[HttpPost] //限定使用POST //[Authorize] // 會員登入後才可評論 public ActionResult SAVEBookPage(BooksMessage bm) { bm.bm_MessageTime = DateTime.Now; int bm_Sorce = (int)bm.bm_Score; db.BooksMessage.Add(bm); db.SaveChanges(); return(RedirectToAction("BookPage", new { bid = bm.b_id })); }
//bm_id 書籍留言序號 //b_id 書籍編號 //m_id 會員編號 //bm_Message 留言內容 //bm_MessageTime 留言時間 //bm_score 會員對書籍的評分 //m_Name dbo.Member資料表的會員暱稱 public List <BooksMessage> getOneMessage(string b_id, string m_id) { SqlConnection con = new SqlConnection(); con.ConnectionString = @"Data Source=.;Initial Catalog=RentBookdb;Integrated Security=True"; con.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; cmd.CommandText = "select * from BooksMessage where b_id = @b_id and m_id = @m_id "; cmd.Parameters.AddWithValue("b_id", b_id); cmd.Parameters.AddWithValue("m_id", m_id); List <BooksMessage> list = new List <BooksMessage>(); SqlDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { BooksMessage x = new BooksMessage(); x.bm_id = (int)reader["bm_id"]; x.b_id = reader["b_id"].ToString(); x.m_id = reader["m_id"].ToString(); x.bm_Message = reader["bm_Message"].ToString(); x.bm_MessageTime = (DateTime)reader["bm_MessageTime"]; x.bm_Score = (int)reader["bm_Score"]; list.Add(x); } if (list.Count == 0) { return(null); } return(list); }