public IActionResult EditPost(ImageEditModel model, [FromRoute] int id) { if (!_authService.CanUserEditImage(User, id)) { ViewBag.Error = "Your account is not authorized to edit the requested image."; ViewBag.CanEdit = false; return(View("Edit", model)); } _imageRepository.EditImageProperties(id, model); return(RedirectToAction("Details", new { id })); }
public void EditImageProperties(int imageId, ImageEditModel model) { var tags = SanitizeHashtags(model.Tags); using (var connection = new SqlConnection(_dbSettings.ConnectionString)) { connection.Open(); connection.Execute( @"UPDATE dbo.Image SET Tags = @tags, Description = @Description WHERE Id = @imageId", new { imageId, tags, model.Description }); } }