<%@ Page Language="C#" EnableSessionState="False" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.OleDb" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.IO" %>
<html>
<head>
<title>谢谢你的留意!在听宁信息!^_^</title>
<script language="C#" runat="server" codepage="936">
void Page_Load(Object Src, EventArgs E)
{
//Check id the page is loaded for the first time
if (!Page.IsPostBack) {
//Get the Parameters from the Query string and store it
string name = Request.Params["name"] ;
string email = Request.Params["email"] ;
string subject = Request.Params["subject"] ;
string ip = Request.Params["ip"] ;
string date = Request.Params["date" ];
string message = Request.Params["message"] ;
bool newmess =true ;
string previd ="1";
//Check of the 'newpost' paramater is 'no'
//indicating that its a reply to a previous post
if(Request.Params["newpost"].Equals("no"))
{
newmess =false ;
//Since its a reply, we get the ID of the topic
//to which this post is a reply
previd = Request.Params["previd"] ;
}
if(newmess)
{
//Execute the code below to insert a new topic
string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
strConn+=Server.MapPath(".//db//board.mdb") ;
OleDbConnection myConn = new OleDbConnection(strConn) ;
//SQL query with Parameters
string insertStr =" INSERT INTO newpost (name, email, subject, ip, dt, message) VALUES ";
insertStr+="(@name, @email, @subject, @ip, @dt, @message)";
//Create a new OleDbCommand
OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
//Add a new Parameter '@name' of the type 'VarChar'
//and set its value
insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
insertCommand.Parameters["@name"].Value = name;
insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
insertCommand.Parameters["@email"].Value = email;
insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
insertCommand.Parameters["@subject"].Value = subject;
insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
insertCommand.Parameters["@ip"].Value = ip;
insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
insertCommand.Parameters["@dt"].Value = date;
insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
//Give a call the the 'parsetext' method to parse the message
insertCommand.Parameters["@message"].Value = parsetext(message);
myConn.Open();
//Execute Non Query to insert a new topic in the database
insertCommand.ExecuteNonQuery();
myConn.Close() ;
}
else
{
//Insert a reply to a previous topic
string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
strConn+=Server.MapPath(".//db//board.mdb") ;
OleDbConnection myConn = new OleDbConnection(strConn);
//SQL statement with Parameters
string insertStr =" INSERT INTO reply (name, email, subject, ip, dt, ";
insertStr+="message, postid) VALUES ";
insertStr+="(@name, @email, @subject, @ip, @dt, @message, @postid)";
//Create a new OleDbCommand
OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
//Add a new Parameter and set its value
insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
insertCommand.Parameters["@name"].Value = name;
insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
insertCommand.Parameters["@email"].Value = email;
insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
insertCommand.Parameters["@subject"].Value = subject;
insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
insertCommand.Parameters["@ip"].Value = ip;
insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
insertCommand.Parameters["@dt"].Value = date;
insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
//Give a call the the 'parsetext' method to parse the message
insertCommand.Parameters["@message"].Value = parsetext(message);
insertCommand.Parameters.Add(new OleDbParameter("@postid", OleDbType.Integer));
insertCommand.Parameters["@postid"].Value = previd;
myConn.Open();
//Update the Database
insertCommand.ExecuteNonQuery() ;
myConn.Close();
//SQL string to get the 'replies' column of the topic
//to which this post is a reply
string replyno = "SELECT replies FROM newpost WHERE postid ="+previd ;
insertCommand.CommandText =replyno ;
myConn.Open();
OleDbDataReader reader =insertCommand.ExecuteReader() ;
reader.Read();
//Get the number of replies to this post
int rep =reader.GetInt16(0) ;
myConn.Close();
rep++ ;
//SQL statement to update the number of replies
//of the topic to which this post is a reply
string updtStr ="UPDATE newpost SET replies = "+rep
+" WHERE (postid = "+previd+")" ;
insertCommand.CommandText = updtStr;
myConn.Open();
//Execute the command
insertCommand.ExecuteNonQuery();
myConn.Close() ;
}
//Set the text of various textboxes to inform
//the user of the text entered into the database
NameLabel.Text = name;
EmailLabel.Text= email ;
SubjectLabel.Text=subject;
MessageLabel.Text=message ;
}
else
{
errmess.Text="This Page Cannot be called directly.";
errmess.Text+=" It has to be called from the Form posting page.<br>" ;
}
}
//Class to parse the Message into HTML format
public string parsetext(string text)
{
//Create a StringBuilder object from the string input
//parameter
StringBuilder sb = new StringBuilder(text) ;
//Replace all double white spaces with a single white space
//and
sb.Replace(" "," ");
//Check if HTML tags are not allowed
//Convert the brackets into HTML equivalents
sb.Replace("<","<") ;
sb.Replace(">",">") ;
//Convert the double quote
sb.Replace("/"",""");
//Create a StringReader from the processed string of
//the StringBuilder
StringReader sr = new StringReader(sb.ToString());
StringWriter sw = new StringWriter();
//Loop while next character exists
while(sr.Peek()>-1)
{
//Read a line from the string and store it to a temp
//variable
string temp = sr.ReadLine();
//write the string with the HTML break tag
//Note here write method writes to a Internal StringBuilder
//object created automatically
sw.Write(temp+"<br>") ;
}
//Return the final processed text
return sw.GetStringBuilder().ToString();
}
</script>
</head>
<body topmargin="0" leftmargin="0" rightmargin="0" marginwidth="0" marginheight="0">
<center>
<asp:label id="errmess" text="" style="color:#FF0000" runat="server" />
<h2 class="fodark"><b>谢谢谢!你在听宁信息城填广场留下你的笔迹!</b></h2>
<table align=center width="60%" border="0" cellspacing="2" cellpadding="1" >
<tr class="fohead"><td colspan="2">你留下以下的信息!谢谢!^_^</td></tr>
<tr class="folight">
<td>名名:</td>
<td><asp:label id="NameLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>E-Mail :</td>
<td><asp:label id="EmailLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>标题 :</td>
<td><asp:label id="SubjectLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>信息内容:</td>
<td><asp:label id="MessageLabel" text="" runat="server" /></td>
</tr>
</table>
</center>
</body>
</html>