public static List <BlogPosts> getAllBlogPostsByUserID(string id) { try { List <BlogPosts> allPostsByUser = new List <BlogPosts>(); string command = "SELECT * FROM BlogPosts WHERE UserID = '" + id + "' ORDER BY Date DESC, Time DESC "; SqlCommand sqlCommand = new SqlCommand(command, DBConnection.getInstance().Conn); DBConnection.getInstance().Conn.Open(); using (SqlDataReader reader = sqlCommand.ExecuteReader()) { while (reader.Read()) { int postID = reader.GetInt32(reader.GetOrdinal("PostID")); string userID = reader.GetString(reader.GetOrdinal("UserID")); DateTime date = reader.GetDateTime(reader.GetOrdinal("Date")); TimeSpan time = reader.GetTimeSpan(reader.GetOrdinal("Time")); string postContent = reader.GetString(reader.GetOrdinal("PostContent")); BlogPosts bp = new BlogPosts(postID, userID, date, time, postContent); allPostsByUser.Add(bp); } } return(allPostsByUser); } catch (ArgumentOutOfRangeException aoorex) { return(null); } catch (Exception ex) { return(null); } finally { DBConnection.getInstance().Conn.Close(); } }
protected void submitNewBlogPost(object sender, EventArgs e) { if (_user.UserID == Request.QueryString["blogOwner"]) { if (newPostTextbox.Text != "") { DateTime date = DateTime.Now.Date; TimeSpan time = DateTime.Now.TimeOfDay; string postContent = Server.HtmlEncode(newPostTextbox.Text); BlogPosts newPost = new BlogPosts(_user.UserID, date, time, postContent); if (newPost.insertToDatabase()) { Response.Write("<SCRIPT LANGUAGE=\"\"JavaScript\"\">alert(\"Blog post uploaded!\")</SCRIPT>"); if (_user.SupervisorID != "") { UserDetails supervisor = model.selectUserDetailsById(_user.SupervisorID); string emailSubject = "New blog update!"; string emailMessage = "User " + _user.UserID + " has created a new post for their blog. Please log in to view the new post."; general_functions.Instance.email(supervisor.EmailAddress, emailMessage, emailSubject); } Response.Redirect("../Views/blog.aspx?blogOwner=" + _user.UserID); } else { Response.Write("<SCRIPT LANGUAGE=\"\"JavaScript\"\">alert(\"Upload of blog post failed. Please try again.\")</SCRIPT>"); } populateTable(); } else { Response.Write("<SCRIPT LANGUAGE=\"\"JavaScript\"\">alert(\"Blog entry cannot be empty.\")</SCRIPT>"); } } else { Response.Write("<SCRIPT LANGUAGE=\"\"JavaScript\"\">alert(\"Only the blog owner may upload a new blog entry.\")</SCRIPT>"); } }
public static List<BlogPosts> getAllBlogPostsByUserID(string id) { try { List<BlogPosts> allPostsByUser = new List<BlogPosts>(); string command = "SELECT * FROM BlogPosts WHERE UserID = '" + id + "' ORDER BY Date DESC, Time DESC "; SqlCommand sqlCommand = new SqlCommand(command, DBConnection.getInstance().Conn); DBConnection.getInstance().Conn.Open(); using (SqlDataReader reader = sqlCommand.ExecuteReader()) { while (reader.Read()) { int postID = reader.GetInt32(reader.GetOrdinal("PostID")); string userID = reader.GetString(reader.GetOrdinal("UserID")); DateTime date = reader.GetDateTime(reader.GetOrdinal("Date")); TimeSpan time = reader.GetTimeSpan(reader.GetOrdinal("Time")); string postContent = reader.GetString(reader.GetOrdinal("PostContent")); BlogPosts bp = new BlogPosts(postID, userID, date, time, postContent); allPostsByUser.Add(bp); } } return allPostsByUser; } catch (ArgumentOutOfRangeException aoorex) { return null; } catch (Exception ex) { return null; } finally { DBConnection.getInstance().Conn.Close(); } }