将CKEditor数据保存到ASP.Net中的数据库 [英] Saving CKEditor data to database in ASP.Net
问题描述
嘿伙计们,请帮忙...
i我在ASP.Net网站上使用CKEditor,我想将CKEditor的值存储到数据库中。 />
但存储时出错。
这是我的aspx代码:
<%@ 页 标题 = 语言 = C# MasterPageFile = 〜/ Admin.master AutoEventWireup = true CodeFile = new_article.aspx.cs 继承 = post_article validateRequest = false %>
<%@ 注册 程序集 = CKEditor.NET 命名空间 = CKEditor.NET TagPrefix = CKEditor %>
< asp:内容 ID = Content1 ContentPlaceHolderID = head Runat = 服务器 >
< script src = // ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery .min.js > < / 脚本 >
< script type = text / javascript src = 〜/ ckeditor / ckeditor.js > < / 脚本 >
< script type = text / javascript src = 〜/ ckeditor / adapters / jquery.js > < / script >
< / asp:Content >
< asp:内容 ID = Content2 ContentPlaceHolderID = ContentPlaceHolder1 Runat = 服务器 >
< div class = < span class =code-keyword> content >
< asp:TextBox ID = txtTitle CssClass = txtTitle runat = server 占位符 < span class =code-keyword> = 在此输入标题... > < / asp:TextBox >
< p 样式 = 宽度:80% ;保证金:10px; >
< CKEditor:CKEditorControl ID = txtPost 高度 = 200 BasePath = 〜/ ckeditor / runat = server 工具栏 = 基本 ClientIDMode = 继承 >
< / CKEditor:CKEditorControl >
< span class =code-keyword>< / p >
< asp:按钮 ID = btnPost < span class =code-attribute> CssClass = btn runat = server 文字 = 发布 OnClick = btnPost_Click / >
< asp:Label ID = lblStatus runat = server 文字 = > ; < / asp:Label > ;
< / div >
< / asp:Content >
这是我的代码背后:
<前lang =c#> 受保护 void btnPost_Click( object sender,EventArgs e)
{
string str = HttpUtility.HtmlEncode(txtPost.Text);
// 执行用户定义的检查
if (txtTitle.Text == || txtPost .Text == )
{
lblStatus.Text = 标题或帖子内容丢失!;
}
else
{
string insertSQL = INSERT INTO user_posts(;
insertSQL + = post_title,post_data,post_date,user_id);
insertSQL + = VALUES(;
insertSQL + = @ post_title,@ post_data,GETDATE(),@ user_id);
SqlConnection con = new SqlConnection( @ Data Source =(LocalDB)\ v11.0; AttachDbFileName = | DataDirectory | \Database.mdf; Integrated Security = True; MultipleActiveResultSets = True);
SqlCommand cmd = new SqlCommand(insertSQL,con);
// 添加参数
cmd.Parameters.AddWithValue( @ post_title,txtTitle.Text);
cmd.Parameters.AddWithValue( @ post_data,str);
cmd.Parameters.AddWithValue( @ user_id, 1);
// 插入
int 已添加= 0 ;
尝试
{
con.Open();
added = cmd.ExecuteNonQuery();
lblStatus.Text = 文章成功发布!;
}
catch (异常错误)
{
lblStatus.Text = err.Message;
}
}
}
在这里我试过:
string str = txtPost.Text
将数据存储在数据库中,
但是在数据库的post_data列中只发布了以下文本:
CKEditor.NET.CKEditorControl
i编码数据,如代码所示。
string str = HttpUtility.HtmlEncode(txtPost.Text);
但仍然在数据库的post_data列中仅发布以下文本:
CKEditor.NET.CKEditorControl
尝试了所有数据库字段,如varchar(MAX),nvarchar(MAX),text(),但都是徒劳的。错误总是一样的,请指导我。
i尝试使用txtPost.Value,但值不是CKEditor的成员命名空间。
这是我的数据库结构:
CREATE TABLE [dbo]。[user_posts](
[post_id] INT IDENTITY ( 1 , 1 ) NOT NULL ,
[post_title] VARCHAR ( 50 ) NOT NULL ,
[post_data] VARCHAR (MAX) NOT NULL ,
[post_date] DATE NOT NULL ,
[user_id] INT NOT NULL ,
PRIMARY KEY CLUSTERED ([post_id] ASC ),
FOREIGN KEY ([user_id]) REFERENCES [dbo]。[user_details]([user_id])
);
嘿,伙计们自己纠正了。感谢Harshil的回复。
我犯了一些愚蠢的错误。现在一切正常。
我必须删除httpencode函数,因为它创建了问题。
现在我只使用txtPost.Text。
但我认为现在我对XSS攻击持开放态度,因此必须为此搜索一些解决方案。
Hey guys, help please...
i am using CKEditor in ASP.Net Website, i want to store the value of CKEditor to the database.
but it's giving errors while storing.
Here is my aspx code:
<%@ Page Title="" Language="C#" MasterPageFile="~/Admin.master" AutoEventWireup="true" CodeFile="new_article.aspx.cs" Inherits="post_article" validateRequest="false" %>
<%@ Register Assembly="CKEditor.NET" Namespace="CKEditor.NET" TagPrefix="CKEditor" %>
<asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script type="text/javascript" src="~/ckeditor/ckeditor.js"></script>
<script type="text/javascript" src="~/ckeditor/adapters/jquery.js"></script>
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
<div class="content">
<asp:TextBox ID="txtTitle" CssClass="txtTitle" runat="server" placeholder="Enter title here..."></asp:TextBox>
<p style="width:80%; margin:10px;">
<CKEditor:CKEditorControl ID="txtPost" Height="200" BasePath="~/ckeditor/" runat="server" Toolbar="Basic" ClientIDMode="Inherit">
</CKEditor:CKEditorControl>
</p>
<asp:Button ID="btnPost" CssClass="btn" runat="server" Text="Post" OnClick="btnPost_Click" />
<asp:Label ID="lblStatus" runat="server" Text=""></asp:Label>
</div>
</asp:Content>
here is my code behind:
protected void btnPost_Click(object sender, EventArgs e)
{
string str = HttpUtility.HtmlEncode(txtPost.Text);
//perform user defined checks
if (txtTitle.Text == "" || txtPost.Text == "")
{
lblStatus.Text = "Title or Post Content is Missing !";
}
else
{
string insertSQL = "INSERT INTO user_posts (";
insertSQL += "post_title, post_data, post_date, user_id) ";
insertSQL += "VALUES (";
insertSQL += "@post_title, @post_data, GETDATE(), @user_id) ";
SqlConnection con = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFileName=|DataDirectory|\Database.mdf;Integrated Security=True;MultipleActiveResultSets=True");
SqlCommand cmd = new SqlCommand(insertSQL, con);
//Add Parameters
cmd.Parameters.AddWithValue("@post_title", txtTitle.Text);
cmd.Parameters.AddWithValue("@post_data", str);
cmd.Parameters.AddWithValue("@user_id", "1");
//Insertion
int added = 0;
try
{
con.Open();
added = cmd.ExecuteNonQuery();
lblStatus.Text = "Article Posted Successfully !";
}
catch (Exception err)
{
lblStatus.Text = err.Message;
}
}
}
here i tried:
string str = txtPost.Text
to store the data in database,
but In the post_data column of the database only the following text is posted:
CKEditor.NET.CKEditorControl
i encoded the data, as shown in code.
string str = HttpUtility.HtmlEncode(txtPost.Text);
but still In the post_data column of the database only the following text is posted:
CKEditor.NET.CKEditorControl
Tried all the database fields like varchar(MAX), nvarchar(MAX), text() but all in vain. the error is same always, please guide me for this.
i tried using txtPost.Value, but value is not a member of CKEditor namespace.
here is my DB structure:
CREATE TABLE [dbo].[user_posts] (
[post_id] INT IDENTITY (1, 1) NOT NULL,
[post_title] VARCHAR (50) NOT NULL,
[post_data] VARCHAR (MAX) NOT NULL,
[post_date] DATE NOT NULL,
[user_id] INT NOT NULL,
PRIMARY KEY CLUSTERED ([post_id] ASC),
FOREIGN KEY ([user_id]) REFERENCES [dbo].[user_details] ([user_id])
);
hey guys corrected it myself. thanks for the reply Harshil.
i was making some silly mistakes. now everything is working.
i had to remove the httpencode function, as it was creating the problem.
Now i am using txtPost.Text only.
but i think now i am open to XSS attacks, so will have to search some solution for that.
这篇关于将CKEditor数据保存到ASP.Net中的数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!