1@ Page Language="C#" EnableSessionState="False"
1@ Import Namespace="System"
1@ Import Namespace="System.Data"
1@ Import Namespace="System.Data.OleDb"
1@ Import Namespace="System.Text"
1@ Import Namespace="System.IO"
1<html>
2<head>
3<title>谢谢你的留意!在听宁信息!^_^</title>
4<script codepage="936" language="C#" runat="server">
5
6void Page_Load(Object Src, EventArgs E)
7{
8//Check id the page is loaded for the first time
9if (!Page.IsPostBack) {
10//Get the Parameters from the Query string and store it
11string name = Request.Params["name"] ;
12string email = Request.Params["email"] ;
13string subject = Request.Params["subject"] ;
14string ip = Request.Params["ip"] ;
15string date = Request.Params["date" ];
16string message = Request.Params["message"] ;
17bool newmess =true ;
18string previd ="1";
19//Check of the 'newpost' paramater is 'no'
20//indicating that its a reply to a previous post
21if(Request.Params["newpost"].Equals("no"))
22{
23newmess =false ;
24//Since its a reply, we get the ID of the topic
25//to which this post is a reply
26previd = Request.Params["previd"] ;
27}
28
29if(newmess)
30{
31//Execute the code below to insert a new topic
32string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
33strConn+=Server.MapPath(".\\\db\\\board.mdb") ;
34
35OleDbConnection myConn = new OleDbConnection(strConn) ;
36//SQL query with Parameters
37string insertStr =" INSERT INTO newpost (name, email, subject, ip, dt, message) VALUES ";
38insertStr+="(@name, @email, @subject, @ip, @dt, @message)";
39//Create a new OleDbCommand
40OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
41//Add a new Parameter '@name' of the type 'VarChar'
42//and set its value
43insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
44insertCommand.Parameters["@name"].Value = name;
45
46insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
47insertCommand.Parameters["@email"].Value = email;
48
49insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
50insertCommand.Parameters["@subject"].Value = subject;
51
52insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
53insertCommand.Parameters["@ip"].Value = ip;
54
55insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
56insertCommand.Parameters["@dt"].Value = date;
57
58insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
59//Give a call the the 'parsetext' method to parse the message
60insertCommand.Parameters["@message"].Value = parsetext(message);
61
62myConn.Open();
63//Execute Non Query to insert a new topic in the database
64insertCommand.ExecuteNonQuery();
65myConn.Close() ;
66}
67else
68{
69//Insert a reply to a previous topic
70string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
71strConn+=Server.MapPath(".\\\db\\\board.mdb") ;
72OleDbConnection myConn = new OleDbConnection(strConn);
73//SQL statement with Parameters
74string insertStr =" INSERT INTO reply (name, email, subject, ip, dt, ";
75insertStr+="message, postid) VALUES ";
76insertStr+="(@name, @email, @subject, @ip, @dt, @message, @postid)";
77//Create a new OleDbCommand
78OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
79//Add a new Parameter and set its value
80insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
81insertCommand.Parameters["@name"].Value = name;
82insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
83insertCommand.Parameters["@email"].Value = email;
84insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
85insertCommand.Parameters["@subject"].Value = subject;
86insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
87insertCommand.Parameters["@ip"].Value = ip;
88insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
89insertCommand.Parameters["@dt"].Value = date;
90insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
91//Give a call the the 'parsetext' method to parse the message
92insertCommand.Parameters["@message"].Value = parsetext(message);
93insertCommand.Parameters.Add(new OleDbParameter("@postid", OleDbType.Integer));
94insertCommand.Parameters["@postid"].Value = previd;
95myConn.Open();
96//Update the Database
97insertCommand.ExecuteNonQuery() ;
98myConn.Close();
99//SQL string to get the 'replies' column of the topic
100//to which this post is a reply
101string replyno = "SELECT replies FROM newpost WHERE postid ="+previd ;
102insertCommand.CommandText =replyno ;
103myConn.Open();
104OleDbDataReader reader =insertCommand.ExecuteReader() ;
105reader.Read();
106//Get the number of replies to this post
107int rep =reader.GetInt16(0) ;
108myConn.Close();
109rep++ ;
110//SQL statement to update the number of replies
111//of the topic to which this post is a reply
112string updtStr ="UPDATE newpost SET replies = "+rep
113+" WHERE (postid = "+previd+")" ;
114insertCommand.CommandText = updtStr;
115myConn.Open();
116//Execute the command
117insertCommand.ExecuteNonQuery();
118myConn.Close() ;
119}
120//Set the text of various textboxes to inform
121//the user of the text entered into the database
122NameLabel.Text = name;
123EmailLabel.Text= email ;
124SubjectLabel.Text=subject;
125MessageLabel.Text=message ;
126}
127else
128{
129errmess.Text="This Page Cannot be called directly.";
130errmess.Text+=" It has to be called from the Form posting page.<br>" ;
131}
132}
133//Class to parse the Message into HTML format
134public string parsetext(string text)
135{
136//Create a StringBuilder object from the string input
137//parameter
138StringBuilder sb = new StringBuilder(text) ;
139//Replace all double white spaces with a single white space
140//and
141sb.Replace(" "," ");
142//Check if HTML tags are not allowed
143
144//Convert the brackets into HTML equivalents
145sb.Replace("<","<") ;
146sb.Replace(">",">") ;
147//Convert the double quote
148sb.Replace("\"",""");
149
150//Create a StringReader from the processed string of
151//the StringBuilder
152StringReader sr = new StringReader(sb.ToString());
153StringWriter sw = new StringWriter();
154//Loop while next character exists
155while(sr.Peek()>-1)
156{
157//Read a line from the string and store it to a temp
158//variable
159string temp = sr.ReadLine();
160//write the string with the HTML break tag
161//Note here write method writes to a Internal StringBuilder
162//object created automatically
163sw.Write(temp+"<br>") ;
164}
165//Return the final processed text
166return sw.GetStringBuilder().ToString();
167}
168
169</script>
170</head>
171<body leftmargin="0" marginheight="0" marginwidth="0" rightmargin="0" topmargin="0">
172<center>
173<asp:label id="errmess" runat="server" style="color:#FF0000" text=""></asp:label>
174<h2 class="fodark"><b>谢谢谢!你在听宁信息城填广场留下你的笔迹!</b></h2>
175<table align="center" border="0" cellpadding="1" cellspacing="2" width="60%">
176<tr class="fohead"><td colspan="2">你留下以下的信息!谢谢!^_^</td></tr>
177<tr class="folight">
178<td>名名:</td>
179<td><asp:label id="NameLabel" runat="server" text=""></asp:label></td>
180</tr>
181<tr class="folight">
182<td>E-Mail :</td>
183<td><asp:label id="EmailLabel" runat="server" text=""></asp:label></td>
184</tr>
185<tr class="folight">
186<td>标题 :</td>
187<td><asp:label id="SubjectLabel" runat="server" text=""></asp:label></td>
188</tr>
189<tr class="folight">
190<td>信息内容:</td>
191<td><asp:label id="MessageLabel" runat="server" text=""></asp:label></td>
192</tr>
193</table>
194</center>
195</body>
196</html>
这里更多的文件