//Handle the delete button click event public void Delete_Comment(object sender, DataGridCommandEventArgs e) { if ((e.CommandName == "Delete")) { TableCell iIdKeyNumber = e.Item.Cells[2]; TableCell iIdCommNumber = e.Item.Cells[3]; //Instantiate the SQL command object CommentInfo DeleteComm = new CommentInfo(); DeleteComm.ID = int.Parse(iIdKeyNumber.Text); DeleteComm.RECID = int.Parse(iIdCommNumber.Text); //Perform delete recipe DeleteComm.Delete(); //Redirect to confirm delete page Response.Redirect("confirmcommentupdate.aspx?mode=del"); } }
//Handles update comment public void Update_Comments(Object s, EventArgs e) { //Instantiate the SQL command object CommentInfo UpdateComm = new CommentInfo(); UpdateComm.ID = int.Parse(Request.Form["KeyIDs"]); UpdateComm.Author = Request.Form["Author"]; UpdateComm.Email = Request.Form["Email"]; UpdateComm.Comments = Request.Form["Comments"]; //Notify user if error occured. if (UpdateComm.Update() != 0) { JSLiteral.Text = "Error occured while processing your submit."; return; } Response.Redirect("confirmcommentupdate.aspx?mode=update"); }
//Handles comment posting public void Add_Comment(Object s, EventArgs e) { //Perform spam validation by matching the value of the textbox security code to the session variable //that store the random number. if (Page.IsValid && (txtsecfield.Text.ToString() == Session["randomStr"].ToString())) { //Instantiate object Utility Util = new Utility(); //If all the fields are filled correctly, then process the comment post. //Instantiate the SQL command object CommentInfo AddComm = new CommentInfo(); AddComm.ID = (int)Util.Val(Request.QueryString["id"]); //Filters harmful scripts from input string. AddComm.Author = Util.FormatTextForInput(Request.Form[AUTHOR.UniqueID]); AddComm.Email = Util.FormatTextForInput(Request.Form[EMAIL.UniqueID]); AddComm.Comments = Util.FormatTextForInput(Request.Form[COMMENTS.UniqueID]); #region Comment Form Input Validator //Validate for empty name if (AddComm.Author.Length == 0) { JSLiteral.Text = Util.JSAlert("Error: Name is empty, please enter your name."); lbvalenght.Text = "<br>Error: Name is empty, please enter your name."; lbvalenght.Visible = true; txtsecfield.Text = ""; return; } //Validate for empty email if (AddComm.Email.Length == 0) { JSLiteral.Text = Util.JSAlert("Error: Email is empty, please enter your email."); lbvalenght.Text = "<br>Error: Email is empty, please enter your email."; lbvalenght.Visible = true; txtsecfield.Text = ""; return; } //Validate for empty comments if (AddComm.Comments.Length == 0) { JSLiteral.Text = Util.JSAlert("Error: Comment is empty, please your comment."); lbvalenght.Text = "<br>Error: Comment is empty, please your comment."; lbvalenght.Visible = true; txtsecfield.Text = ""; return; } //Name maximum of 50 char allowed if (AddComm.Author.Length > 50) { JSLiteral.Text = Util.JSAlert("Error: Name is too long. Max of 50 characters."); lbvalenght.Text = "<br>Error: Name is too long. Max of 50 characters."; lbvalenght.Visible = true; AUTHOR.Value = ""; txtsecfield.Text = ""; return; } //Email maximum of 50 char allowed if (AddComm.Email.Length > 50) { JSLiteral.Text = Util.JSAlert("Error: Email is too long. Max of 50 characters."); lbvalenght.Text = "<br>Error: Email is too long. Max of 50 characters."; lbvalenght.Visible = true; EMAIL.Value = ""; txtsecfield.Text = ""; return; } //Comments maximum of 200 char allowed if (AddComm.Comments.Length > 200) { JSLiteral.Text = Util.JSAlert("Error: Comments is too long. Max of 200 characters."); lbvalenght.Text = "<br>Error: Comments is too long. Max of 200 characters."; lbvalenght.Visible = true; txtsecfield.Text = ""; return; } #endregion //Notify user if error occured. if (AddComm.Add() != 0) { JSLiteral.Text = Util.JSAlert("A database error occured while processing your request."); return; } //Instantiate email template object EmailTemplate SendEmail = new EmailTemplate(); SendEmail.ItemID = AddComm.ID; SendEmail.ItemName = strRName; //Send an email notification to the webmaster in HTML format. SendEmail.SendEmailCommentNotify(); //Release allocated memory SendEmail = null; AddComm = null; //If success, redirect to confirmation and thank you page. Util.PageRedirect(4); Util = null; } else { //Javascript validation JSLiteral.Text = Util.JSAlert("Invalid security code. Make sure you type it correctly."); return; // lblinvalidsecode.Text = "Invalid security code. Make sure you type it correctly."; // lblinvalidsecode.Visible = true; } }