protected void UpdateButton_Click(object sender, System.EventArgs e)
{
Guid uGuid = new Guid(Membership.GetUser().ProviderUserKey.ToString());
string reaction = HttpUtility.HtmlEncode(ReactionTextBox.Text.Trim());
////hack to preserve at least some formatting in a post
//reaction = Regex.Replace( reaction, "" + char( 13 ) + "" + Chr( 10 ) + "", "<br />", RegexOptions.IgnoreCase | RegexOptions.Multiline );
//reaction = Regex.Replace( reaction, "<br />", "<br />", RegexOptions.IgnoreCase | RegexOptions.Multiline );
//suggest you get an html editor type input box instead
//if you do, you'll need to sanitize the input here to check for malicious html and script junk
PollReaction pr = new PollReaction();
pr.Reaction = reaction;
pr.PollId = PollId;
pr.UserId = uGuid;
PollReaction.Create(pr);
Response.Redirect(string.Format("~/Poll/View.aspx?pollId={0}", PollId.ToString()), true);
}
