public bool CreateSubforum(string username, CreationSubforum subforum) { using (var cmd = _conn.CreateCommand()) { cmd.CommandText = @"INSERT INTO Subforums(Name, Description, Rules, IconPath, MainModerator) VALUES (@name, @description, @rules, @iconpath, @moderator);"; cmd.Parameters.AddWithValue("@name", subforum.Name); cmd.Parameters.AddWithValue("@description", subforum.Description); cmd.Parameters.AddWithValue("@rules", subforum.Rules); cmd.Parameters.AddWithValue("@iconpath", subforum.IconPath); cmd.Parameters.AddWithValue("@moderator", username); return(Execute(cmd)); } }
public ActionResult CreateSubforum() { if (LoggedUserName == null) { return(View("NotLoggedIn")); } if (!Dao.CanCreateSubforum(LoggedUserName)) { return(View("NotAuthorized")); } if (Request.HttpMethod == "GET") { return(View()); } var subforum = new CreationSubforum() { Name = Request.Params["name"], Description = Request.Params["description"], IconPath = Request.Params["iconpath"], Rules = Request.Params["rules"] }; if (Dao.CreateSubforum(LoggedUserName, subforum)) { ViewBag.Title = "Creation Successful"; ViewBag.Subforum = subforum.Name; } else { ViewBag.Title = "Creation Failed"; } return(View("CreateSubforumResult")); }