Esempio n. 1
0
        public ActionResult Create(PostInfo newPost)
        {
            if (!Request.IsAuthenticated && (newPost.Poster == null || newPost.Poster.Trim() == string.Empty))
            {
                ModelState.AddModelError("", "请填写昵称或登录帐号,然后再发表留言!");
                return View(newPost);
            }

            if (newPost.Content == null || newPost.Content.Trim() == string.Empty)
            {
                ModelState.AddModelError("", "请填写留言内容!");
                return View(newPost);
            }
            if (ModelState.IsValid)
            {
                newPost.Content = HttpUtility.HtmlEncode(newPost.Content).Replace("\r\n", "<br />").Replace("\r", "<br />").Replace("\n", "<br />");
                newPost.Poster = Request.IsAuthenticated ? User.Identity.Name : newPost.Poster;
                ShortUserInfo posterInfo = Users.GetUserInfoByUsername(newPost.Poster);
                newPost.PosterId = posterInfo != null ? posterInfo.Uid : 0;
                newPost.Ip = Request.UserHostAddress;
                newPost.PostDate = DateTime.Now;
                newPost.Email = "";
                newPost.Website = "";

                Posts.CreatePost(newPost);
                return RedirectToAction("Index");
            }
            else
            {
                ModelState.AddModelError("", "验证失败,请填写必填项!");
                return View(newPost);
            }
        }
Esempio n. 2
0
        public static void CreatePost(PostInfo newPost)
        {
            DbParameter[] prams = 
		    {
			    DbHelper.MakeInParam("?poster", (DbType)MySqlDbType.String, 50,newPost.Poster),
			    DbHelper.MakeInParam("?posterid", (DbType)MySqlDbType.Int32, 4,newPost.PosterId),
			    DbHelper.MakeInParam("?content", (DbType)MySqlDbType.String, 5000,newPost.Content),
			    DbHelper.MakeInParam("?postdate", (DbType)MySqlDbType.DateTime, 8,newPost.PostDate),
			    DbHelper.MakeInParam("?ip", (DbType)MySqlDbType.String, 50,newPost.Ip),
			    DbHelper.MakeInParam("?email", (DbType)MySqlDbType.String, 100,newPost.Email),
			    DbHelper.MakeInParam("?website", (DbType)MySqlDbType.String, 100,newPost.Website)
		    };
            DbHelper.ExecuteNonQuery(CommandType.Text, "INSERT INTO posts (poster,posterid,content,postdate,ip,email,website) VALUES(?poster,?posterid,?content,?postdate,?ip,?email,?website)", prams);
        }
Esempio n. 3
0
        public static List<PostInfo> GetPostList()
        {
            IDataReader dr = DbHelper.ExecuteReader(CommandType.Text, "SELECT * FROM posts ORDER BY pid DESC");

            List<PostInfo> list = new List<PostInfo>();
            while (dr.Read())
            {
                PostInfo p = new PostInfo();
                p.Pid = Convert.ToInt32(dr["pid"]);
                p.Poster = dr["poster"].ToString();
                p.PosterId = Convert.ToInt32(dr["posterid"]);
                p.Content = dr["content"].ToString();
                p.PostDate = Convert.ToDateTime(dr["postdate"]);
                p.Ip = dr["ip"].ToString();
                p.Email = dr["email"].ToString();
                p.Website = dr["website"].ToString();
                list.Add(p);
            }
            dr.Close();
            return list;
        }