protected void Delete_Comment(object sender, EventArgs e)
{
var idStr = (sender as LinkButton).CommandArgument;
var id = int.Parse(idStr);
using (var dbCtx = new GuestbookContext())
{
var commentToDelete = (
from c in dbCtx.Comments
where c.ID == id
select c).FirstOrDefault();
dbCtx.Comments.Remove(commentToDelete);
dbCtx.SaveChanges();
Response.Redirect(Request.RawUrl);
}
}
protected void Button_Click(object sender, EventArgs e)
{
using (var dbCtx = new GuestbookContext())
{
bool ok = true;
if (string.IsNullOrWhiteSpace(NicknameInput.Text) || string.IsNullOrWhiteSpace(EmailInput.Text) || string.IsNullOrWhiteSpace(ContentInput.Text))
{
ok = false;
ValidateForNullOrWhitespace.Visible = true;
}
if ((NicknameInput.Text.Contains("<script") && NicknameInput.Text.EndsWith(">")) &&
(EmailInput.Text.Contains("<script") && NicknameInput.Text.EndsWith(">")) &&
(ContentInput.Text.Contains("<script") && NicknameInput.Text.EndsWith(">")))
{
ok = false;
ValidateForHacks.Visible = true;
ValidateForNullOrWhitespace.Visible = false;
}
if (ok)
{
var comment = new Comment
{
Nickname = NicknameInput.Text,
Email = EmailInput.Text,
Content = ContentInput.Text,
TimeOfComment = DateTime.Now
};
dbCtx.Comments.Add(comment);
dbCtx.SaveChanges();
Response.Redirect(Request.RawUrl);
}
}
}
public GuestbookRepository()
{
_guestbookContext = new GuestbookContext();
}
