//Handles search button click
public void SearchButton_Click(Object s, EventArgs e)
{
//Instantiate validation object
Utility Util = new Utility();
//Check for minimum keyword character
int MinuiumSearchWordLength = 2;
int SearchWordLength;
SearchWordLength = find.Value.Length;
if (SearchWordLength <= MinuiumSearchWordLength)
{
//Redirect to keyword too short page
Util.PageRedirect(10);
}
if (this.SelectedValue != null)
{
SDropName.SelectedValue = this.SelectedValue;
}
string targetUrl = "searchrecipe.aspx";
targetUrl += "?find=" + Util.FormatTextForInput(find.Value) + "&catid=" + SDropName.SelectedValue;
//Redirect to the search page
Response.Redirect(targetUrl);
}
//Handles insert article
public void Update_Article(Object s, EventArgs e)
{
//Instantiate database field
ArticleInfo UpdateArticle = new ArticleInfo();
UpdateArticle.ID = (int)Util.Val(Request.QueryString["aid"]);
UpdateArticle.Title = Request.Form["Title"];
UpdateArticle.Content = Request.Form["Content"];
UpdateArticle.Author = Request.Form["Author"];
UpdateArticle.CatID = int.Parse(Request.Form["CAT_ID"]);
UpdateArticle.Keyword = Request.Form["Keyword"];
UpdateArticle.Summary = Request.Form["Summary"];
Caching.PurgeCacheItems("Newest_Articles");
//Notify user if error occured.
if (UpdateArticle.Update() != 0)
{
JSLiteral.Text = Util.JSProcessingErrorAlert;
return;
}
//Release allocated memory
UpdateArticle = null;
//If success, redirect to article update confirmation page.
Util.PageRedirect(7);
Util = null;
}
/// <summary>
/// Perform Admin username and password session validation.
/// </summary>
public static void ValidateAdminUserNameandPass()
{
//Instantiate utility object
Utility Util = new Utility();
Blogic myBL = new Blogic();
//If it is null, redirect to login page.
if ((HttpContext.Current.Session["adminuserid"] == null) && (HttpContext.Current.Session["adminpassword"] == null))
{
//Redirect to admin login page.
Util.PageRedirect(6);
return;
}
try
{
//Get admin username stored in the database
IDataReader dr = myBL.AdminGetCredentialSessionValidation;
dr.Read();
//Check whether admin username or password match from the admin user database, else redirect to the login page.
if (HttpContext.Current.Session["adminuserid"].ToString() != dr["uname"].ToString() || HttpContext.Current.Session["adminpassword"].ToString() != dr["password"].ToString())
{
//Redirect to admin login page.
Util.PageRedirect(6);
}
//Release allocated memory.
dr.Close();
dr = null;
Util = null;
}
catch (Exception ex)
{
throw ex;
}
}
//Handles final login process with validation
private void ProcessLoginCheck(string Username, string UserPwd)
{
//Instantiate validation
Utility Util = new Utility();
//Instantiate stored procedure logic
Blogic myBL = new Blogic();
//Check whether admin username and password exist in the admin user database.
if (!myBL.AdminUserNameExist(Username))
{
lblerror.Text = "Username does not exist";
JSLiteral.Text = Util.JSAlert("Username does not exist");
return;
}
else if (!myBL.AdminPasswordExist(UserPwd))
{
lblerror.Text = "Invalid Password";
JSLiteral.Text = Util.JSAlert("Invalid Password");
return;
}
else
{
//Assign variable for username and password to use for the session.
string Getadminusername;
string Getadminpassword;
Getadminusername = myBL.GetAdminUserNameSession(Username);
Getadminpassword = myBL.GetAdminPasswordSession(UserPwd);
myBL = null;
//Store admin username and password construct in session state
Session.Add("adminuserid", Getadminusername);
Session.Add("adminpassword", Getadminpassword);
//If everything is okay, then redirect to the Admin Recipe Manager page.
//5 = recipemanager
Util.PageRedirect(5);
}
}
/// <summary>
/// Get article title, author, date, hits, rating and content from the DB matching the Article ID provided.
/// </summary>
public override void fillup()
{
//Instantiate Action Stored Procedure object
Blogic FetchData = new Blogic();
//Instantiate object
Utility Util = new Utility();
//Parameter 1 = we are dealing with the articledetail.aspx not the admin article update which is 2.
IDataReader dr = FetchData.GetArticleDetail(ID, WhatPageID);
dr.Read();
if (WhatPageID == constant.intArticleDetails) //Populate articledetail.aspx
{
try
{
if (dr["Title"] != DBNull.Value)
{
this._Title = (string)dr["Title"];
}
if (dr["Author"] != DBNull.Value)
{
this._Author = (string)dr["Author"];
}
if (dr["No_Rates"] != DBNull.Value)
{
this._NoRates = dr["No_Rates"].ToString();
}
if (dr["HITS"] != DBNull.Value)
{
this._Hits = (int)dr["HITS"];
}
if (dr["Rates"] != DBNull.Value)
{
this._Rating = dr["Rates"].ToString();
}
if (dr["Content"] != DBNull.Value)
{
this._Content = (string)dr["Content"];
}
if (dr["CAT_NAME"] != DBNull.Value)
{
this._Category = (string)dr["CAT_NAME"];
}
if (dr["CAT_ID"] != DBNull.Value)
{
this._CatID = (int)dr["CAT_ID"];
}
if (dr["Post_Date"] != DBNull.Value)
{
this._Date = (DateTime)(dr["Post_Date"]);
}
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
else if (WhatPageID == constant.intArticleAdminUpdate) //Populate Admin/updatearticle.aspx
{
try
{
if (dr["Title"] != DBNull.Value)
{
this._Title = (string)dr["Title"];
}
if (dr["Author"] != DBNull.Value)
{
this._Author = (string)dr["Author"];
}
if (dr["CAT_NAME"] != DBNull.Value)
{
this._Category = (string)dr["CAT_NAME"];
}
if (dr["Content"] != DBNull.Value)
{
this._Content = (string)dr["Content"];
}
if (dr["Summary"] != DBNull.Value)
{
this._Summary = (string)dr["Summary"];
}
if (dr["Keyword"] != DBNull.Value)
{
this._Keyword = (string)dr["Keyword"];
}
if (dr["CAT_ID"] != DBNull.Value)
{
this._CatID = (int)dr["CAT_ID"];
}
if (dr["Post_Date"] != DBNull.Value)
{
this._Date = (DateTime)(dr["Post_Date"]);
}
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
else if (WhatPageID == constant.intArticleAdminPreview) //Populate Admin/articlepreview.aspx
{
try
{
if (dr["Title"] != DBNull.Value)
{
this._Title = (string)dr["Title"];
}
if (dr["Content"] != DBNull.Value)
{
this._Content = (string)dr["Content"];
}
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
//Release allocated memory
dr.Close();
dr = null;
FetchData = null;
Util = null;
}
/// <summary>
/// Get recipe name, author, date, hits, rating, ingredients, instructions and other field from the DB matching the Recipe ID provided.
/// </summary>
public override void fillup()
{
//Instantiate Action Stored Procedure object
Blogic FetchData = new Blogic();
//Instantiate object
Utility Util = new Utility();
/* The reason why we have to use a conditional statement is because we are dealing with 3 diffrent
* stored procedures to return the data. Each sproc has its number of columns declared and diffrent where clauses.
*/
if (WhatPageID == constant.intRecipeDetails) //Populate Recipedetail.aspx database fields
{
try
{
IDataReader dr = FetchData.GetRecipeDetail(ID);
dr.Read();
if (dr["Name"] != DBNull.Value)
{
this._RecipeName = (string)dr["Name"];
}
if (dr["Author"] != DBNull.Value)
{
this._Author = (string)dr["Author"];
}
if (dr["CAT_ID"] != DBNull.Value)
{
this._CatID = (int)dr["CAT_ID"];
}
if (dr["NO_RATES"] != DBNull.Value)
{
this._NoRates = dr["NO_RATES"].ToString();
}
if (dr["HITS"] != DBNull.Value)
{
this._Hits = (int)dr["HITS"];
}
if (dr["Rates"] != DBNull.Value)
{
this._Rating = dr["Rates"].ToString();
}
if (dr["Category"] != DBNull.Value)
{
this._Category = (string)dr["Category"];
}
if (dr["Ingredients"] != DBNull.Value)
{
this._Ingredients = (string)dr["Ingredients"];
}
if (dr["Instructions"] != DBNull.Value)
{
this._Instructions = (string)dr["Instructions"];
}
if (dr["Date"] != DBNull.Value)
{
this._Date = (DateTime)(dr["Date"]);
}
if (dr["TOTAL_COMMENTS"] != DBNull.Value)
{
this._CountComments = (int)dr["TOTAL_COMMENTS"];
}
if (dr["LINK_APPROVED"] != DBNull.Value)
{
this._Approved = (int)dr["LINK_APPROVED"];
}
if (dr["RecipeImage"] != DBNull.Value)
{
this._RecipeImage = (string)dr["RecipeImage"];
}
//Release allocated memory
dr.Close();
dr = null;
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
else if (WhatPageID == constant.intRecipeAdminViewing) //Populate Admin/viewing.aspx database fields
{
try
{
IDataReader dr = FetchData.AdminRecipeApprovalReview(ID);
dr.Read();
if (dr["Name"] != DBNull.Value)
{
this._RecipeName = (string)dr["Name"];
}
if (dr["Author"] != DBNull.Value)
{
this._Author = (string)dr["Author"];
}
if (dr["HITS"] != DBNull.Value)
{
this._Hits = (int)dr["HITS"];
}
if (dr["Category"] != DBNull.Value)
{
this._Category = (string)dr["Category"];
}
if (dr["Ingredients"] != DBNull.Value)
{
this._Ingredients = (string)dr["Ingredients"];
}
if (dr["Instructions"] != DBNull.Value)
{
this._Instructions = (string)dr["Instructions"];
}
if (dr["Date"] != DBNull.Value)
{
this._Date = (DateTime)(dr["Date"]);
}
if (dr["LINK_APPROVED"] != DBNull.Value)
{
this._Approved = (int)dr["LINK_APPROVED"];
}
if (dr["HIT_DATE"] != DBNull.Value)
{
this._HitDate = (DateTime)dr["HIT_DATE"];
}
//Release allocated memory
dr.Close();
dr = null;
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
else if (WhatPageID == constant.intRecipeAdminEditing) //Populate Admin/editing.aspx database fields
{
try
{
IDataReader dr = FetchData.GetRecipeDetailForUpdate(ID);
dr.Read();
if (dr["Name"] != DBNull.Value)
{
this._RecipeName = (string)dr["Name"];
}
if (dr["Author"] != DBNull.Value)
{
this._Author = (string)dr["Author"];
}
if (dr["HITS"] != DBNull.Value)
{
this._Hits = (int)dr["HITS"];
}
if (dr["Ingredients"] != DBNull.Value)
{
this._Ingredients = (string)dr["Ingredients"];
}
if (dr["Instructions"] != DBNull.Value)
{
this._Instructions = (string)dr["Instructions"];
}
//Release allocated memory
dr.Close();
dr = null;
}
catch
{
//Redirect to page not found.
//1 = pagenotfound.aspx
Util.PageRedirect(1);
}
return;
}
//Release allocated memory
FetchData = null;
Util = null;
}
//Handles comment posting
public void Add_Comment(Object s, EventArgs e)
{
//Perform spam validation by matching the value of the textbox security code to the session variable
//that store the random number.
if (Page.IsValid && (txtsecfield.Text.ToString() == Session["randomStr"].ToString()))
{
//Instantiate object
Utility Util = new Utility();
//If all the fields are filled correctly, then process the comment post.
//Instantiate the SQL command object
CommentInfo AddComm = new CommentInfo();
AddComm.ID = (int)Util.Val(Request.QueryString["id"]);
//Filters harmful scripts from input string.
AddComm.Author = Util.FormatTextForInput(Request.Form[AUTHOR.UniqueID]);
AddComm.Email = Util.FormatTextForInput(Request.Form[EMAIL.UniqueID]);
AddComm.Comments = Util.FormatTextForInput(Request.Form[COMMENTS.UniqueID]);
#region Comment Form Input Validator
//Validate for empty name
if (AddComm.Author.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Name is empty, please enter your name.");
lbvalenght.Text = "<br>Error: Name is empty, please enter your name.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Validate for empty email
if (AddComm.Email.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Email is empty, please enter your email.");
lbvalenght.Text = "<br>Error: Email is empty, please enter your email.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Validate for empty comments
if (AddComm.Comments.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Comment is empty, please your comment.");
lbvalenght.Text = "<br>Error: Comment is empty, please your comment.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Name maximum of 50 char allowed
if (AddComm.Author.Length > 50)
{
JSLiteral.Text = Util.JSAlert("Error: Name is too long. Max of 50 characters.");
lbvalenght.Text = "<br>Error: Name is too long. Max of 50 characters.";
lbvalenght.Visible = true;
AUTHOR.Value = "";
txtsecfield.Text = "";
return;
}
//Email maximum of 50 char allowed
if (AddComm.Email.Length > 50)
{
JSLiteral.Text = Util.JSAlert("Error: Email is too long. Max of 50 characters.");
lbvalenght.Text = "<br>Error: Email is too long. Max of 50 characters.";
lbvalenght.Visible = true;
EMAIL.Value = "";
txtsecfield.Text = "";
return;
}
//Comments maximum of 200 char allowed
if (AddComm.Comments.Length > 200)
{
JSLiteral.Text = Util.JSAlert("Error: Comments is too long. Max of 200 characters.");
lbvalenght.Text = "<br>Error: Comments is too long. Max of 200 characters.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
#endregion
//Notify user if error occured.
if (AddComm.Add() != 0)
{
JSLiteral.Text = Util.JSAlert("A database error occured while processing your request.");
return;
}
//Instantiate email template object
EmailTemplate SendEmail = new EmailTemplate();
SendEmail.ItemID = AddComm.ID;
SendEmail.ItemName = strRName;
//Send an email notification to the webmaster in HTML format.
SendEmail.SendEmailCommentNotify();
//Release allocated memory
SendEmail = null;
AddComm = null;
//If success, redirect to confirmation and thank you page.
Util.PageRedirect(4);
Util = null;
}
else
{
//Javascript validation
JSLiteral.Text = Util.JSAlert("Invalid security code. Make sure you type it correctly.");
return;
// lblinvalidsecode.Text = "Invalid security code. Make sure you type it correctly.";
// lblinvalidsecode.Visible = true;
}
}