public static int SaveStaffEnrollmentPage(EnrollmentContentModel ecm)
{
var strConn = ConfigurationManager.ConnectionStrings["Halfpint"].ToString();
using (var conn = new SqlConnection(strConn))
{
try
{
var cmd = new SqlCommand("", conn)
{
CommandType = System.Data.CommandType.StoredProcedure,
CommandText = ("SaveStaffEnrollmentPage")
};
var param = new SqlParameter("@enrollmentContent", ecm.EnrollmentContent);
cmd.Parameters.Add(param);
param = new SqlParameter("@announcementContent", ecm.AnnouncementContent);
cmd.Parameters.Add(param);
conn.Open();
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
Nlogger.LogError(ex);
return(0);
}
}
return(1);
}
public static EnrollmentContentModel GetEnrollmentContent()
{
var ecm = new EnrollmentContentModel();
String strConn = ConfigurationManager.ConnectionStrings["Halfpint"].ToString();
SqlDataReader rdr = null;
using (var conn = new SqlConnection(strConn))
{
try
{
var cmd = new SqlCommand("", conn)
{
CommandType = System.Data.CommandType.StoredProcedure,
CommandText = ("GetStaffEnrollmentPage")
};
conn.Open();
rdr = cmd.ExecuteReader();
while (rdr.Read())
{
int pos = rdr.GetOrdinal("Enrollment");
ecm.EnrollmentContent = rdr.GetString(pos);
pos = rdr.GetOrdinal("Announcement");
ecm.AnnouncementContent = rdr.GetString(pos);
}
rdr.Close();
}
catch (Exception ex)
{
Nlogger.LogError(ex);
}
finally
{
if (rdr != null)
{
rdr.Close();
}
}
}
return(ecm);
}
public static DTO ValidateInput(EnrollmentContentModel ecm)
{
string message = "";
var dto = new DTO {
ReturnValue = 1
};
string enrollmentContent = ecm.EnrollmentContent.ToLower();
HtmlSanitizer sanitizer = new HtmlSanitizer();
if (!sanitizer.Sanitize(enrollmentContent, out message))
{
dto.Message = "Enrollment Content: " + message;
dto.ReturnValue = 0;
return(dto);
}
//if (!IsValidContent(enrollmentContent, ref message))
//{
// dto.Message = "Enrollment Content: " + message;
// dto.ReturnValue = 0;
// return dto;
//}
string announcementContent = ecm.AnnouncementContent.ToLower();
if (!sanitizer.Sanitize(announcementContent, out message))
{
dto.Message = "Announcement Content: " + message;
dto.ReturnValue = 0;
return(dto);
}
//if (!IsValidContent(announcementContent, ref message))
//{
// dto.Message = "Announcement Content: " + message;
// dto.ReturnValue = 0;
// return dto;
//}
return(dto);
}
public ActionResult Save(HttpPostedFileBase file, [Bind(Include =
"EnrollmentContent,AnnouncementContent")] EnrollmentContentModel ecm)
{
if (ModelState.IsValid)
{
//check for file upload
if (file != null && file.ContentLength > 0)
{
const string fileName = "enrollment.png";
var path = Path.Combine(Server.MapPath("~/Content/Images"), fileName);
file.SaveAs(path);
}
//check for not allowed input
DTO dto = DbInform.ValidateInput(ecm);
if (dto.ReturnValue == 1)
{
var iRetval = DbInform.SaveStaffEnrollmentPage(ecm);
if (iRetval != 1)
{
}
}
else
{
TempData["message"] = dto.Message;
return(RedirectToAction("Error"));
}
return(RedirectToAction("SaveSuccess"));
}
else
{
return(null);
}
}
