public ActionResult Create(Question model)
 {
     if(!ModelState.IsValid)
     {
         return View(model);
     }
     model.OwnerUserId = User.Identity.UserId();
     model.CreateAt = DateTime.UtcNow;
     DB.Questions.Add(model);
     DB.SaveChanges();
     return RedirectToAction("Index");
 }
        public ActionResult Edit(int id, Question model)
        {
            var question = this.DB.Questions.Find(id);
            if (!ModelState.IsValid)
            {
                return View(model);
            }

            UpdateModel(question, 
                prefix: null, 
                includeProperties: null,
                excludeProperties: new[] { "QuestionId", "OwnerUserId", "CreateAt" });

            DB.SaveChanges();
            return RedirectToAction("Index");
        }
        public ActionResult Create(Question model)
        {
            if (IsValidDataURL(model) == false) throw new ApplicationException("Invalid Data URL.");

            if(ModelState.IsValid == false)
            {
                return View(model);
            }

            model.OwnerUserId = User.Identity.UserId();
            model.CreateAt = DateTime.UtcNow;
            this.DB.Questions.Add(model);
            this.DB.SaveChanges();

            return RedirectToAction("Index");
        }
        public ActionResult Edit(int id, Question model)
        {
            var question = this.DB.Questions.Find(id);
            if (question.OwnerUserId != User.Identity.UserId())
                throw new Exception("Access Violation.");

            if (ModelState.IsValid == false)
            {
                return View(model);
            }

            UpdateModel(question, 
                prefix: null, 
                includeProperties: null,
                excludeProperties: new[] { "QuestionId", "OwnerUserId", "CreateAt" });

            if (IsValidDataURL(question) == false) throw new ApplicationException("Invalid Data URL.");

            this.DB.SaveChanges();

            return RedirectToAction("Index");
        }
 private bool IsValidDataURL(Question model)
 {
     return model.GetOptions(trim: false)
         .Select(opt => opt.OptionImage ?? "")
         .All(url => Regex.IsMatch(url, @"(^data:image/\w+;\w+,[0-9a-zA-Z/+=]+$)|(^$)"));
 }