protected string validInput(string input) { var regex = "[\'<>\"]"; if (null != input && !input.Contains("\"") && input.StartsWith("/")) { return(!Regex.IsMatch(input, regex) ? AntiXssEncoder.XmlAttributeEncode(input):string.Empty); } return(string.Empty); }
[ValidateAntiForgeryToken] //bao mat public ActionResult Create(ContentModel model) { // TODO: Add insert logic here if (ModelState.IsValid) { var session = (UserLogin)Session[CommonConstants.USER_SESSION]; model.CreatedBy = session.UserName.ToString(); var dao = new ContentDao(); var content = new Content(); content.CategoryID = model.CategoryID; content.CreatedDate = model.CreatedDate; content.Description = model.Description; content.Detail = AntiXssEncoder.XmlAttributeEncode(content.Detail); content.Image = model.Image; content.Language = model.Language; content.MetaDescriptions = model.MetaDescriptions; content.MetaKeywords = model.MetaKeywords; content.MetaDescriptions = model.MetaDescriptions; content.Name = model.Name; content.Status = model.Status; content.Tags = model.Tags; content.TopHot = model.TopHot; long id = dao.Create(content); if (id > 0) { SetAlert("Thêm tin tức thành công", "success"); return(RedirectToAction("Index", "Content")); } else { SetAlert("Thêm tin tức không thành công", "error"); ModelState.AddModelError("", "Thêm Noi dung không thành công."); } } SetViewBag(); SetAlert("Thêm tin tức không thành công", "error"); return(View("Create")); }
public ActionResult Edit(Content model) { try { // TODO: Add update logic herem if (ModelState.IsValid) { model.Detail = AntiXssEncoder.XmlAttributeEncode(model.Detail); new ContentDao().Update(model); SetAlert("Cập nhật thành công", "success"); return(RedirectToAction("Index")); } SetAlert("Cập nhật không thành công", "success"); SetViewBag(model.CategoryID); return(RedirectToAction("Edit")); } catch { return(View()); } }
public void RenderReportItem(RPLElement reportItem, RPLItemMeasurement measurement, StyleContext styleContext, ref int borderContext, bool renderId, bool treatAsTopLevel) { RPLImageProps rPLImageProps = (RPLImageProps)reportItem.ElementProps; RPLImagePropsDef rPLImagePropsDef = (RPLImagePropsDef)rPLImageProps.Definition; RPLFormat.Sizings sizing = rPLImagePropsDef.Sizing; RPLImageData image = rPLImageProps.Image; float innerContainerHeightSubtractBorders = html5Renderer.GetInnerContainerHeightSubtractBorders(measurement, rPLImageProps.Style); float innerContainerWidthSubtractBorders = html5Renderer.GetInnerContainerWidthSubtractBorders(measurement, rPLImageProps.Style); string text = html5Renderer.GetImageUrl(useSessionId: true, image); string ariaLabel = null; string role = null; string tooltip = html5Renderer.GetTooltip(rPLImageProps); if (treatAsTopLevel) { ariaLabel = (string.IsNullOrEmpty(tooltip) ? RenderRes.AccessibleImageLabel : RenderResWrapper.AccessibleImageNavigationGroupLabel(tooltip)); role = HTMLElements.m_navigationRole; } string input = string.IsNullOrEmpty(tooltip) ? RenderRes.AccessibleImageLabel : tooltip; input = AntiXssEncoder.XmlAttributeEncode(input); Dictionary <string, string> dictionary = new Dictionary <string, string>(); if (html5Renderer.m_elementExtender.ShouldApplyToElement(treatAsTopLevel)) { dictionary.Add(HTMLElements.m_reportItemDataName, html5Renderer.m_elementExtender.ApplyToElement()); dictionary.Add(HTMLElements.m_reportItemCustomAttrStr, html5Renderer.GetReportItemPath(rPLImagePropsDef.Name)); } bool flag = rPLImageProps.ActionImageMapAreas != null && rPLImageProps.ActionImageMapAreas.Length != 0; if (flag) { string s = HTMLElements.m_hashTag + html5Renderer.m_deviceInfo.HtmlPrefixId + HTMLElements.m_mapPrefixString + rPLImageProps.UniqueName; dictionary.Add(HTMLElements.m_useMapName, HttpUtility.HtmlAttributeEncode(s)); } if (html5Renderer.HasAction(rPLImageProps.ActionInfo)) { RenderElementHyperlink(rPLImageProps.Style, rPLImageProps.ActionInfo.Actions[0]); } if (!styleContext.InTablix) { if (sizing == RPLFormat.Sizings.AutoSize) { styleContext.RenderMeasurements = false; } html5Renderer.WriteStream(HTMLElements.m_openDiv); html5Renderer.RenderReportItemStyle(reportItem, rPLImageProps, rPLImagePropsDef, measurement, styleContext, ref borderContext, rPLImagePropsDef.ID); html5Renderer.WriteStream(HTMLElements.m_closeBracket); } if (string.IsNullOrEmpty(text)) { text = "data:image/gif;base64," + Convert.ToBase64String(HTMLRendererResources.GetBytes("Blank.gif")); } HtmlElement htmlElement; switch (sizing) { case RPLFormat.Sizings.FitProportional: htmlElement = new FitProportionalImageElement(text, innerContainerWidthSubtractBorders, role, input, ariaLabel, dictionary); break; case RPLFormat.Sizings.Fit: htmlElement = new FitImageElement(text, role, input, ariaLabel, dictionary); break; case RPLFormat.Sizings.Clip: htmlElement = new ClipImageElement(text, role, input, ariaLabel, dictionary); break; default: htmlElement = new OriginalSizeImageElement(text, role, input, ariaLabel, dictionary); break; } htmlElement.Render(new Html5OutputStream(html5Renderer)); if (!styleContext.InTablix) { html5Renderer.WriteStream(HTMLElements.m_closeDiv); } if (html5Renderer.HasAction(rPLImageProps.ActionInfo)) { html5Renderer.WriteStream(HTMLElements.m_closeA); } if (flag) { html5Renderer.RenderImageMapAreas(rPLImageProps.ActionImageMapAreas, measurement.Width, measurement.Height, rPLImageProps.UniqueName, 0, 0); } }
public void Render(IOutputStream outputStream) { outputStream.Write(HTMLElements.m_openDiv); if (!string.IsNullOrEmpty(Role)) { outputStream.Write(HTMLElements.m_space); outputStream.Write(HTMLElements.m_role); outputStream.Write(HTMLElements.m_equal); outputStream.Write(HTMLElements.m_quote); outputStream.Write(Role); outputStream.Write(HTMLElements.m_quote); } if (!string.IsNullOrEmpty(AriaLabel)) { outputStream.Write(HTMLElements.m_space); outputStream.Write(HTMLElements.m_ariaLabel); outputStream.Write(HTMLElements.m_equal); outputStream.Write(HTMLElements.m_quote); outputStream.Write(AntiXssEncoder.XmlAttributeEncode(AriaLabel)); outputStream.Write(HTMLElements.m_quote); } string text = string.Empty; if (Size != null && Size.Width != null && Size.Width.GetType() == typeof(AutoScaleTo100Percent)) { text = HTMLElements.m_resize100WidthClassName; } if (Size != null && Size.Height != null && Size.Height.GetType() == typeof(AutoScaleTo100Percent)) { text = text + HTMLElements.m_spaceString + HTMLElements.m_resize100HeightClassName; } if (!string.IsNullOrEmpty(text)) { outputStream.Write(HTMLElements.m_classStyle); outputStream.Write(text); outputStream.Write(HTMLElements.m_quoteString); } outputStream.Write(HTMLElements.m_openStyle); if (Size != null) { Size.Render(outputStream); } if (BackgroundImage != null) { outputStream.Write(HTMLElements.m_space); outputStream.Write(HTMLElements.m_backgroundImage); outputStream.Write(BackgroundImage.Replace("(", "%28").Replace(")", "%29")); outputStream.Write(HTMLElements.m_closeParenthesis); outputStream.Write(HTMLElements.m_semiColon); } if (BackgroundImageSize != null) { outputStream.Write(HTMLElements.m_space); outputStream.Write(HTMLElements.m_backgroundSize); outputStream.Write(BackgroundImageSize); outputStream.Write(HTMLElements.m_semiColon); } if (BackgroundRepeat != null) { outputStream.Write(HTMLElements.m_space); outputStream.Write(HTMLElements.m_backgroundRepeat); BackgroundRepeat.Render(outputStream); outputStream.Write(HTMLElements.m_semiColon); } if (Overflow != null) { outputStream.Write(HTMLElements.m_overflow); outputStream.Write(Overflow); outputStream.Write(HTMLElements.m_semiColon); } outputStream.Write(HTMLElements.m_quoteString); outputStream.Write(HTMLElements.m_closeBracket); if (ChildElement != null) { ChildElement.Render(outputStream); } outputStream.Write(HTMLElements.m_closeDiv); }