<%@ Page Language="C#" EnableSessionState="False" %> <%@ Import Namespace="System" %> <%@ Import Namespace="System.Data" %> <%@ Import Namespace="System.Data.OleDb" %> <%@ Import Namespace="System.Text" %> <%@ Import Namespace="System.IO" %>
<html> <head> <title>谢谢你的留意!在听宁信息!^_^</title> <script language="C#" runat="server" codepage="936"> void Page_Load(Object Src, EventArgs E) { //Check id the page is loaded for the first time if (!Page.IsPostBack) { //Get the Parameters from the Query string and store it string name = Request.Params["name"] ; string email = Request.Params["email"] ; string subject = Request.Params["subject"] ; string ip = Request.Params["ip"] ; string date = Request.Params["date" ]; string message = Request.Params["message"] ; bool newmess =true ; string previd ="1"; //Check of the 'newpost' paramater is 'no' //indicating that its a reply to a previous post if(Request.Params["newpost"].Equals("no")) { newmess =false ; //Since its a reply, we get the ID of the topic //to which this post is a reply previd = Request.Params["previd"] ; } if(newmess) { //Execute the code below to insert a new topic string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source="; strConn+=Server.MapPath(".\\db\\board.mdb") ; OleDbConnection myConn = new OleDbConnection(strConn) ; //SQL query with Parameters string insertStr =" INSERT INTO newpost (name, email, subject, ip, dt, message) VALUES "; insertStr+="(@name, @email, @subject, @ip, @dt, @message)"; //Create a new OleDbCommand OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn); //Add a new Parameter '@name' of the type 'VarChar' //and set its value insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar)); insertCommand.Parameters["@name"].Value = name; insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar)); insertCommand.Parameters["@email"].Value = email;
insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar)); insertCommand.Parameters["@subject"].Value = subject;
insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar)); insertCommand.Parameters["@ip"].Value = ip;
insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar)); insertCommand.Parameters["@dt"].Value = date;
insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar)); //Give a call the the 'parsetext' method to parse the message insertCommand.Parameters["@message"].Value = parsetext(message);
myConn.Open(); //Execute Non Query to insert a new topic in the database insertCommand.ExecuteNonQuery(); myConn.Close() ; } else { //Insert a reply to a previous topic string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source="; strConn+=Server.MapPath(".\\db\\board.mdb") ; OleDbConnection myConn = new OleDbConnection(strConn); //SQL statement with Parameters string insertStr =" INSERT INTO reply (name, email, subject, ip, dt, "; insertStr+="message, postid) VALUES "; insertStr+="(@name, @email, @subject, @ip, @dt, @message, @postid)"; //Create a new OleDbCommand OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn); //Add a new Parameter and set its value insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar)); insertCommand.Parameters["@name"].Value = name; insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar)); insertCommand.Parameters["@email"].Value = email; insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar)); insertCommand.Parameters["@subject"].Value = subject; insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar)); insertCommand.Parameters["@ip"].Value = ip; insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar)); insertCommand.Parameters["@dt"].Value = date; insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar)); //Give a call the the 'parsetext' method to parse the message insertCommand.Parameters["@message"].Value = parsetext(message); insertCommand.Parameters.Add(new OleDbParameter("@postid", OleDbType.Integer)); insertCommand.Parameters["@postid"].Value = previd; myConn.Open(); //Update the Database insertCommand.ExecuteNonQuery() ; myConn.Close(); //SQL string to get the 'replies' column of the topic //to which this post is a reply string replyno = "SELECT replies FROM newpost WHERE postid ="+previd ; insertCommand.CommandText =replyno ; myConn.Open(); OleDbDataReader reader =insertCommand.ExecuteReader() ; reader.Read(); //Get the number of replies to this post int rep =reader.GetInt16(0) ; myConn.Close(); rep++ ; //SQL statement to update the number of replies //of the topic to which this post is a reply string updtStr ="UPDATE newpost SET replies = "+rep +" WHERE (postid = "+previd+")" ; insertCommand.CommandText = updtStr; myConn.Open(); //Execute the command insertCommand.ExecuteNonQuery(); myConn.Close() ; } //Set the text of various textboxes to inform //the user of the text entered into the database NameLabel.Text = name; EmailLabel.Text= email ; SubjectLabel.Text=subject; MessageLabel.Text=message ; } else { errmess.Text="This Page Cannot be called directly."; errmess.Text+=" It has to be called from the Form posting page.<br>" ; } } //Class to parse the Message into HTML format public string parsetext(string text) { //Create a StringBuilder object from the string input //parameter StringBuilder sb = new StringBuilder(text) ; //Replace all double white spaces with a single white space //and sb.Replace(" "," "); //Check if HTML tags are not allowed //Convert the brackets into HTML equivalents sb.Replace("<","<") ; sb.Replace(">",">") ; //Convert the double quote sb.Replace("\"",""");
//Create a StringReader from the processed string of //the StringBuilder StringReader sr = new StringReader(sb.ToString()); StringWriter sw = new StringWriter(); //Loop while next character exists while(sr.Peek()>-1) { //Read a line from the string and store it to a temp //variable string temp = sr.ReadLine(); //write the string with the HTML break tag //Note here write method writes to a Internal StringBuilder //object created automatically sw.Write(temp+"<br>") ; } //Return the final processed text return sw.GetStringBuilder().ToString(); }
</script> </head> <body topmargin="0" leftmargin="0" rightmargin="0" marginwidth="0" marginheight="0">
<center> <asp:label id="errmess" text="" style="color:#FF0000" runat="server" /> <h2 class="fodark"><b>谢谢谢!你在听宁信息城填广场留下你的笔迹!</b></h2> <table align=center width="60%" border="0" cellspacing="2" cellpadding="1" > <tr class="fohead"><td colspan="2">你留下以下的信息!谢谢!^_^</td></tr> <tr class="folight"> <td>名名:</td> <td><asp:label id="NameLabel" text="" runat="server" /></td> </tr> <tr class="folight"> <td>E-Mail :</td> <td><asp:label id="EmailLabel" text="" runat="server" /></td> </tr> <tr class="folight"> <td>标题 :</td> <td><asp:label id="SubjectLabel" text="" runat="server" /></td> </tr> <tr class="folight"> <td>信息内容:</td> <td><asp:label id="MessageLabel" text="" runat="server" /></td> </tr> </table>
</center> </body> </html>
这里更多的文件 
|