public IHttpActionResult Post(HUTModels.Food model)
{
FoodBLL bll = new FoodBLL();
if (bll.Insert(model))
{
return(Ok());
}
else
{
return(Content(HttpStatusCode.InternalServerError, "Problem inserting food record."));
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
if (Session["userName"] != null)
{
UserBLL userBLL = new UserBLL();
User user = userBLL.QueryInfo(Session["userName"].ToString());
if (user == null)
{
LayerShow.Alert(this, "请先登录", "Login.aspx");
return;
}
FoodBLL foodBLL = new FoodBLL();
Food food = new Food();
food.UploaderID = user.ID;
if (txtTitle.Text.Length >= 4 && txtTitle.Text.Length <= 30)
{
food.Title = txtTitle.Text;
}
else
{
LayerShow.Msg(this, "标题的长度必须为4~30个字符");
return;
}
//简单的二次过滤(仍旧不安全),我相信ckeditor的过滤...
food.Contents = CheckStr(txtCkeditor.Value);
//读取POST进来的图片
HttpPostedFile file = Request.Files[Request.Files.AllKeys[0]];
string fileName = DateTime.Now.ToString("yyyyMMddhhmmssff") + CreateRandomCode(8);
int pos = file.FileName.LastIndexOf(".");
string extName = file.FileName.Substring(pos, file.FileName.Length - pos);
string virtualPath = string.Format("~/Static/Image/Cover/cover_{0}{1}", fileName, extName);
file.SaveAs(Server.MapPath(virtualPath));
food.Cover = fileName + extName;
if (foodBLL.Insert(food) == true)
{
LayerShow.Alert(this, "美食分享成功", "Index.aspx");
}
else
{
LayerShow.Alert(this, "分享出错", "Share.aspx");
}
}
else
{
LayerShow.Alert(this, "请先登录", "Login.aspx");
}
}