + string.Format("{0}/{1}", file_index + 1, file_count);
}
else
{
data.Comment = string.Format("{0}/{1}", file_index + 1, file_count);
}
}
else
{
//file are not counted, but all posts except the first one have null comment
if (file_index != 0)
{
data.Comment = "";
}
}
int post_id = save_single_post(data, thread_id, con);
try
{
save_post_file(post_id, file, con);
last_post_id = post_id;
}
catch (Exception)
{
//unable to save the file, so we delete the blank post
delete_post_from_database(post_id, con);
}
}
return last_post_id;
}
else //single post with multiple files
{
int post_id = save_single_post(data, thread_id, con);
int saved_files = 0;
foreach (HttpPostedFile file in files)
{
try
{
save_post_file(post_id, file, con);
saved_files++;
}
catch (Exception)
{ }
}
if (string.IsNullOrEmpty(data.Comment))
{
if (saved_files == 0)
{
delete_post_from_database(post_id, con);
}
}
return post_id;
}
}
else if (files.Length == 1) //single files
{
data.HasFile = true;
int post_id = save_single_post(data, thread_id, con);
try
{
save_post_file(post_id, files[0], con);
}
catch (Exception)
{
delete_post_from_database(post_id, con);
throw;
}
return post_id;
}
else //no files
{
data.HasFile = false;
return save_single_post(data, thread_id, con);
}
}
public static int MakeThread(OPData data, HttpPostedFile file, DbConnection con)
{
using (DbCommand dc = DatabaseEngine.GenerateDbCommand(con))
{
dc.CommandText = "INSERT INTO board (type, time, comment, postername, trip, email, password, subject, IP, ua, mta, locked, sticky, hasFile, bumplevel) VALUES " +
"(@type, @time, @comment, @postername, @trip, @email, @password, @subject, @IP, @ua, @mta, @locked, @sticky, @hasFile, @bumplevel) ; SELECT ID FROM board WHERE (time = @time) AND (IP = @IP)";
dc.Parameters.Add(DatabaseEngine.MakeParameter("@type", 0, System.Data.DbType.Int32)); // Mark the post as a thread
dc.Parameters.Add(DatabaseEngine.MakeParameter("@time", data.Time, System.Data.DbType.DateTime));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@comment", data.Comment, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@postername", data.Name, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@trip", data.Trip, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@email", data.Email, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@password", data.Password, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@subject", data.Subject, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@IP", data.IP, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@ua", data.UserAgent, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@mta", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@locked", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@sticky", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@hasFile", data.HasFile, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@bumplevel", DateTime.UtcNow, System.Data.DbType.DateTime));
int post_id = -1;
using (DbDataReader reader = dc.ExecuteReader())
{
while (reader.Read())
{
post_id = reader.GetInt32(0);
}
}
if (post_id > 0)
{
if (ApplicationSettings.EnableUserID)
{
dc.Parameters.Clear();
dc.CommandText = "UPDATE board SET posterID = @posterID WHERE (ID = @tid)";
dc.Parameters.Add(DatabaseEngine.MakeParameter("@posterID", GenerateUserID(post_id, data.IP), System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@tid", post_id, System.Data.DbType.Int32));
dc.ExecuteNonQuery();
}
if (data.HasFile)
{
try
{
save_post_file(post_id, file, con);
}
catch (Exception)
{
//delete the thread
delete_post_from_database(post_id, con);
throw;
}
}
}
return post_id;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!ApplicationSettings.PostingEnabled)
{
Response.StatusCode = 403;
this.Response.Write(Language.Lang.postingisdisabled);
this.Response.End();
}
if (string.IsNullOrEmpty(Request["mode"]))
{
Response.StatusCode = 403;
Response.Write("403");
Response.End();
}
using (DbConnection con = DatabaseEngine.GetDBConnection())
{
con.Open();
//check bans
if (Board.BanHandler.IsIPBanned(Request.UserHostAddress, con))
{
Response.Redirect(Paths.WebRoot + "banned.aspx", true);
}
//bool is_admin = false;
//bool is_mod = false;
bool all_ok = true;
//check flood
//check captcha
if (!CaptchaProvider.Verifiy(this.Context))
{
this.Response.Write(Language.Lang.wrongcaptcha);
this.Response.End();
}
//check file sizes
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFile file = Request.Files[i];
if (file.ContentLength > ApplicationSettings.MaximumFileSize)
{
Response.Write(string.Format("The file '{0}' is larger than the allowed limit {1}.", file.FileName, ApplicationSettings.MaximumFileSize));
all_ok = false;
break;
}
}
if (all_ok)
{
switch (Request["mode"])
{
case "thread":
if (Request.Files.Count == 0 | Request.Files["ufile"].ContentLength == 0)
{
Response.Write("You need a file to start a thread");
}
else
{
OPData op_data = new DataTypes.OPData()
{
Comment = Request["comment"],
Email = Request["email"],
Name = Request["name"],
Subject = Request["subject"],
Password = Request["password"],
HasFile = true,
IP = Request.UserHostAddress,
UserAgent = Request.UserAgent,
Time = DateTime.UtcNow
};
int thread_id = -1;
try
{
thread_id = Board.BoardCommon.MakeThread(op_data, Request.Files["ufile"], con);
Response.Redirect(Paths.WebRoot + "default.aspx?id=" + thread_id.ToString(), true);
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
break;
case "reply":
if (string.IsNullOrEmpty(Request["threadid"]))
{
Response.Write("Thread id is not specified");
}
else
{
int thread_id = -1;
try
{
thread_id = Convert.ToInt32(Request["threadid"]);
if (thread_id <= 0)
{
Response.Write("Invalid thread id");
Response.End();
}
}
catch (Exception)
{
Response.Write("Invalid thread id");
Response.End();
}
ThreadInfo t_info = BoardCommon.GetThreadInfo(thread_id, con);
if (t_info.isGone)
{
Response.Write("Thread does not exist.");
Response.End();
}
if (t_info.isLocked)
{
Response.Write("Thread is locked.");
Response.End();
}
if (t_info.isArchived)
{
Response.Write("Thread is archived.");
Response.End();
}
if (ApplicationSettings.EnableImpresonationProtection)
{
//do stuffs
}
List <HttpPostedFile> proper_files = new List <HttpPostedFile>();
//Discard any empty file field
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFile file = Request.Files[i];
if (file.ContentLength > 0)
{
proper_files.Add(file);
}
}
bool file_in_each_post = (Request["finp"] == "yes");
bool count_files = (Request["countf"] == "yes");
bool sage = (Request["email"] == "sage");
OPData op_data = new OPData()
{
Comment = Request["comment"],
Email = sage ? "" : Request["email"],
Name = Request["name"],
Subject = Request["subject"],
Password = Request["password"],
IP = Request.UserHostAddress,
UserAgent = Request.UserAgent,
Time = DateTime.UtcNow
};
int reply_id = -1;
try
{
reply_id = BoardCommon.ReplyTo(op_data, thread_id, proper_files.ToArray(), file_in_each_post, count_files, con);
if (reply_id > 0)
{
//Update thread body
if (ApplicationSettings.CacheIndexView)
{
IndexView.UpdateThreadIndex(thread_id, con);
}
if (ApplicationSettings.CacheThreadView)
{
ThreadView.UpdateThreadBody(thread_id, con);
}
if (!sage)
{
BoardCommon.BumpThread(thread_id, con);
}
Response.Redirect(Paths.WebRoot + string.Format("default.aspx?id={0}#p{1}", thread_id, reply_id));
}
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
break;
default:
Response.Write(string.Format("Invalid posting mode '{0}'", Request["mode"]));
break;
} //mode switch block
} // if all ok block
} // database connection using block
} //page load void
private static int save_single_post(OPData data, int thread_id, DbConnection con)
{
using (DbCommand dc = DatabaseEngine.GenerateDbCommand(con))
{
dc.CommandText = "INSERT INTO board (type, time, comment, postername, trip, email, password, parentT, subject, IP, ua, posterID, mta, locked, sticky, hasFile) VALUES " +
"(@type, @time, @comment, @postername, @trip, @email, @password, @parentT, @subject, @IP, @ua, @posterId, @mta, @locked, @sticky, @hasFile) ; SELECT ID FROM board WHERE (time = @time) AND (IP = @IP)";
dc.Parameters.Add(DatabaseEngine.MakeParameter("@type", 1, System.Data.DbType.Int32)); // Mark the post as a reply
dc.Parameters.Add(DatabaseEngine.MakeParameter("@parentT", thread_id, System.Data.DbType.Int32));//Set the post owner thread
dc.Parameters.Add(DatabaseEngine.MakeParameter("@time", data.Time, System.Data.DbType.DateTime));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@comment", data.Comment, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@postername", data.Name, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@trip", data.Trip, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@email", data.Email, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@password", data.Password, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@subject", data.Subject, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@IP", data.IP, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@ua", data.UserAgent, System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@posterId", ApplicationSettings.EnableUserID ? GenerateUserID(thread_id, data.IP) : "", System.Data.DbType.String));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@mta", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@locked", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@sticky", false, System.Data.DbType.Boolean));
dc.Parameters.Add(DatabaseEngine.MakeParameter("@hasFile", data.HasFile, System.Data.DbType.Boolean));
int post_id = -1;
using (DbDataReader reader = dc.ExecuteReader())
{
while (reader.Read())
{
post_id = reader.GetInt32(0);
}
}
return post_id;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!ApplicationSettings.PostingEnabled)
{
Response.StatusCode = 403;
this.Response.Write(Language.Lang.postingisdisabled);
this.Response.End();
}
if (string.IsNullOrEmpty(Request["mode"]))
{
Response.StatusCode = 403;
Response.Write("403");
Response.End();
}
using (DbConnection con = DatabaseEngine.GetDBConnection())
{
con.Open();
//check bans
if (Board.BanHandler.IsIPBanned(Request.UserHostAddress, con))
{
Response.Redirect(Paths.WebRoot + "banned.aspx", true);
}
//bool is_admin = false;
//bool is_mod = false;
bool all_ok = true;
//check flood
//check captcha
if (!CaptchaProvider.Verifiy(this.Context))
{
this.Response.Write(Language.Lang.wrongcaptcha);
this.Response.End();
}
//check file sizes
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFile file = Request.Files[i];
if (file.ContentLength > ApplicationSettings.MaximumFileSize)
{
Response.Write(string.Format("The file '{0}' is larger than the allowed limit {1}.", file.FileName, ApplicationSettings.MaximumFileSize));
all_ok = false;
break;
}
}
if (all_ok)
{
switch (Request["mode"])
{
case "thread":
if (Request.Files.Count == 0 | Request.Files["ufile"].ContentLength == 0)
{
Response.Write("You need a file to start a thread");
}
else
{
OPData op_data = new DataTypes.OPData()
{
Comment = Request["comment"],
Email = Request["email"],
Name = Request["name"],
Subject = Request["subject"],
Password = Request["password"],
HasFile = true,
IP = Request.UserHostAddress,
UserAgent = Request.UserAgent,
Time = DateTime.UtcNow
};
int thread_id = -1;
try
{
thread_id = Board.BoardCommon.MakeThread(op_data, Request.Files["ufile"], con);
Response.Redirect(Paths.WebRoot + "default.aspx?id=" + thread_id.ToString(), true);
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
break;
case "reply":
if (string.IsNullOrEmpty(Request["threadid"]))
{
Response.Write("Thread id is not specified");
}
else
{
int thread_id = -1;
try
{
thread_id = Convert.ToInt32(Request["threadid"]);
if (thread_id <= 0)
{
Response.Write("Invalid thread id");
Response.End();
}
}
catch (Exception)
{
Response.Write("Invalid thread id");
Response.End();
}
ThreadInfo t_info = BoardCommon.GetThreadInfo(thread_id, con);
if (t_info.isGone)
{
Response.Write("Thread does not exist.");
Response.End();
}
if (t_info.isLocked)
{
Response.Write("Thread is locked.");
Response.End();
}
if (t_info.isArchived)
{
Response.Write("Thread is archived.");
Response.End();
}
if (ApplicationSettings.EnableImpresonationProtection)
{
//do stuffs
}
List<HttpPostedFile> proper_files = new List<HttpPostedFile>();
//Discard any empty file field
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFile file = Request.Files[i];
if (file.ContentLength > 0)
{
proper_files.Add(file);
}
}
bool file_in_each_post = (Request["finp"] == "yes");
bool count_files = (Request["countf"] == "yes");
bool sage = (Request["email"] == "sage");
OPData op_data = new OPData()
{
Comment = Request["comment"],
Email = sage ? "" : Request["email"],
Name = Request["name"],
Subject = Request["subject"],
Password = Request["password"],
IP = Request.UserHostAddress,
UserAgent = Request.UserAgent,
Time = DateTime.UtcNow
};
int reply_id = -1;
try
{
reply_id = BoardCommon.ReplyTo(op_data, thread_id, proper_files.ToArray(), file_in_each_post, count_files, con);
if (reply_id > 0)
{
//Update thread body
if (ApplicationSettings.CacheIndexView)
{
IndexView.UpdateThreadIndex(thread_id, con);
}
if (ApplicationSettings.CacheThreadView)
{
ThreadView.UpdateThreadBody(thread_id, con);
}
if (!sage)
{
BoardCommon.BumpThread(thread_id, con);
}
Response.Redirect(Paths.WebRoot + string.Format("default.aspx?id={0}#p{1}", thread_id, reply_id));
}
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
break;
default:
Response.Write(string.Format("Invalid posting mode '{0}'", Request["mode"]));
break;
} //mode switch block
} // if all ok block
} // database connection using block
}
