public ActionResult NewStory(string id)
{
if (Session["Id"] == null)
{
TempData["notloggedin"] = "<script> alert('Please Login To Continue');</script>";
return(RedirectToAction("Login", "Login"));
}
NewStoryInfo newStoryInfo = new NewStoryInfo();
newStoryInfo.tags.tagName = id;
Session["currentTag"] = id;
return(View(newStoryInfo));
}
public ActionResult NewStory(NewStoryInfo storyInfo)
{
if (Session["Id"] == null)
{
TempData["notloggedin"] = "<script> alert('Please Login To Continue');</script>";
return(RedirectToAction("Login", "Login"));
}
string fileName = "";
string filePath = "";
var file = storyInfo.file[0];
string bookName = storyInfo.books.bookName;
string boodSummary = storyInfo.books.summary;
string query = "";
int bookId = 0;
try
{
if (file.ContentLength > 0)
{
fileName = Path.GetFileName(file.FileName);
filePath = Path.Combine(Server.MapPath("~/images/Books"), fileName);
string toSave = "~/images/Books/" + fileName;
file.SaveAs(filePath);
int currentUser = (int)System.Web.HttpContext.Current.Session["Id"];
query = "INSERT INTO BOOKS VALUES ('" + bookName + "'," + currentUser + ",null,'" + toSave + "','" + boodSummary + "')";
DatabaseModel databaseModel = new DatabaseModel();
databaseModel.insert(query);
query = "SELECT BOOKID FROM BOOKS WHERE BOOKNAME = '" + bookName + "'";
DataSet dataSet = new DataSet();
dataSet = databaseModel.selectFunction(query);
bookId = Convert.ToInt32(dataSet.Tables[0].Rows[0].ItemArray[0]);
query = "SELECT TAGID FROM TAGS WHERE TAGNAME = '" + storyInfo.tags.tagName + "'";
dataSet = new DataSet();
dataSet = databaseModel.selectFunction(query);
int tagid = Convert.ToInt32(dataSet.Tables[0].Rows[0].ItemArray[0]);
query = "INSERT INTO BOOKTAGS VALUES (" + bookId + ", " + tagid + ")";
databaseModel.insert(query);
}
else
{
// query = "UPDATE USERS SET PASSWORD = '******' WHERE USERNAME = '******'";
}
}
catch
{
}
return(RedirectToAction("WriteStory", "Write", new { @id = bookId }));
}
