protected void lvComments_ItemCommand(object sender, System.Web.UI.WebControls.ListViewCommandEventArgs e)
{
if (e.CommandName == "RemovePost")
{
string selectedValue = e.CommandArgument.ToString();
var account = CloudStorageAccount.FromConfigurationSetting("DataConnectionString");
var context = new ForumPostDataServiceContext(account.TableEndpoint.ToString(), account.Credentials);
try
{
var query = (from entity in context.CreateQuery<ForumPost>("ForumPosts")
where (entity.UserGUID.Equals(_StrUserGUID) && entity.PostGUID.Equals(selectedValue))
select entity).Single();
context.DeleteObject(query);
context.SaveChanges();
_TopicGUID = ViewState["_TopicGUID"].ToString();
var query2 = (from entity in context.CreateQuery<ForumPost>("ForumPosts")
where (entity.TopicGUID.Equals(_TopicGUID))
select entity);
this.lvComments.DataSource = query2;
this.lvComments.DataBind();
lblResults.Text = String.Empty;
}
catch (Exception ex)
{
//lblResults.Text = ex.ToString();
lblResults.Text = "<br />You can't delete this post...<br />";
lblResults.CssClass = "Red";
}
}
}
private void ValidateUserSubmission()
{
_IPAddress = GetIpAddress();
#region - Form Validation -
bool status0;
int count = 0;
#region - tbxComment -
if (tbxComment.Text == String.Empty)
{
tbxComment.CssClass = "textboxYellow";
lblMessage.Text = "*";
}
else
{
_PostText = tbxComment.Text;
_PostText_rm = utilities.StripSpaces(_PostText);
// Test for SQL Injection Test
bool Message = utilities.TestStringForSQLInjection(_IPAddress, _PostText_rm);
if (Message) // SQL Injection Detected
{
_PostText_ck = String.Empty;
this.Send_SQLInjection_Notification_Email(_PostText);
tbxComment.Text = String.Empty;
// Noting else happens
}
else // SQL Injection NOT Detected
{
_PostText_ck = _PostText;
tbxComment.CssClass = "textbox";
count++;
}
}
#endregion
#region - tbxMyCAPTCHAAnswer -
if (tbxMyCAPTCHAAnswer.Text == String.Empty)
{
tbxMyCAPTCHAAnswer.CssClass = "textboxYellow";
lblMyCapInfo.Text = "*";
}
else
{
_StrCaptchaAnswer = tbxMyCAPTCHAAnswer.Text;
// Test for SQL Injection Test
bool captchaAnswer = utilities.TestStringForSQLInjection(_IPAddress, _StrCaptchaAnswer);
if (captchaAnswer) // SQL Injection Detected
{
_StrCaptchaAnswer_ck = String.Empty;
this.Send_SQLInjection_Notification_Email(_StrCaptchaAnswer);
// Noting else happens
}
else // SQL Injection NOT Detected
{
string lower = _StrCaptchaAnswer.ToLower();
_StrCaptchaAnswer_ck = utilities.StripSpaces(lower);
tbxMyCAPTCHAAnswer.CssClass = "textbox";
lblMyCapInfo.Text = String.Empty;
bool IsNumber = utilities.TestStringForNumeric(_StrCaptchaAnswer_ck);
if (IsNumber)
{
int num1 = Convert.ToInt16(Session["Num1"]);
int num2 = Convert.ToInt16(Session["Num2"]);
_CaptchaAnswer = Convert.ToInt16(_StrCaptchaAnswer_ck);
bool result = utilities.Solve_AddTwoNumbers(num1, num2, _CaptchaAnswer);
if (result)
{
//lblResults.Text = "<font color=\"Green\">* Correct !</font>";
lblResults.Text = String.Empty;
count++;
}
else
{
lblResults.Text = "<font color=\"Red\">* Sorry... Wrong answer.</font>";
}
}
else
{
lblMyCapInfo.Text = "Please enter a number";
}
}
}
#endregion
if (count > 1) status0 = true;
else status0 = false;
#endregion
#region - (status0) -
if (status0) // The Form entries are OK. Go ahead and process
{
if (!Request.IsAuthenticated)
{
tbxComment.Text = "Login to comment";
tbxComment.Enabled = false;
btnSubmitComment.Enabled = false;
}
else
{
var statusMessage = String.Empty;
try
{
_CommentGUID = Guid.NewGuid();
_StrCommentGUID = _CommentGUID.ToString();
_StrUserGUID = _UserGUID.ToString();
_TopicName = ViewState["_TopicName"].ToString();
_TopicGUID = ViewState["_TopicGUID"].ToString();
_ForumName = ViewState["_ForumName"].ToString();
_ForumGUID = ViewState["_ForumGUID"].ToString();
// Get FullName for Post Identity
DataTable dt = bl.Get_FullName(_UserGUID);
_FullName = dt.Rows[0][1].ToString();
var account = CloudStorageAccount.FromConfigurationSetting("DataConnectionString");
var context = new ForumPostDataServiceContext(account.TableEndpoint.ToString(), account.Credentials);
context.AddForumPost(
_CreatedOn
, _UserName
, _StrUserGUID
, _FullName
, _TopicName
, _TopicGUID
, _ForumName
, _ForumGUID
, Server.HtmlEncode(this.tbxComment.Text)
, _StrCommentGUID //_PostGUID
);
var query = (from entity in context.CreateQuery<ForumPost>("ForumPosts")
where (entity.TopicGUID.Equals(_TopicGUID))
select entity);
this.lvComments.DataSource = query;
this.lvComments.DataBind();
}
catch (System.Data.Services.Client.DataServiceRequestException ex)
{
statusMessage = "Unable to connect to the table service. Please check that the service is running.<br />"
+ ex.Message;
}
finally
{
tbxComment.Text = String.Empty;
lblResults.Text = String.Empty;
lblResults.CssClass = "";
this.SetFocus(tbxComment);
}
}
}
else
{
//lblResults.Text += "<br />(status0) else - The form is bad " + DateTime.Now.ToString();
}
#endregion
}
protected void Bind_Posts(string TopicGUID)
{
phComments.Visible = true;
tbxComment.Enabled = true;
var account = CloudStorageAccount.FromConfigurationSetting("DataConnectionString");
var context = new ForumPostDataServiceContext(account.TableEndpoint.ToString(), account.Credentials);
var query = (from entity in context.CreateQuery<ForumPost>("ForumPosts")
where (entity.TopicGUID.Equals(TopicGUID))
select entity);
this.lvComments.DataSource = query;
this.lvComments.DataBind();
DataTable dt = bl.Get_Topic(TopicGUID);
_TopicGUID = dt.Rows[0][1].ToString(); ViewState["_TopicGUID"] = _TopicGUID;
_TopicName = dt.Rows[0][2].ToString(); ViewState["_TopicName"] = _TopicName;
lblBreadCrumb_Forum.Text = " / " + ViewState["_ForumName"] + " / " + ViewState["_TopicName"];
}
