//Handle the delete button click event
public void Delete_Comment(object sender, DataGridCommandEventArgs e)
{
if ((e.CommandName == "Delete"))
{
TableCell iIdKeyNumber = e.Item.Cells[2];
TableCell iIdCommNumber = e.Item.Cells[3];
//Instantiate the SQL command object
CommentInfo DeleteComm = new CommentInfo();
DeleteComm.ID = int.Parse(iIdKeyNumber.Text);
DeleteComm.RECID = int.Parse(iIdCommNumber.Text);
//Perform delete recipe
DeleteComm.Delete();
//Redirect to confirm delete page
Response.Redirect("confirmcommentupdate.aspx?mode=del");
}
}
//Handles update comment
public void Update_Comments(Object s, EventArgs e)
{
//Instantiate the SQL command object
CommentInfo UpdateComm = new CommentInfo();
UpdateComm.ID = int.Parse(Request.Form["KeyIDs"]);
UpdateComm.Author = Request.Form["Author"];
UpdateComm.Email = Request.Form["Email"];
UpdateComm.Comments = Request.Form["Comments"];
//Notify user if error occured.
if (UpdateComm.Update() != 0)
{
JSLiteral.Text = "Error occured while processing your submit.";
return;
}
Response.Redirect("confirmcommentupdate.aspx?mode=update");
}
//Handles comment posting
public void Add_Comment(Object s, EventArgs e)
{
//Perform spam validation by matching the value of the textbox security code to the session variable
//that store the random number.
if (Page.IsValid && (txtsecfield.Text.ToString() == Session["randomStr"].ToString()))
{
//Instantiate object
Utility Util = new Utility();
//If all the fields are filled correctly, then process the comment post.
//Instantiate the SQL command object
CommentInfo AddComm = new CommentInfo();
AddComm.ID = (int)Util.Val(Request.QueryString["id"]);
//Filters harmful scripts from input string.
AddComm.Author = Util.FormatTextForInput(Request.Form[AUTHOR.UniqueID]);
AddComm.Email = Util.FormatTextForInput(Request.Form[EMAIL.UniqueID]);
AddComm.Comments = Util.FormatTextForInput(Request.Form[COMMENTS.UniqueID]);
#region Comment Form Input Validator
//Validate for empty name
if (AddComm.Author.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Name is empty, please enter your name.");
lbvalenght.Text = "<br>Error: Name is empty, please enter your name.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Validate for empty email
if (AddComm.Email.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Email is empty, please enter your email.");
lbvalenght.Text = "<br>Error: Email is empty, please enter your email.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Validate for empty comments
if (AddComm.Comments.Length == 0)
{
JSLiteral.Text = Util.JSAlert("Error: Comment is empty, please your comment.");
lbvalenght.Text = "<br>Error: Comment is empty, please your comment.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
//Name maximum of 50 char allowed
if (AddComm.Author.Length > 50)
{
JSLiteral.Text = Util.JSAlert("Error: Name is too long. Max of 50 characters.");
lbvalenght.Text = "<br>Error: Name is too long. Max of 50 characters.";
lbvalenght.Visible = true;
AUTHOR.Value = "";
txtsecfield.Text = "";
return;
}
//Email maximum of 50 char allowed
if (AddComm.Email.Length > 50)
{
JSLiteral.Text = Util.JSAlert("Error: Email is too long. Max of 50 characters.");
lbvalenght.Text = "<br>Error: Email is too long. Max of 50 characters.";
lbvalenght.Visible = true;
EMAIL.Value = "";
txtsecfield.Text = "";
return;
}
//Comments maximum of 200 char allowed
if (AddComm.Comments.Length > 200)
{
JSLiteral.Text = Util.JSAlert("Error: Comments is too long. Max of 200 characters.");
lbvalenght.Text = "<br>Error: Comments is too long. Max of 200 characters.";
lbvalenght.Visible = true;
txtsecfield.Text = "";
return;
}
#endregion
//Notify user if error occured.
if (AddComm.Add() != 0)
{
JSLiteral.Text = Util.JSAlert("A database error occured while processing your request.");
return;
}
//Instantiate email template object
EmailTemplate SendEmail = new EmailTemplate();
SendEmail.ItemID = AddComm.ID;
SendEmail.ItemName = strRName;
//Send an email notification to the webmaster in HTML format.
SendEmail.SendEmailCommentNotify();
//Release allocated memory
SendEmail = null;
AddComm = null;
//If success, redirect to confirmation and thank you page.
Util.PageRedirect(4);
Util = null;
}
else
{
//Javascript validation
JSLiteral.Text = Util.JSAlert("Invalid security code. Make sure you type it correctly.");
return;
// lblinvalidsecode.Text = "Invalid security code. Make sure you type it correctly.";
// lblinvalidsecode.Visible = true;
}
}
