public ActionResult EditBlog(Models.BlogViewModel blog) { string email = blog.EmailFromView; //OBTAINING USER ID FOR REINSERTING BLOG var user = new DataTable(); using (var sqlCon = new SqlConnection(connectString)) { sqlCon.Open(); var query = "Select * from UserDetails where Email='" + email + "';"; var sqlDa = new SqlDataAdapter(query, sqlCon); sqlDa.Fill(user); } int id = (int)user.Rows[0][0]; //FOR BLOGTYPE DROPDOWN MENU string btype = "none"; switch (blog.BlogType) { case 0: btype = "Breaking"; break; case 1: btype = "World"; break; case 2: btype = "Technology"; break; case 3: btype = "Fashion"; break; case 4: btype = "Business"; break; case 5: btype = "StockMarket"; break; case 6: btype = "Sports"; break; } //UPDATING ROW IN BLOG TABLE AND SETTING APPROVAL STATUS=UNAPPROVED AGAIN using (SqlConnection sqlConnection = new SqlConnection(connectString)) { sqlConnection.Open(); string query = "Update Blogs set blogtitle=@title, blogbody=@body, TypeOfBlog=@type, approvalstatus=0, bloggerid=@id where blogid=@blogid;"; SqlCommand sqlCommand = new SqlCommand(query, sqlConnection); sqlCommand.Parameters.AddWithValue("@title", blog.BlogTitle); sqlCommand.Parameters.AddWithValue("@body", blog.BlogBody); sqlCommand.Parameters.AddWithValue("@type", btype); sqlCommand.Parameters.AddWithValue("@blogid", blog.BlogId); sqlCommand.Parameters.AddWithValue("@id", id); sqlCommand.ExecuteNonQuery(); } //REDIRECTING TO BLOGGER HOME PAGE TempData["msg"] = "<script>alert('Your blog has been resubmitted for approval')</script>"; return(RedirectToAction("Index", "Blogger", new { email = email })); }
public ActionResult PostNewBlog(Models.BlogViewModel blog) { string email = blog.EmailFromView; string fileName = ""; string filePath = ""; var file = blog.file[0]; //OBTAINING USER ID var user = new DataTable(); using (var sqlCon = new SqlConnection(connectString)) { sqlCon.Open(); var query = "Select * from UserDetails where Email='" + email + "';"; var sqlDa = new SqlDataAdapter(query, sqlCon); sqlDa.Fill(user); } int id = (int)user.Rows[0][0]; //FOR BLOGTYPE DROPDOWN MENU string btype = "none"; switch (blog.BlogType) { case 0: btype = "Breaking"; break; case 1: btype = "World"; break; case 2: btype = "Technology"; break; case 3: btype = "Fashion"; break; case 4: btype = "Business"; break; case 5: btype = "StockMarket"; break; case 6: btype = "Sports"; break; } //FOR SAVING BLOG COVER PICTURE if (file.ContentLength > 0) { fileName = Path.GetFileName(file.FileName); filePath = Path.Combine(Server.MapPath("~/images/Blogs"), fileName); string toSave = "~/images/Blogs/" + fileName; file.SaveAs(filePath); //INSERTING NEW BLOG using (SqlConnection sqlConnection = new SqlConnection(connectString)) { sqlConnection.Open(); string query = "INSERT INTO BLOGS(BlogTitle,BlogBody,TypeOfBlog,BlogCoverImage,BloggerId) VALUES " + "(@title,@body,@type,@image,@id)"; SqlCommand sqlCommand = new SqlCommand(query, sqlConnection); sqlCommand.Parameters.AddWithValue("@title", blog.BlogTitle); sqlCommand.Parameters.AddWithValue("@body", blog.BlogBody); sqlCommand.Parameters.AddWithValue("@type", btype); sqlCommand.Parameters.AddWithValue("@image", toSave); sqlCommand.Parameters.AddWithValue("@id", id); sqlCommand.ExecuteNonQuery(); } //OBTAINING BLOG ID OF NEW BLOG FOR INSERTING BLOGTAGS var blg = new DataTable(); using (var sqlCon = new SqlConnection(connectString)) { sqlCon.Open(); var query = "Select blogid from Blogs where blogid=(select max(blogid) from Blogs);"; var sqlDa = new SqlDataAdapter(query, sqlCon); sqlDa.Fill(blg); } int bid = (int)blg.Rows[0][0]; //INSERTING BLOGTAGS using (SqlConnection sqlConnection = new SqlConnection(connectString)) { sqlConnection.Open(); string query = "INSERT INTO BLOGTAGS(BlogId,Tag1,Tag2,Tag3,Tag4) VALUES " + "(@bid,@tag1,@tag2,@tag3,@tag4)"; SqlCommand sqlCommand = new SqlCommand(query, sqlConnection); sqlCommand.Parameters.AddWithValue("@bid", bid); //TAG1 IS MANDATORY, TAGS 2,3,4 ARE OPTIONAL if (blog.Tag1 != null) { sqlCommand.Parameters.AddWithValue("@tag1", blog.Tag1); } if (blog.Tag2 != null) { sqlCommand.Parameters.AddWithValue("@tag2", blog.Tag2); } else { sqlCommand.Parameters.AddWithValue("@tag2", ""); } if (blog.Tag3 != null) { sqlCommand.Parameters.AddWithValue("@tag3", blog.Tag3); } else { sqlCommand.Parameters.AddWithValue("@tag3", ""); } if (blog.Tag4 != null) { sqlCommand.Parameters.AddWithValue("@tag4", blog.Tag4); } else { sqlCommand.Parameters.AddWithValue("@tag4", ""); } sqlCommand.ExecuteNonQuery(); } } //REDIRECTING TO BLOGGER'S HOMEPAGE TempData["msg"] = "<script>alert('You have successfully posted a blog for our approval.')</script>"; return(RedirectToAction("Index", "Blogger", new { email = email })); }