<%@ Page Language="JScript" %> <%@ Register TagPrefix="IBuySpy" TagName="Header" Src="_Header.ascx" %> <%@ Register TagPrefix="IBuySpy" TagName="Menu" Src="_Menu.ascx" %> <script runat="server"> //******************************************************* // // The Page_Load event on this page is used to fetch details // about the product to review. It then updates UI elements // with the results. // // Note that the product to review is specified using // a querystring argument to the page. // //******************************************************* function Page_Load(sender: Object ,e: EventArgs) : void { if (Page.IsPostBack != true) { // Obtain ProductID of Product to Review var productID : int = Int32.Parse(Request["productID"]); // Populate Product Name on Page var products : IBuySpy.ProductsDB = new IBuySpy.ProductsDB(); ModelName.Text = products.GetProductDetails(productID).ModelName; // Store ProductID in Page State to use on PostBack ViewState["productID"] = productID; } } //******************************************************* // // The ReviewAddBtn_Click event is used to add a new // review into the IBuySpy Reviews database. // // Note that we are deliberately HtmlEncoding all text // values *before* adding them to the database. This allows // us to prevent hackers from adding images or hyperlinks // into the message content. // //******************************************************* function ReviewAddBtn_Click(sender: Object , e: ImageClickEventArgs) : void { // Only add the review if all fields on the page are valid if (Page.IsValid == true) { // Obtain ProductID from Page State var productID : int = ViewState["productID"]; // Obtain Rating number of RadioButtonList var rating : int = Int32.Parse(Rating.SelectedItem.Value); // Add Review to ReviewsDB. HtmlEncode before entry var review : IBuySpy.ReviewsDB = new IBuySpy.ReviewsDB(); review.AddReview(productID, Server.HtmlEncode(Name.Text), Server.HtmlEncode(Email.Text), rating, Server.HtmlEncode(Comment.Text)); // Redirect client back to the originating product details page Response.Redirect("ProductDetails.aspx?ProductID=" + productID); } } </script> <html> <head> <link rel="stylesheet" type="text/css" href="IBuySpy.css"> </head> <body background="images/sitebkgrd.gif" leftmargin="0" topmargin="0" rightmargin="0" bottommargin="0" marginheight="0" marginwidth="0"> <table cellspacing="0" cellpadding="0" width="100%" border="0"> <tr> <td colspan="2"> <IBuySpy:Header ID="Header1" runat="server" /> </td> </tr> <tr> <td valign="top"> <IBuySpy:Menu id="Menu1" runat="server" /> <img height="1" src="images/1x1.gif" width="145"> </td> <td align="left" valign="top" width="100%" nowrap> <table height="100%" align="left" cellspacing="0" cellpadding="0" width="100%" border="0"> <tr valign="top"> <td nowrap> <br> <form runat="server"> <img align="left" width="24" src="images/1x1.gif"> <table cellspacing="0" cellpadding="0" width="100%" border="0"> <tr> <td class="ContentHead"> <img align="left" height="32" width="60" src="images/1x1.gif">Add Review - <asp:label id="ModelName" runat="server" /> <br> </td> </tr> </table> <br> <img align="left" width="92" src="Images/1x1.gif"> <table width="500" border="0"> <tr valign="top"> <td> <table border="0"> <tr> <td valign="top" width="550"> <span class="NormalBold">Name</span> <br> <asp:TextBox size="20" id="Name" runat="server" /> <asp:RequiredFieldValidator ControlToValidate="Name" Display="Dynamic" Font-Name="verdana" Font-Size="9pt" ErrorMessage="'Name' must not be left blank." runat="server"></asp:RequiredFieldValidator> <br> <br> <span class="NormalBold">Email</span> <br> <asp:TextBox id="Email" size="20" runat="server" /> <asp:RequiredFieldValidator ControlToValidate="Email" Display="Dynamic" Font-Name="verdana" Font-Size="9pt" ErrorMessage="'Email' must not be left blank." runat="server"></asp:RequiredFieldValidator> <br> <br> <span class="NormalBold">Rating</span> <br> <br> <asp:RadioButtonList ID="Rating" runat="server"> <asp:ListItem text="Five" value="5" selected="True"> <img src="Images/reviewrating5.gif"></asp:ListItem> <asp:ListItem text="Four" value="4"> <img src="Images/reviewrating4.gif"></asp:ListItem> <asp:ListItem text="Three" value="3"> <img src="Images/reviewrating3.gif"></asp:ListItem> <asp:ListItem text="Two" value="2"> <img src="Images/reviewrating2.gif"></asp:ListItem> <asp:ListItem text="One" value="1"> <img src="Images/reviewrating1.gif"></asp:ListItem> </asp:RadioButtonList> </td> </tr> </table> <br> <br> <span class="NormalBold">Comments</span> <br> <asp:TextBox id="Comment" textmode="multiline" rows="7" columns="60" runat="server" /> <asp:RequiredFieldValidator ControlToValidate="Comment" Display="Dynamic" Font-Name="verdana" Font-Size="9pt" ErrorMessage="'Comment' must not be left blank." runat="server"></asp:RequiredFieldValidator> <br> <br> <asp:ImageButton ImageURL="images/submit.gif" OnClick="ReviewAddBtn_Click" runat="server" /> <br> <br> <br> </td> </tr> </table> </form> </td> </tr> </table> </td> </tr> </table> </body> </html>