public static void CreateAttachment(AttachmentInfo info)
{
if (info != null)
{
DatabaseProvider.GetInstance().CreateAttachment(info);
}
}
static AttachmentInfo DataReader2AttachmentInfo(IDataReader reader)
{
AttachmentInfo info = new AttachmentInfo();
info.Attachmentid = Convert.ToInt32(reader["attachmentid"]);
info.Filename = reader["filename"].ToString();
info.Filepath = reader["filepath"].ToString();
info.Filetype = Convert.ToInt32(reader["filetype"]);
info.Posterid = Convert.ToInt32(reader["posterid"]);
info.Description = reader["description"].ToString();
return info;
}
public void CreateAttachment(AttachmentInfo info)
{
DbParameter[] sqlparams =
{
DbHelper.MakeInParam("@filename", DbType.String, 100, info.Filename),
DbHelper.MakeInParam("@filepath", DbType.String, 100, info.Filepath),
DbHelper.MakeInParam("@filetype", DbType.Int32, 4, info.Filetype),
DbHelper.MakeInParam("@posterid", DbType.Int32, 4, info.Posterid),
DbHelper.MakeInParam("@description", DbType.String, 100, info.Description)
};
DbHelper.ExecuteNonQuery(CommandType.Text, "INSERT INTO wy_attachments(filename,filepath,filetype,posterid,description) VALUES(@filename,@filepath,@filetype,@posterid,@description)", sqlparams);
}
protected override void Page_Show()
{
UserInfo userinfo = GetUserInfo();
if (userinfo == null)
{
ShowError("上传文件", "请登录后再上传文件,谢谢~", "", "login.aspx");
}
if (ispost)
{
int filecount = System.Web.HttpContext.Current.Request.Files.Count;
for (int i = 0; i < filecount; i++)
{
System.Web.HttpPostedFile postedfile = System.Web.HttpContext.Current.Request.Files[i];
if (postedfile.FileName != string.Empty)
{
string fileext = Path.GetExtension(postedfile.FileName).ToLower();
string savepath = Path.Combine("upload", DateTime.Now.ToString("yyMM"));
string filename = string.Format("{0}{1}{2}", DateTime.Now.ToString("yyMMddhhmm"), Guid.NewGuid().ToString(), fileext);
string fullsavename = Path.Combine(savepath, filename);
bool canUpload = false;
string[] allowedextensions = { ".gif", ".png", ".jpeg", ".jpg", ".zip", ".rar" };
foreach (string allowextname in allowedextensions)
{
if (fileext == allowextname)
{
canUpload = true;
break;
}
}
if (canUpload == true)
{
YRequest.SaveRequestFile(System.Web.HttpContext.Current.Request.Files[i], Server.MapPath("~/" + fullsavename));
AttachmentInfo info = new AttachmentInfo();
info.Filename = filename;
info.Filepath = fullsavename;
info.Filetype = 0;
info.Posterid = userinfo.Uid;
info.Description = "";
Attachments.CreateAttachment(info);
string result = JavaScriptConvert.SerializeObject(info);
currentcontext.Response.Write(result);
currentcontext.Response.End();
}
}
}
//System.Web.HttpContext.Current.Response.Redirect("uploadfile.aspx?filename=" + uploadedfilename.Trim(','));
}
}