public ActionResult Create_Essay(Essay model,AccountLogin user) { DBHelper tmpDBHelper = new DBHelper(); var title = model.Title; var content = model.Content; var userID = Session["UserId"].ToString(); tmpDBHelper.SqlExcute("insert into Essay(UserId,EssayTitle,EssayContent) values('"+userID+"','"+title+"','"+content+"')"); return Redirect("../Home/Index"); }
//返回个人文章列表 public List<Essay> GetEssayList(string uid) { List<Essay> EssayList = new List<Essay>(); Essay essay = new Essay(); SqlConnection con = new SqlConnection(ConStr); con.Open(); SqlCommand cmd = new SqlCommand("select * from Essay where UserId = '"+uid+"'", con); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { essay.UserID = reader["UserId"].ToString(); essay.Title = reader["EssayTitle"].ToString(); essay.Content = reader["EssayContent"].ToString(); EssayList.Add(essay); } con.Close(); return EssayList; }