public int Update()
{
using (var db = new MySqlDapperHelper())
{
db.BeginTransaction();
try
{
int r = 0;
string sql = @"
UPDATE t_ticket
SET
title = @title
WHERE
ticket_id = @ticket_id
";
r += db.Execute(sql, this);
db.Commit();
return(r);
}
catch (Exception ex)
{
db.Rollback();
throw ex;
}
}
}
public IActionResult Save(BoardModel input)
{
using (var db = new MySqlDapperHelper())
{
db.BeginTransaction();
try
{
//input.TITLE 및 input.CONTENTS 검증 필요
//특히 contents 는 xss와 같은 script태그나 img 태그 공격도 체크해야함....
input.REG_IP = HttpContext.Connection.RemoteIpAddress.ToString();
input.REG_USER = User.Identity.Name; //USER의 고유 ID를 Claim에 저장하고 가져오는 방법????
input.REG_USERNAME = User.Identity.Name;
input.Insert(db);
db.Commit();
}
catch (Exception ex)
{
db.Rollback();
return(Json(new { msg = ex.Message }));
}
return(Json(new { msg = "OK" }));
}
}
public async Task <IActionResult> WritePost(MBoard input)
{
using (var db = new MySqlDapperHelper())
{
db.BeginTransaction();
try
{
input.CONTENTS = new Ganss.XSS.HtmlSanitizer().Sanitize(input.CONTENTS);
input.REG_UID = _login.U_ID; //USER의 고유 ID를 Claim에 저장하고 가져오는 방법????
input.REG_USERNAME = _login.USER_NAME;
input.REG_IP = HttpContext.Connection.GetRemoteIpAddress();
await input.Insert(db);
db.Commit();
}
catch (Exception ex)
{
db.Rollback();
return(Json(new { msg = ex.Message }));
}
return(Json(new { msg = "OK" }));
}
}