Example #1
0
        protected string getContents(int pageNum)
        {
            string content = "";

            connect.Open();
            SqlCommand cmd = connect.CreateCommand();

            //Count entries for this topic that are approved, not denied, and not deleted:
            cmd.CommandText = "select count(*) from Entries where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0 ";
            int totalEntries = Convert.ToInt32(cmd.ExecuteScalar());

            g_entries = totalEntries;
            for (int i = 1; i <= totalEntries; i++)
            {
                //Get entry ID:
                cmd.CommandText = "select [entryId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
                string entryId = cmd.ExecuteScalar().ToString();
                //Get entry text:
                cmd.CommandText = "select [entry_text] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
                string entry_text = cmd.ExecuteScalar().ToString();
                //Get entry time:
                cmd.CommandText = "select [entry_time] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
                string entry_time = cmd.ExecuteScalar().ToString();
                //Get entry's creator:
                cmd.CommandText = "select [userId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
                string entry_creatorId = cmd.ExecuteScalar().ToString();
                cmd.CommandText = "select user_firstname from users where userId = '" + entry_creatorId + "' ";
                string creator_name = cmd.ExecuteScalar().ToString();
                cmd.CommandText = "select user_lastname from users where userId = '" + entry_creatorId + "' ";
                creator_name    = creator_name + " " + cmd.ExecuteScalar().ToString();
                //Check if entry has images:
                string imagesHtml = "";
                cmd.CommandText = "select [entry_hasImage] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
                int hasImage = Convert.ToInt32(cmd.ExecuteScalar());
                if (hasImage == 1)
                {
                    //Count total images for this entry:
                    cmd.CommandText = "select count(*) from ImagesForEntries where entryId = '" + entryId + "' ";
                    int totalImages = Convert.ToInt32(cmd.ExecuteScalar());
                    //Loop through images and store their names:
                    for (int j = 1; j <= totalImages; j++)
                    {
                        //Get the entry's images:
                        cmd.CommandText = "select [imageId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY imagesForEntriesId ASC), * FROM [imagesForEntries] where entryId = '" + entryId + "' ) as t where rowNum = '" + j + "'";
                        string imageId = cmd.ExecuteScalar().ToString();
                        //Get the image name:
                        cmd.CommandText = "select image_name from images where imageId = '" + imageId + "' ";
                        string image_name = cmd.ExecuteScalar().ToString();
                        imagesHtml = imagesHtml + "<img src='../../images/" + image_name + "'></img> <br /> <br/>";
                    }
                }
                //Get userId of current user viewing:
                cmd.CommandText = "select userId from Users where loginId = '" + loginId + "' ";
                string userId = cmd.ExecuteScalar().ToString();
                //Get topic creator ID of current user viewing:
                cmd.CommandText = "select topic_createdBy from Topics where topicId = '" + topicId + "' ";
                string topic_creatorId = cmd.ExecuteScalar().ToString();
                content = content + Layouts.postMessage(i, creator_name, entry_time, entry_text, imagesHtml, entry_creatorId, topic_creatorId, userId, entryId, roleId, topicId);
            }
            connect.Close();
            return(content);
        }