📄 postmessage.aspx
字号:
<%@ Page Language="C#" EnableSessionState="False" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.OleDb" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.IO" %>
<html>
<head>
<title>谢谢您的支持 !</title>
<script language="C#" runat="server" >
void Page_Load(Object Src, EventArgs E)
{
//检查该页面是否第一次被装载
if (!Page.IsPostBack) {
//取得查询参数
string name = Request.Params["name"] ;
string email = Request.Params["email"] ;
string subject = Request.Params["subject"] ;
string ip = Request.Params["ip"] ;
string date = Request.Params["date" ];
string message = Request.Params["message"] ;
bool newmess =true ;
string previd ="1";
//检查是否 'newpost' 参数是 'no'
//指出回复是以前提交的
if(Request.Params["newpost"].Equals("no"))
{
newmess =false ;
previd = Request.Params["previd"] ;
}
if(newmess)
{
//创建一个新的主题
string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
strConn+=Server.MapPath(".\\db\\bad.mdb") ;
OleDbConnection myConn = new OleDbConnection(strConn) ;
//参数查询
string insertStr =" INSERT INTO newpost (name, email, subject, ip, dt, message) VALUES ";
insertStr+="(@name, @email, @subject, @ip, @dt, @message)";
//生成一个 OleDbCommand
OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
//加入一个新的参数 '@name' 类型为 'VarChar'
//设置该参数的值
insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
insertCommand.Parameters["@name"].Value = name;
insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
insertCommand.Parameters["@email"].Value = email;
insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
insertCommand.Parameters["@subject"].Value = subject;
insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
insertCommand.Parameters["@ip"].Value = ip;
insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
insertCommand.Parameters["@dt"].Value = date;
insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
insertCommand.Parameters["@message"].Value = parsetext(message);
myConn.Open();
insertCommand.ExecuteNonQuery();
myConn.Close() ;
}
else
{
//插入一个回复
string strConn=@"Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=";
strConn+=Server.MapPath(".\\db\\bad.mdb") ;
OleDbConnection myConn = new OleDbConnection(strConn);
//SQL语句的参数声名
string insertStr =" INSERT INTO reply (name, email, subject, ip, dt, ";
insertStr+="message, postid) VALUES ";
insertStr+="(@name, @email, @subject, @ip, @dt, @message, @postid)";
//生成一个新的 OleDbCommand
OleDbCommand insertCommand = new OleDbCommand(insertStr, myConn);
//增加一个新的参数,加入相应的值
insertCommand.Parameters.Add(new OleDbParameter("@name", OleDbType.VarChar));
insertCommand.Parameters["@name"].Value = name;
insertCommand.Parameters.Add(new OleDbParameter("@email", OleDbType.VarChar));
insertCommand.Parameters["@email"].Value = email;
insertCommand.Parameters.Add(new OleDbParameter("@subject", OleDbType.VarChar));
insertCommand.Parameters["@subject"].Value = subject;
insertCommand.Parameters.Add(new OleDbParameter("@ip", OleDbType.VarChar));
insertCommand.Parameters["@ip"].Value = ip;
insertCommand.Parameters.Add(new OleDbParameter("@dt", OleDbType.VarChar));
insertCommand.Parameters["@dt"].Value = date;
insertCommand.Parameters.Add(new OleDbParameter("@message", OleDbType.VarChar));
insertCommand.Parameters["@message"].Value = parsetext(message);
insertCommand.Parameters.Add(new OleDbParameter("@postid", OleDbType.Integer));
insertCommand.Parameters["@postid"].Value = previd;
myConn.Open();
//更新数据库
insertCommand.ExecuteNonQuery() ;
myConn.Close();
string replyno = "SELECT replies FROM newpost WHERE postid ="+previd ;
insertCommand.CommandText =replyno ;
myConn.Open();
OleDbDataReader reader =insertCommand.ExecuteReader() ;
reader.Read();
//得到该主题回复的数量
int rep =reader.GetInt16(0) ;
myConn.Close();
rep++ ;
string updtStr ="UPDATE newpost SET replies = "+rep
+" WHERE (postid = "+previd+")" ;
insertCommand.CommandText = updtStr;
myConn.Open();
//执行命令
insertCommand.ExecuteNonQuery();
myConn.Close() ;
}
//设置文本框的内容
NameLabel.Text = name;
EmailLabel.Text= email ;
SubjectLabel.Text= subject;
MessageLabel.Text= message ;
}
else
{
errmess.Text="该页面不能够直接访问.";
errmess.Text+=" 可以从主页面上访问.<br>" ;
}
}
//把信息转换成HTML输出
public string parsetext(string text)
{
StringBuilder sb = new StringBuilder(text) ;
sb.Replace(" "," ");
//检查是否允许 HTML 标签
//转化成等同的 HTML
sb.Replace("<","<") ;
sb.Replace(">",">") ;
sb.Replace("\"",""");
StringReader sr = new StringReader(sb.ToString());
StringWriter sw = new StringWriter();
//重复,如果存在下一个
while(sr.Peek()>-1)
{
string temp = sr.ReadLine();
sw.Write(temp+"<br>") ;
}
//返回最后的文本
return sw.GetStringBuilder().ToString();
}
</script>
<LINK href="mystyle.css" type=text/css rel=stylesheet>
</head>
<body topmargin="0" leftmargin="0" rightmargin="0" marginwidth="0" marginheight="0">
<center>
<asp:label id="errmess" text="" style="color:#FF0000" runat="server" />
<h2 class="fodark"><b>谢谢您在第八日留言</b></h2>
<table align=center width=722 border="0" cellspacing="2" cellpadding="1" >
<tr class="fohead"><td colspan="2">您的留言信息已经提交!</td></tr>
<tr class="folight">
<td>姓名 :</td>
<td><asp:label id="NameLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>E-Mail :</td>
<td><asp:label id="EmailLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>主题 :</td>
<td><asp:label id="SubjectLabel" text="" runat="server" /></td>
</tr>
<tr class="folight">
<td>内容 :</td>
<td><asp:label id="MessageLabel" text="" runat="server" /></td>
</tr>
</table>
<br>
<h4 class="fodark"><a href="default.aspx">点击这里 </a> 到留言板首页.<br>
<% if(Request.Params["previd"]!=null)
{ %>
<a href='reply.aspx?postid=<%=Request.Params["previd"] %>'>
单击这里 </a>回到上一个页面.
<% } %>
</h4>
</center>
<!-- #Include File="footer.inc" -->
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -