Exemplo n.º 1
0
    protected void UploadBtn_Click(object sender, EventArgs e)
    {
        HttpPostedFile ChoosenVideo = VideoUpload.PostedFile;
        string         VideoName    = Path.GetFileName(ChoosenVideo.FileName);
        string         VideoFormat  = Path.GetExtension(VideoName);
        string         CatIndex     = CategoriesText.SelectedItem.Value;
        int            VideoSize    = ChoosenVideo.ContentLength;

        if (VideoName == "")
        {
            UploadLabel.ForeColor = System.Drawing.Color.Red;
            UploadLabel.Text      = "Please Select a Video";
        }
        else
        {
            if (VideoFormat.ToLower() == ".mp4" || VideoFormat.ToLower() == ".ogg" || VideoFormat.ToLower() == ".webm")
            {
                if (VideoSize > 50000000)
                {
                    UploadLabel.ForeColor = System.Drawing.Color.Red;
                    UploadLabel.Text      = "Video Exceeded the Size Limit. Please Try Again";
                }
                else
                {
                    string textarea   = DescriptionText.Value;
                    string category   = CategoriesText.SelectedItem.Text;
                    string today      = DateTime.Today.ToString("dd/MM/yyyy");
                    int    UserUpload = Convert.ToInt32(UserUploadString);

                    if (TitleText.Text == "" || category == "" || textarea == "")
                    {
                        UploadLabel.ForeColor = System.Drawing.Color.Red;
                        UploadLabel.Text      = "Please Make Sure All Information are Filled";
                    }
                    else
                    {
                        con3.Open();
                        String       DuplicateVideoName = "SELECT * FROM [dbo].[Video] WHERE Title = @title";
                        SqlCommand   com3         = new SqlCommand(DuplicateVideoName, con3);
                        SqlParameter getVideoName = new SqlParameter("@title", TitleText.Text);
                        com3.Parameters.Add(getVideoName);
                        SqlDataReader retrieve3 = com3.ExecuteReader();
                        if (retrieve3.HasRows)
                        {
                            UploadLabel.ForeColor = System.Drawing.Color.Red;
                            UploadLabel.Text      = "Video's Title Existed. Please Try Another One";
                        }
                        else
                        {
                            String path = VideoName.Replace(" ", "");
                            con.Open();
                            String       query       = "INSERT INTO [dbo].[Video] (VideoFile,Title,Description,Categories,CategoriesIndex,TotalView,TotalLike,TotalDislike,Date,Status,UserID) VALUES (@video,@title,@description,@category,@index,'0','0','0',@today,'Pending',@userID)";
                            SqlCommand   com         = new SqlCommand(query, con);
                            SqlParameter addVideo    = new SqlParameter("@video", path);
                            SqlParameter addTitle    = new SqlParameter("@title", TitleText.Text);
                            SqlParameter addDesc     = new SqlParameter("@description", textarea);
                            SqlParameter addcategory = new SqlParameter("@category", category);
                            SqlParameter addIndex    = new SqlParameter("@index", CatIndex);
                            SqlParameter addDate     = new SqlParameter("@today", today);
                            SqlParameter addUserID   = new SqlParameter("@userID", UserUpload);
                            com.Parameters.Add(addVideo);
                            com.Parameters.Add(addTitle);
                            com.Parameters.Add(addDesc);
                            com.Parameters.Add(addcategory);
                            com.Parameters.Add(addIndex);
                            com.Parameters.Add(addDate);
                            com.Parameters.Add(addUserID);
                            com.ExecuteNonQuery();


                            VideoUpload.SaveAs(Server.MapPath("Content\\" + path));
                            UploadLabel.ForeColor = System.Drawing.Color.Yellow;
                            UploadLabel.Text      = "Video Uploaded Successfully";
                            con.Close();
                            DescriptionText.Value = "";
                            TitleText.Text        = "";

                            SmtpClient client = new SmtpClient("smtp.gmail.com", 587);
                            client.EnableSsl             = true;
                            client.DeliveryMethod        = SmtpDeliveryMethod.Network;
                            client.UseDefaultCredentials = false;
                            client.Credentials           = new NetworkCredential("*****@*****.**", "eelxusivywsyjmcr");
                            MailMessage msgobj = new MailMessage();
                            msgobj.To.Add(Email);
                            msgobj.From    = new MailAddress("*****@*****.**");
                            msgobj.Subject = "Video Uploaded Successfully #Do Not Reply";
                            msgobj.Body    = "Congratulation, your video was uploaded successfully. Please be patient for the approval." +
                                             Environment.NewLine + "Video Name: " + VideoName + Environment.NewLine +
                                             "Video Category: " + category + Environment.NewLine +
                                             Environment.NewLine +
                                             "Thank You. Have a Nice Day.";

                            client.Send(msgobj);
                        }
                        con3.Close();
                        con.Close();
                    }
                }
            }
            else
            {
                UploadLabel.ForeColor = System.Drawing.Color.Red;
                UploadLabel.Text      = "Video Format Not Supported. Please Try Again.";
            }
        }
    }
Exemplo n.º 2
0
    protected void ImageButton9_Click(object sender, ImageClickEventArgs e)
    {
        if (TextBox1.Text.Length < 250)
        {
            Label1.Text = "Maximum Text Limit is 250.";
        }
        else if (antiSqlInjection() == 0)
        {
            Label1.Text = "";
            if (!PhotoUpload.HasFile)
            {
                invalid += 1;
            }
            if (!VideoUpload.HasFile)
            {
                invalid += 1;
            }
            if (!AudioUpload.HasFile)
            {
                invalid += 1;
            }
            if (invalid == 3 && TextBox1.Text.Trim() == "")      // No Contents
            {
                Label1.Text = " Nothing to Upload.";
            }
            else
            {
                Label1.Text = "";
            }
        }
        if (recipient.Text.Trim().Length != 0 && invalid < 3)
        {
            SqlCommand check = new SqlCommand("Select Count(*) from user_db where phone_no='" + recipient.Text + "'", conn);
            int        phone = (int)check.ExecuteScalar();
            String     temp = (phone + 100001).ToString(), pic = "", aud = "", vid = "";
            if (phone == 1)        // Phone exist
            {
                if (PhotoUpload.HasFile)
                {
                    pic = "pic" + temp + ".jpg";
                    PhotoUpload.SaveAs(Server.MapPath("~/uploads/feed" + pic));
                }
                else
                {
                    pic = "";
                }
                if (VideoUpload.HasFile)
                {
                    vid = "vid" + temp + ".3gp";
                    VideoUpload.SaveAs(Server.MapPath("~/uploads/feed" + vid));
                }
                else
                {
                    pic = "";
                }
                if (AudioUpload.HasFile)
                {
                    aud = "aud" + temp + ".amr";
                    AudioUpload.SaveAs(Server.MapPath("~/uploads/feed" + aud));
                }
                else
                {
                    aud = "";
                }
                SqlCommand enter = new SqlCommand("Insert into feed_db(user_id,recipient_id,pic_id,text,vid_id,aud_id) values('" + temp + "'" + recipient.Text.Trim() + "'" + pic + "'" + vid + "'" + aud + "')", conn);
                enter.ExecuteNonQuery();
                Label1.Text = " Mail Sent Successfully";
            }
            else             // invalid phone number
            {
                Label1.Text = " No user Found.";
            }

            // SqlCommand enter = new SqlCommand("Insert into feed_db'" + recipient.Text + "'", conn);
        }
    }