以下是我引用这个控件做的测试程序,不知道为什么不能提交到数据库中,数据库为SQL2000,请各位大侠给些指点,还有如何转换可以提交到数据库里的字符。
<%@ Register TagPrefix="lion" Namespace="Lion.Data.Library.HtmlEditor" Assembly="Lion.Data.Library.HtmlEditor" %>
<%@ Page language="c#" Codebehind="htmleditor.aspx.cs" AutoEventWireup="false" Inherits="eip.htmleditor" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>htmleditor</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body MS_POSITIONING="GridLayout">
<form id="Form1" method="post" runat="server">
<Lion:HtmlEditor id="HtmlEditor1" style="Z-INDEX: 101; LEFT: 88px; POSITION: absolute; TOP: 32px"
runat="server"></Lion:HtmlEditor>
<asp:Button id="butOk" style="Z-INDEX: 102; LEFT: 88px; POSITION: absolute; TOP: 384px" runat="server"
Text="butOk"></asp:Button>
</form>
</body>
</HTML>using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
namespace eip
{
/// <summary>
/// htmleditor 的摘要说明。
/// </summary>
public class htmleditor : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button butOk;
protected Lion.Data.Library.HtmlEditor.HtmlEditor HtmlEditor1;
SqlConnection conn;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
/// 提交内容
private void butOk_Click(object sender, System.EventArgs e)
{
string insertStr = "Insert into main (文件名) Values ('"
+ this.HtmlEditor1.Text + "')";
conn = new SqlConnection(System.Configuration.ConfigurationSettings.AppSettings["sqlconn"]);
conn.Open();
SqlCommand comm = new SqlCommand(insertStr,conn);
comm.ExecuteNonQuery();
conn.Close();
//Response.Write(this.HtmlEditor1.Text);
Response.Write("<script>alert(\"数据提交成功\");</script>");
//Response.Redirect("guest.aspx");
} private void InitializeComponent()
{
this.Load += new System.EventHandler(this.Page_Load); }
#endregion
}
}
<%@ Register TagPrefix="lion" Namespace="Lion.Data.Library.HtmlEditor" Assembly="Lion.Data.Library.HtmlEditor" %>
<%@ Page language="c#" Codebehind="htmleditor.aspx.cs" AutoEventWireup="false" Inherits="eip.htmleditor" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>htmleditor</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body MS_POSITIONING="GridLayout">
<form id="Form1" method="post" runat="server">
<Lion:HtmlEditor id="HtmlEditor1" style="Z-INDEX: 101; LEFT: 88px; POSITION: absolute; TOP: 32px"
runat="server"></Lion:HtmlEditor>
<asp:Button id="butOk" style="Z-INDEX: 102; LEFT: 88px; POSITION: absolute; TOP: 384px" runat="server"
Text="butOk"></asp:Button>
</form>
</body>
</HTML>using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
namespace eip
{
/// <summary>
/// htmleditor 的摘要说明。
/// </summary>
public class htmleditor : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button butOk;
protected Lion.Data.Library.HtmlEditor.HtmlEditor HtmlEditor1;
SqlConnection conn;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
/// 提交内容
private void butOk_Click(object sender, System.EventArgs e)
{
string insertStr = "Insert into main (文件名) Values ('"
+ this.HtmlEditor1.Text + "')";
conn = new SqlConnection(System.Configuration.ConfigurationSettings.AppSettings["sqlconn"]);
conn.Open();
SqlCommand comm = new SqlCommand(insertStr,conn);
comm.ExecuteNonQuery();
conn.Close();
//Response.Write(this.HtmlEditor1.Text);
Response.Write("<script>alert(\"数据提交成功\");</script>");
//Response.Redirect("guest.aspx");
} private void InitializeComponent()
{
this.Load += new System.EventHandler(this.Page_Load); }
#endregion
}
}
====================
各位大侠,假如我提交的能容有链接的话,系统有报错
“从客户端(HtmlEditor1="<A href="http://www....")中检测到有潜在危险的 Request.Form 值。 ”
为了安全考虑,如何写 这段代码啊
string insertStr = "Insert into main (文件名) Values ('"
+ this.HtmlEditor1.Text + "')";
validateRequest="false"
+ Server.UrlEncode(this.HtmlEditor1.Text) + "')";
改成这样,报错:从客户端(HtmlEditor1="<TABLE cellSpacing=0...")中检测到有潜在危险的 Request.Form 值。