public ForumTopicMessage SelectForumTopicMessage(long id) { using (TransactionScope scope = new TransactionScope(TransactionScopeOption.Suppress)) { using (SqlConnection conn = new SqlConnection(DatabaseManager.DatabaseEngine.ConnectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Select", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", id)); SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection); ForumTopicMessage entity; if (!reader.Read()) { entity = null; } else { entity = new ForumTopicMessage(reader); } reader.Close(); return(entity); } } }
public Result Delete(ForumTopicMessage forumTopicMessage) { Result result = new Result(); if (OnBeforeDeleteForumTopicMessage != null) { OnBeforeDeleteForumTopicMessage(forumTopicMessage, result); } SqlConnection conn = null; if (result.Succeeded) { try { using (TransactionScope scope = new TransactionScope()) { conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Delete", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID)); cmd.ExecuteNonQuery(); scope.Complete(); } } catch (Exception ex) { return(new Result(ex.Message)); } finally { DatabaseManager.DatabaseEngine.ReleaseConnection(); } if (OnForumTopicMessageDeleted != null) { OnForumTopicMessageDeleted(forumTopicMessage); } } return(result); }
public Result Store(ForumTopicMessage forumTopicMessage) { SqlConnection conn = null; try { using (TransactionScope scope = new TransactionScope()) { conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Store", conn); cmd.CommandType = CommandType.StoredProcedure; SqlParameter prm = new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID); prm.Direction = ParameterDirection.InputOutput; cmd.Parameters.Add(prm); cmd.Parameters.Add(NewSqlParameter("@ForumTopicID", forumTopicMessage.ForumTopicID, SqlDbType.BigInt)); cmd.Parameters.Add(NewSqlParameter("@AuthorUserID", forumTopicMessage.AuthorUserID, SqlDbType.BigInt)); cmd.Parameters.Add(NewSqlParameter("@AuthorName", forumTopicMessage.AuthorName, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@DateCreated", forumTopicMessage.DateCreated, SqlDbType.DateTime)); cmd.Parameters.Add(NewSqlParameter("@BodySource", forumTopicMessage.BodySource, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@BodyOutput", forumTopicMessage.BodyOutput, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@ModerationState", forumTopicMessage.ModerationState, SqlDbType.SmallInt)); cmd.Parameters.Add(NewSqlParameter("@MarkupType", forumTopicMessage.MarkupType, SqlDbType.SmallInt)); cmd.ExecuteNonQuery(); forumTopicMessage.ForumTopicMessageID = (long)prm.Value; scope.Complete(); } } catch (Exception ex) { return(new Result(ex.Message)); } finally { DatabaseManager.DatabaseEngine.ReleaseConnection(); } return(new Result()); }
private void PostTopic() { string forumStr = Request.Form["forum"]; string path = Request.Form["path"]; string notLoggedInURL = Request.Form["notLoggedInURL"]; Forum forum = DataLayer.SelectForumByURLToken(forumStr); if (forum == null) { forum = DataLayer.SelectForumByCode(forumStr); } if (forum == null) { WriteErrorMessage("Bad forum code"); return; } #region Check to see if the current user is allowed to post a new topic switch (forum.PostNewTopics) { case Forum.AccessType.AllowAnonymous: throw new NotImplementedException("need to put in anonymous author name."); case Forum.AccessType.ActivatedMembers: CheckAuthentication(notLoggedInURL); if (!SecurityProvider.CurrentUser.Activated) { WriteErrorMessage("You're not authenticated yet."); return; } break; case Forum.AccessType.AllMembers: CheckAuthentication(notLoggedInURL); break; case Forum.AccessType.Administrators: CheckAuthentication(notLoggedInURL); if (!SecurityProvider.CurrentUser.HasPermission(PermissionType.AdministrativeAccess)) { WriteErrorMessage("Only administrators may post new topics."); return; } break; case Forum.AccessType.RoleMembers: CheckAuthentication(notLoggedInURL); if (forum.PostWriteAccessRoleID.HasValue) { Role role = SecurityProvider.DataLayer.SelectRole(forum.PostWriteAccessRoleID.Value); if (role != null) { if (SecurityProvider.CurrentUser.HasRole(role.RoleCode)) { break; } } } WriteErrorMessage("You don't have the required permissions to post new topics."); return; } #endregion ForumTopic topic = new ForumTopic(); ForumTopicMessage msg = new ForumTopicMessage(); if (WebAuthentication.IsLoggedIn) { topic.AuthorUserID = SecurityProvider.CurrentUser.UserID; msg.AuthorUserID = SecurityProvider.CurrentUser.UserID; } else { throw new NotImplementedException("need to put in anonymous author name."); //topic.AuthorName = //msg.AuthorName = } topic.DateCreated = DateTime.UtcNow; topic.ForumID = forum.ForumID; topic.ForumTopicID = 0; #warning to do: let administrators put in a "locked" checkbox to lock the topic by default when posting it topic.Locked = false; #warning to do: check for spam if (forum.RequireModeration) { topic.Moderation = ForumModerationState.Pending; } else { topic.Moderation = ForumModerationState.Approved; } #warning to do: should be able to make the topic sticky when posting it topic.Sticky = false; #warning to do: validate the subject. if invalid, store values in fast-expiring cookie and redirect to standalone posting page topic.Subject = Request.Form["subject"]; #warning to do: administrators should be able to specify a URL Token //topic.URLToken msg.BodySource = Request.Form["body"]; switch (forum.Markup) { case Forum.MarkupType.BBCode: #warning to do: check for images in source throw new NotImplementedException("BBCode not implemented yet."); case Forum.MarkupType.None: msg.BodyOutput = HttpUtility.HtmlEncode(msg.BodySource).Replace(Environment.NewLine, "<br />"); break; case Forum.MarkupType.Textile: #warning to do: check for images in source msg.BodyOutput = Textile.TextileFormatter.FormatString(msg.BodySource); break; case Forum.MarkupType.LimitedHTML: #warning to do: check for images in source throw new NotImplementedException("Limited HTML not implemented yet."); case Forum.MarkupType.ExtendedHTML: #warning to do: check for images in source msg.BodyOutput = WebUtility.SafeHtmlString(msg.BodySource, true); break; default: throw new NotImplementedException(); } #warning to do: signatures need to be appended to the output msg.ForumTopicMessageID = 0; msg.DateCreated = DateTime.UtcNow; if (forum.RequireModeration) { msg.Moderation = ForumModerationState.Pending; } else { if (MightBeSpam(msg.BodySource)) { msg.Moderation = ForumModerationState.Pending; topic.Moderation = ForumModerationState.Pending; } else { msg.Moderation = ForumModerationState.Approved; } } try { using (TransactionScope scope = new TransactionScope()) { DatabaseManager.DatabaseEngine.GetConnection(); DataLayer.Store(topic); msg.ForumTopicID = topic.ForumTopicID; DataLayer.Store(msg); scope.Complete(); } } finally { DatabaseManager.DatabaseEngine.ReleaseConnection(); } #warning to do: redirect to message rather than the forum itself. }
private void ReplyToTopic() { string forumStr = Request.Form["forum"]; string path = Request.Form["path"]; string notLoggedInURL = Request.Form["notLoggedInURL"]; ForumTopic topic = DataLayer.SelectForumTopic(long.Parse(Request.Form["topic"])); if (topic == null) { WriteErrorMessage("Bad topic ID"); return; } Forum forum = DataLayer.SelectForum(topic.ForumID); #region Check to see if the current user is allowed to reply to the topic switch (forum.WriteReplies) { case Forum.AccessType.AllowAnonymous: throw new NotImplementedException("need to put in anonymous author name and CAPTCHA."); case Forum.AccessType.ActivatedMembers: CheckAuthentication(notLoggedInURL); if (!SecurityProvider.CurrentUser.Activated) { WriteErrorMessage("You're not authenticated yet."); return; } break; case Forum.AccessType.AllMembers: CheckAuthentication(notLoggedInURL); break; case Forum.AccessType.Administrators: CheckAuthentication(notLoggedInURL); if (!SecurityProvider.CurrentUser.HasPermission(PermissionType.AdministrativeAccess)) { WriteErrorMessage("Only administrators may reply to this topic."); return; } break; case Forum.AccessType.RoleMembers: CheckAuthentication(notLoggedInURL); if (forum.PostWriteAccessRoleID.HasValue) { if (SecurityProvider.DataLayer.IsUserInRole(SecurityProvider.CurrentUser.UserID, forum.PostWriteAccessRoleID.Value)) { break; } } WriteErrorMessage("You don't have the required permissions to post new topics."); return; } #endregion ForumTopicMessage msg = new ForumTopicMessage(); msg.ForumTopicID = topic.ForumTopicID; if (WebAuthentication.IsLoggedIn) { msg.AuthorUserID = SecurityProvider.CurrentUser.UserID; } else { throw new NotImplementedException("need to put in anonymous author name."); } msg.DateCreated = DateTime.UtcNow; msg.ForumTopicMessageID = 0; #warning to do: administrators should be able to specify a URL Token msg.BodySource = Request.Form["body"]; switch (forum.Markup) { case Forum.MarkupType.BBCode: #warning to do: check for images in source throw new NotImplementedException("BBCode not implemented yet."); case Forum.MarkupType.None: msg.BodyOutput = HttpUtility.HtmlEncode(msg.BodySource).Replace(Environment.NewLine, "<br />"); break; case Forum.MarkupType.Textile: #warning to do: check for images in source msg.BodyOutput = Textile.TextileFormatter.FormatString(msg.BodySource); break; case Forum.MarkupType.LimitedHTML: #warning to do: check for images in source throw new NotImplementedException("Limited HTML not implemented yet."); case Forum.MarkupType.ExtendedHTML: #warning to do: check for images in source msg.BodyOutput = WebUtility.SafeHtmlString(msg.BodySource, true); break; default: throw new NotImplementedException(); } #warning to do: signatures need to be appended to the output if (forum.RequireModeration) { msg.Moderation = ForumModerationState.Pending; } else { if (MightBeSpam(msg.BodySource)) { msg.Moderation = ForumModerationState.Pending; } else { msg.Moderation = ForumModerationState.Approved; } } DataLayer.Store(msg); string urltoken = forum.URLToken; if (urltoken == "" || urltoken == null) { urltoken = forum.ForumID.ToString(); } WebUtility.Redirect(ContentManager.RequestedPage.Path + "/" + urltoken + "/topic/" + topic.ForumTopicID + "/#" + msg.ForumTopicMessageID); }
public ForumTopicMessage SelectForumTopicMessage(long id) { using (TransactionScope scope = new TransactionScope(TransactionScopeOption.Suppress)) { using (SqlConnection conn = new SqlConnection(DatabaseManager.DatabaseEngine.ConnectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Select", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", id)); SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection); ForumTopicMessage entity; if (!reader.Read()) entity = null; else entity = new ForumTopicMessage(reader); reader.Close(); return entity; } } }
public Result Delete(ForumTopicMessage forumTopicMessage) { Result result = new Result(); if (OnBeforeDeleteForumTopicMessage != null) OnBeforeDeleteForumTopicMessage(forumTopicMessage, result); SqlConnection conn = null; if (result.Succeeded) { try { using (TransactionScope scope = new TransactionScope()) { conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Delete", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID)); cmd.ExecuteNonQuery(); scope.Complete(); } } catch (Exception ex) { return new Result(ex.Message); } finally { DatabaseManager.DatabaseEngine.ReleaseConnection(conn); } if (OnForumTopicMessageDeleted != null) OnForumTopicMessageDeleted(forumTopicMessage); } return result; }
public Result Store(ForumTopicMessage forumTopicMessage) { SqlConnection conn = null; try { using (TransactionScope scope = new TransactionScope()) { conn = (SqlConnection)DatabaseManager.DatabaseEngine.GetConnection(); SqlCommand cmd = new SqlCommand("ForumTopicMessage_Store", conn); cmd.CommandType = CommandType.StoredProcedure; SqlParameter prm = new SqlParameter("@ForumTopicMessageID", forumTopicMessage.ForumTopicMessageID); prm.Direction = ParameterDirection.InputOutput; cmd.Parameters.Add(prm); cmd.Parameters.Add(NewSqlParameter("@ForumTopicID", forumTopicMessage.ForumTopicID, SqlDbType.BigInt)); cmd.Parameters.Add(NewSqlParameter("@AuthorUserID", forumTopicMessage.AuthorUserID, SqlDbType.BigInt)); cmd.Parameters.Add(NewSqlParameter("@AuthorName", forumTopicMessage.AuthorName, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@DateCreated", forumTopicMessage.DateCreated, SqlDbType.DateTime)); cmd.Parameters.Add(NewSqlParameter("@BodySource", forumTopicMessage.BodySource, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@BodyOutput", forumTopicMessage.BodyOutput, SqlDbType.NVarChar)); cmd.Parameters.Add(NewSqlParameter("@ModerationState", forumTopicMessage.ModerationState, SqlDbType.SmallInt)); cmd.Parameters.Add(NewSqlParameter("@MarkupType", forumTopicMessage.MarkupType, SqlDbType.SmallInt)); cmd.ExecuteNonQuery(); forumTopicMessage.ForumTopicMessageID = (long)prm.Value; scope.Complete(); } } catch (Exception ex) { return new Result(ex.Message); } finally { DatabaseManager.DatabaseEngine.ReleaseConnection(conn); } return new Result(); }