protected string getContents(int pageNum)
{
string content = "";
connect.Open();
SqlCommand cmd = connect.CreateCommand();
//Count entries for this topic that are approved, not denied, and not deleted:
cmd.CommandText = "select count(*) from Entries where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0 ";
int totalEntries = Convert.ToInt32(cmd.ExecuteScalar());
g_entries = totalEntries;
for (int i = 1; i <= totalEntries; i++)
{
//Get entry ID:
cmd.CommandText = "select [entryId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
string entryId = cmd.ExecuteScalar().ToString();
//Get entry text:
cmd.CommandText = "select [entry_text] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
string entry_text = cmd.ExecuteScalar().ToString();
//Get entry time:
cmd.CommandText = "select [entry_time] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
string entry_time = cmd.ExecuteScalar().ToString();
//Get entry's creator:
cmd.CommandText = "select [userId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
string entry_creatorId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select user_firstname from users where userId = '" + entry_creatorId + "' ";
string creator_name = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select user_lastname from users where userId = '" + entry_creatorId + "' ";
creator_name = creator_name + " " + cmd.ExecuteScalar().ToString();
//Check if entry has images:
string imagesHtml = "";
cmd.CommandText = "select [entry_hasImage] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY entryId ASC), * FROM [Entries] where topicId = '" + topicId + "' and entry_isApproved = 1 and entry_isDenied = 0 and entry_isDeleted = 0) as t where rowNum = '" + i + "'";
int hasImage = Convert.ToInt32(cmd.ExecuteScalar());
if (hasImage == 1)
{
//Count total images for this entry:
cmd.CommandText = "select count(*) from ImagesForEntries where entryId = '" + entryId + "' ";
int totalImages = Convert.ToInt32(cmd.ExecuteScalar());
//Loop through images and store their names:
for (int j = 1; j <= totalImages; j++)
{
//Get the entry's images:
cmd.CommandText = "select [imageId] from (SELECT rowNum = ROW_NUMBER() OVER(ORDER BY imagesForEntriesId ASC), * FROM [imagesForEntries] where entryId = '" + entryId + "' ) as t where rowNum = '" + j + "'";
string imageId = cmd.ExecuteScalar().ToString();
//Get the image name:
cmd.CommandText = "select image_name from images where imageId = '" + imageId + "' ";
string image_name = cmd.ExecuteScalar().ToString();
imagesHtml = imagesHtml + "<img src='../../images/" + image_name + "'></img> <br /> <br/>";
}
}
//Get userId of current user viewing:
cmd.CommandText = "select userId from Users where loginId = '" + loginId + "' ";
string userId = cmd.ExecuteScalar().ToString();
//Get topic creator ID of current user viewing:
cmd.CommandText = "select topic_createdBy from Topics where topicId = '" + topicId + "' ";
string topic_creatorId = cmd.ExecuteScalar().ToString();
content = content + Layouts.postMessage(i, creator_name, entry_time, entry_text, imagesHtml, entry_creatorId, topic_creatorId, userId, entryId, roleId, topicId);
}
connect.Close();
return(content);
}