protected void Button1_Click(object sender, EventArgs e)
{
string text = TextBox1.Text;
DataInsert myInsert = new DataInsert();
myInsert.InsertComment(text);
Response.Redirect("Default.aspx");
}
protected void btnSubmitComment_Click(object sender, EventArgs e)
{
if (commentBox.Text != "")
{
string userComment = "";
DataInsert dataInsert = new DataInsert();
invalidCommentInfo.Text = "";
userComment = commentBox.Text;
//checks for xss attack
userComment = Server.HtmlEncode(userComment);
dataInsert.InsertComment(userComment);
ListView1.DataBind();
commentBox.Text = "";
}
else
{
invalidCommentInfo.Text = "Please enter a comment to submit";
}
}
