• 牛腩购物5 aspnetpager控件的巩固(屏蔽恶意字符过滤转换 单引号问题,制作新闻页面)

    过滤非法字符串(但是查询的时候,假如是英文名字,是很容易有单引号的  例如 Joey’s name,这个时候我们就需要把单引号,换成2个单引号

    /// <summary>过滤sql非法字符串
        /// 
        /// </summary>
        /// <param name="value"></param>
        /// <returns></returns>
        public static string GetSafeSQL(string value)
        {
            if (string.IsNullOrEmpty(value))
                return string.Empty;
            value = Regex.Replace(value, @";", string.Empty);
            //value = Regex.Replace(value, @"'", string.Empty);
            value = Regex.Replace(value, @"'", "''");
            value = Regex.Replace(value, @"&", string.Empty);
            value = Regex.Replace(value, @"%20", string.Empty);
            value = Regex.Replace(value, @"--", string.Empty);
            value = Regex.Replace(value, @"==", string.Empty);
            value = Regex.Replace(value, @"<", string.Empty);
            value = Regex.Replace(value, @">", string.Empty);
            value = Regex.Replace(value, @"%", string.Empty);
            return value;
        }

    接下来我们制作 新闻表和前台的新闻制作。
    shop_news:id,title,body,visitnum,createdate,type
              新闻id,标题,内容,浏览量,创建时间,新闻类型(商品专题或者是新闻中心)
    要学会代码的复用,ctrl + c  , Ctrl + v
     
    /*********************************************************
 * 开发人员:Joey  QQ:1727050508   博客: http://1727050508.cnblogs.com
 * 创建时间:2012-3-5 10:39:42
 * 描述说明:news_list.aspx  新闻列表页
 * 
 * 更改历史:
 * 
 * *******************************************************/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Niunan.Shop.Web.admin
{
    public partial class news_list : System.Web.UI.Page
    {
        Niunan.Shop.DAL.NewsDAO newsdao = new DAL.NewsDAO();
        protected void Page_Load(object sender, EventArgs e)
        {
            BindRep();
        }

        protected void anp_PageChanged(object sender, EventArgs e)
        {
            BindRep();
        }
        protected void lbtnDel_Click(object sender, EventArgs e)
        {
            string id = (sender as LinkButton).CommandArgument;
            newsdao.Delete(int.Parse(id));
            BindRep();
        }

        private void BindRep()
        {
            int pagesize = anp.PageSize;
            int pageindex = anp.CurrentPageIndex;
            anp.RecordCount = newsdao.ClacCount(GetCond());
            repList.DataSource = newsdao.GetList("*", "id", "desc", pagesize, pageindex, GetCond());

            repList.DataBind();
        }

        private string GetCond()
        {
            string cond = "1=1";

            string type = Request.QueryString["type"];
            if (!string.IsNullOrEmpty(type) && type == "spzt")
            {
                cond += " and type='商品专题'";
                litH1.Text = "商品专题";
            }
            else
            {
                cond += " and type='新闻中心'";
                litH1.Text = "新闻中心";
            }


            string key = txtKey.Text.Trim();
            key = Niunan.Shop.Utility.Tool.GetSafeSQL(key);
            if (key.Length != 0)
            {
                cond+= " and title like  '%" + key + "%' ";
            }
            return cond;
        }

        protected void btnSearch_Click(object sender, EventArgs e)
        {
            BindRep();
        }
    }
}

     
    下面是新闻添加和修改页面的代码
    /*********************************************************
 * 开发人员:Joey  QQ:1727050508   博客: http://1727050508.cnblogs.com
 * 创建时间:2012-3-5 15:30:56
 * 描述说明:news_add.aspx  新闻添加和修改页面
 * 
 * 更改历史:
 * 
 * *******************************************************/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Niunan.Shop.Web.admin
{
    public partial class news_add : System.Web.UI.Page
    {
         Niunan.Shop.DAL.NewsDAO newsdao = new DAL.NewsDAO();

        //Page_Load 是页面进入的时候执行的函数,不论是第一次进入,还是我们点了按钮回发进入,都会执行的
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                string id = Request.QueryString["id"];
                int x;
                if (!string.IsNullOrEmpty(id) && int.TryParse(id, out x))
                {
                    Niunan.Shop.Model.News newsmodel = newsdao.GetModel(x);
                    if (newsmodel != null)
                    {

                        txtTitle.Text = newsmodel.title;
                        txtBody.Text = newsmodel.body;
                        litH1.Text = "修改";
                        btnAdd.Text = "修改";
                    }
                }
            }

        }

        protected void btnAdd_Click(object sender, EventArgs e)
        {
            string title = txtTitle.Text.Trim();
            string body = txtBody.Text.Trim();
            string type = Request.QueryString["type"];
            if (!string.IsNullOrEmpty(type) && type == "spzt")
            {
                type = "商品专题";
            }
            else
            {
                type = "新闻中心";
            }


            if (title.Length == 0 || body.Length == 0)
            {
                litRes.Text = "<span style='color:blue'>请填写完整的信息</span>";
                return;
            }

            //如果有传入ID,那么就是修改
            string id = Request.QueryString["id"];
            int x;
            if (!string.IsNullOrEmpty(id) && int.TryParse(id, out x))
            {
                //这里是重复判断,到底根据这个ID,能不能获得这个实体
                Niunan.Shop.Model.News newsmodel = newsdao.GetModel(x);
                if (newsmodel != null)
                {
                    newsmodel.title = title;
                    newsmodel.body = body;
                    newsdao.Update(newsmodel);
                    litRes.Text = "<span style='color:red'>修改成功</span>";
                    return;
                }
            }


            //否则是添加
            int res = newsdao.Add(new Niunan.Shop.Model.News()
            {
                title = title,
                body = body,
                createdate = DateTime.Now,
                type = type,
                visitnum = 0
            });

            if (res > 0)
            {
                txtTitle.Text = "";
                txtBody.Text = "";
                litRes.Text = "<span style='color:blue'>添加成功</span>";
            }
            else
            {
                litRes.Text = "<span style='color:red'>添加失败,请联系管理员</span>";
            }

        }
    }
}

     

    image
  • 相关阅读:
    HDOJ 3265 Posters (线段树+扫描线求矩形面积并)
    HDOJ 2243 考研路茫茫——单词情结(自动机DP+矩阵快速幂和)
    POJ 1389 Area of Simple Polygons (离散化求矩形面积并)
    POJ 3691 DNA repair(自动机DP)
    POJ 1151 Atlantis (离散化求矩形面积并)
    备份—何为备份?
    健康,人生第一要事
    x200 降噪手记
    好书推荐《系统管理员的时间管理》
    计算机加入域全过程截图
  • 原文地址:https://www.cnblogs.com/iceicebaby/p/2380429.html
Copyright © 2020-2023  润新知