public ForumTopicMessage SelectForumTopicMessage(long id)
{
using (TransactionScope scope = new TransactionScope(TransactionScopeOption.Suppress))
{
using (SqlConnection conn = new SqlConnection(DatabaseManager.DatabaseEngine.ConnectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Select", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", id));
SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
ForumTopicMessage entity;
if (!reader.Read())
{
entity = null;
}
else
{
entity = new ForumTopicMessage(reader);
}
reader.Close();
return(entity);
}
}
}
public Result Delete(ForumTopicMessage forumTopicMessage)
{
Result result = new Result();
if (OnBeforeDeleteForumTopicMessage != null)
{
OnBeforeDeleteForumTopicMessage(forumTopicMessage, result);
}
SqlConnection conn = null;
if (result.Succeeded)
{
try
{
using (TransactionScope scope = new TransactionScope())
{
conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Delete", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID));
cmd.ExecuteNonQuery();
scope.Complete();
}
}
catch (Exception ex)
{
return(new Result(ex.Message));
}
finally
{
DatabaseManager.DatabaseEngine.ReleaseConnection();
}
if (OnForumTopicMessageDeleted != null)
{
OnForumTopicMessageDeleted(forumTopicMessage);
}
}
return(result);
}
public Result Store(ForumTopicMessage forumTopicMessage)
{
SqlConnection conn = null;
try
{
using (TransactionScope scope = new TransactionScope())
{
conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Store", conn);
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter prm = new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID);
prm.Direction = ParameterDirection.InputOutput;
cmd.Parameters.Add(prm);
cmd.Parameters.Add(NewSqlParameter("@ForumTopicID", forumTopicMessage.ForumTopicID, SqlDbType.BigInt));
cmd.Parameters.Add(NewSqlParameter("@AuthorUserID", forumTopicMessage.AuthorUserID, SqlDbType.BigInt));
cmd.Parameters.Add(NewSqlParameter("@AuthorName", forumTopicMessage.AuthorName, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@DateCreated", forumTopicMessage.DateCreated, SqlDbType.DateTime));
cmd.Parameters.Add(NewSqlParameter("@BodySource", forumTopicMessage.BodySource, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@BodyOutput", forumTopicMessage.BodyOutput, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@ModerationState", forumTopicMessage.ModerationState, SqlDbType.SmallInt));
cmd.Parameters.Add(NewSqlParameter("@MarkupType", forumTopicMessage.MarkupType, SqlDbType.SmallInt));
cmd.ExecuteNonQuery();
forumTopicMessage.ForumTopicMessageID = (long)prm.Value;
scope.Complete();
}
}
catch (Exception ex)
{
return(new Result(ex.Message));
}
finally
{
DatabaseManager.DatabaseEngine.ReleaseConnection();
}
return(new Result());
}
private void PostTopic()
{
string forumStr = Request.Form["forum"];
string path = Request.Form["path"];
string notLoggedInURL = Request.Form["notLoggedInURL"];
Forum forum = DataLayer.SelectForumByURLToken(forumStr);
if (forum == null)
{
forum = DataLayer.SelectForumByCode(forumStr);
}
if (forum == null)
{
WriteErrorMessage("Bad forum code");
return;
}
#region Check to see if the current user is allowed to post a new topic
switch (forum.PostNewTopics)
{
case Forum.AccessType.AllowAnonymous:
throw new NotImplementedException("need to put in anonymous author name.");
case Forum.AccessType.ActivatedMembers:
CheckAuthentication(notLoggedInURL);
if (!SecurityProvider.CurrentUser.Activated)
{
WriteErrorMessage("You're not authenticated yet.");
return;
}
break;
case Forum.AccessType.AllMembers:
CheckAuthentication(notLoggedInURL);
break;
case Forum.AccessType.Administrators:
CheckAuthentication(notLoggedInURL);
if (!SecurityProvider.CurrentUser.HasPermission(PermissionType.AdministrativeAccess))
{
WriteErrorMessage("Only administrators may post new topics.");
return;
}
break;
case Forum.AccessType.RoleMembers:
CheckAuthentication(notLoggedInURL);
if (forum.PostWriteAccessRoleID.HasValue)
{
Role role = SecurityProvider.DataLayer.SelectRole(forum.PostWriteAccessRoleID.Value);
if (role != null)
{
if (SecurityProvider.CurrentUser.HasRole(role.RoleCode))
{
break;
}
}
}
WriteErrorMessage("You don't have the required permissions to post new topics.");
return;
}
#endregion
ForumTopic topic = new ForumTopic();
ForumTopicMessage msg = new ForumTopicMessage();
if (WebAuthentication.IsLoggedIn)
{
topic.AuthorUserID = SecurityProvider.CurrentUser.UserID;
msg.AuthorUserID = SecurityProvider.CurrentUser.UserID;
}
else
{
throw new NotImplementedException("need to put in anonymous author name.");
//topic.AuthorName =
//msg.AuthorName =
}
topic.DateCreated = DateTime.UtcNow;
topic.ForumID = forum.ForumID;
topic.ForumTopicID = 0;
#warning to do: let administrators put in a "locked" checkbox to lock the topic by default when posting it
topic.Locked = false;
#warning to do: check for spam
if (forum.RequireModeration)
{
topic.Moderation = ForumModerationState.Pending;
}
else
{
topic.Moderation = ForumModerationState.Approved;
}
#warning to do: should be able to make the topic sticky when posting it
topic.Sticky = false;
#warning to do: validate the subject. if invalid, store values in fast-expiring cookie and redirect to standalone posting page
topic.Subject = Request.Form["subject"];
#warning to do: administrators should be able to specify a URL Token
//topic.URLToken
msg.BodySource = Request.Form["body"];
switch (forum.Markup)
{
case Forum.MarkupType.BBCode:
#warning to do: check for images in source
throw new NotImplementedException("BBCode not implemented yet.");
case Forum.MarkupType.None:
msg.BodyOutput = HttpUtility.HtmlEncode(msg.BodySource).Replace(Environment.NewLine, "<br />");
break;
case Forum.MarkupType.Textile:
#warning to do: check for images in source
msg.BodyOutput = Textile.TextileFormatter.FormatString(msg.BodySource);
break;
case Forum.MarkupType.LimitedHTML:
#warning to do: check for images in source
throw new NotImplementedException("Limited HTML not implemented yet.");
case Forum.MarkupType.ExtendedHTML:
#warning to do: check for images in source
msg.BodyOutput = WebUtility.SafeHtmlString(msg.BodySource, true);
break;
default:
throw new NotImplementedException();
}
#warning to do: signatures need to be appended to the output
msg.ForumTopicMessageID = 0;
msg.DateCreated = DateTime.UtcNow;
if (forum.RequireModeration)
{
msg.Moderation = ForumModerationState.Pending;
}
else
{
if (MightBeSpam(msg.BodySource))
{
msg.Moderation = ForumModerationState.Pending;
topic.Moderation = ForumModerationState.Pending;
}
else
{
msg.Moderation = ForumModerationState.Approved;
}
}
try
{
using (TransactionScope scope = new TransactionScope())
{
DatabaseManager.DatabaseEngine.GetConnection();
DataLayer.Store(topic);
msg.ForumTopicID = topic.ForumTopicID;
DataLayer.Store(msg);
scope.Complete();
}
}
finally
{
DatabaseManager.DatabaseEngine.ReleaseConnection();
}
#warning to do: redirect to message rather than the forum itself.
}
private void ReplyToTopic()
{
string forumStr = Request.Form["forum"];
string path = Request.Form["path"];
string notLoggedInURL = Request.Form["notLoggedInURL"];
ForumTopic topic = DataLayer.SelectForumTopic(long.Parse(Request.Form["topic"]));
if (topic == null)
{
WriteErrorMessage("Bad topic ID");
return;
}
Forum forum = DataLayer.SelectForum(topic.ForumID);
#region Check to see if the current user is allowed to reply to the topic
switch (forum.WriteReplies)
{
case Forum.AccessType.AllowAnonymous:
throw new NotImplementedException("need to put in anonymous author name and CAPTCHA.");
case Forum.AccessType.ActivatedMembers:
CheckAuthentication(notLoggedInURL);
if (!SecurityProvider.CurrentUser.Activated)
{
WriteErrorMessage("You're not authenticated yet.");
return;
}
break;
case Forum.AccessType.AllMembers:
CheckAuthentication(notLoggedInURL);
break;
case Forum.AccessType.Administrators:
CheckAuthentication(notLoggedInURL);
if (!SecurityProvider.CurrentUser.HasPermission(PermissionType.AdministrativeAccess))
{
WriteErrorMessage("Only administrators may reply to this topic.");
return;
}
break;
case Forum.AccessType.RoleMembers:
CheckAuthentication(notLoggedInURL);
if (forum.PostWriteAccessRoleID.HasValue)
{
if (SecurityProvider.DataLayer.IsUserInRole(SecurityProvider.CurrentUser.UserID, forum.PostWriteAccessRoleID.Value))
{
break;
}
}
WriteErrorMessage("You don't have the required permissions to post new topics.");
return;
}
#endregion
ForumTopicMessage msg = new ForumTopicMessage();
msg.ForumTopicID = topic.ForumTopicID;
if (WebAuthentication.IsLoggedIn)
{
msg.AuthorUserID = SecurityProvider.CurrentUser.UserID;
}
else
{
throw new NotImplementedException("need to put in anonymous author name.");
}
msg.DateCreated = DateTime.UtcNow;
msg.ForumTopicMessageID = 0;
#warning to do: administrators should be able to specify a URL Token
msg.BodySource = Request.Form["body"];
switch (forum.Markup)
{
case Forum.MarkupType.BBCode:
#warning to do: check for images in source
throw new NotImplementedException("BBCode not implemented yet.");
case Forum.MarkupType.None:
msg.BodyOutput = HttpUtility.HtmlEncode(msg.BodySource).Replace(Environment.NewLine, "<br />");
break;
case Forum.MarkupType.Textile:
#warning to do: check for images in source
msg.BodyOutput = Textile.TextileFormatter.FormatString(msg.BodySource);
break;
case Forum.MarkupType.LimitedHTML:
#warning to do: check for images in source
throw new NotImplementedException("Limited HTML not implemented yet.");
case Forum.MarkupType.ExtendedHTML:
#warning to do: check for images in source
msg.BodyOutput = WebUtility.SafeHtmlString(msg.BodySource, true);
break;
default:
throw new NotImplementedException();
}
#warning to do: signatures need to be appended to the output
if (forum.RequireModeration)
{
msg.Moderation = ForumModerationState.Pending;
}
else
{
if (MightBeSpam(msg.BodySource))
{
msg.Moderation = ForumModerationState.Pending;
}
else
{
msg.Moderation = ForumModerationState.Approved;
}
}
DataLayer.Store(msg);
string urltoken = forum.URLToken;
if (urltoken == "" || urltoken == null)
{
urltoken = forum.ForumID.ToString();
}
WebUtility.Redirect(ContentManager.RequestedPage.Path + "/" + urltoken + "/topic/" + topic.ForumTopicID + "/#" + msg.ForumTopicMessageID);
}
public ForumTopicMessage SelectForumTopicMessage(long id)
{
using (TransactionScope scope = new TransactionScope(TransactionScopeOption.Suppress))
{
using (SqlConnection conn = new SqlConnection(DatabaseManager.DatabaseEngine.ConnectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Select", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", id));
SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
ForumTopicMessage entity;
if (!reader.Read())
entity = null;
else
entity = new ForumTopicMessage(reader);
reader.Close();
return entity;
}
}
}
public Result Delete(ForumTopicMessage forumTopicMessage)
{
Result result = new Result();
if (OnBeforeDeleteForumTopicMessage != null)
OnBeforeDeleteForumTopicMessage(forumTopicMessage, result);
SqlConnection conn = null;
if (result.Succeeded)
{
try
{
using (TransactionScope scope = new TransactionScope())
{
conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Delete", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID));
cmd.ExecuteNonQuery();
scope.Complete();
}
}
catch (Exception ex)
{
return new Result(ex.Message);
}
finally
{
DatabaseManager.DatabaseEngine.ReleaseConnection(conn);
}
if (OnForumTopicMessageDeleted != null)
OnForumTopicMessageDeleted(forumTopicMessage);
}
return result;
}
public Result Store(ForumTopicMessage forumTopicMessage)
{
SqlConnection conn = null;
try
{
using (TransactionScope scope = new TransactionScope())
{
conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection();
SqlCommand cmd = new SqlCommand("ForumTopicMessage_Store", conn);
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter prm = new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID);
prm.Direction = ParameterDirection.InputOutput;
cmd.Parameters.Add(prm);
cmd.Parameters.Add(NewSqlParameter("@ForumTopicID", forumTopicMessage.ForumTopicID, SqlDbType.BigInt));
cmd.Parameters.Add(NewSqlParameter("@AuthorUserID", forumTopicMessage.AuthorUserID, SqlDbType.BigInt));
cmd.Parameters.Add(NewSqlParameter("@AuthorName", forumTopicMessage.AuthorName, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@DateCreated", forumTopicMessage.DateCreated, SqlDbType.DateTime));
cmd.Parameters.Add(NewSqlParameter("@BodySource", forumTopicMessage.BodySource, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@BodyOutput", forumTopicMessage.BodyOutput, SqlDbType.NVarChar));
cmd.Parameters.Add(NewSqlParameter("@ModerationState", forumTopicMessage.ModerationState, SqlDbType.SmallInt));
cmd.Parameters.Add(NewSqlParameter("@MarkupType", forumTopicMessage.MarkupType, SqlDbType.SmallInt));
cmd.ExecuteNonQuery();
forumTopicMessage.ForumTopicMessageID = (long)prm.Value;
scope.Complete();
}
}
catch (Exception ex)
{
return new Result(ex.Message);
}
finally
{
DatabaseManager.DatabaseEngine.ReleaseConnection(conn);
}
return new Result();
}
