public MessageResult CreateBacklogGame(Game game)
{
MessageResult result = MessageResult.ErrorMessage($"{game.Name} failed to be created");
//Is this binding the input data to guard against XSS and other input attacks?
try
{
Game newGame = new Game()
{
GameId = game.GameId,
Name = game.Name,
GenreId = game.GenreId,
ImagePath = game.ImagePath,
ReleaseDate = game.ReleaseDate,
};
db.Games.Add(newGame);
db.SaveChanges();
result = MessageResult.SuccessMessage($"{game.Name} has been created");
}
catch
{
throw;
}
return(result);
}
public MessageResult CreateFinishedGame(CreateFinishedGame data)
{
MessageResult result = MessageResult.ErrorMessage("Failed to create");
try
{
if (db.Games.Any(g => g.Name == data.Name))
{
return(MessageResult.ErrorMessage($"Game name {data.Name} already exists, can't add game."));
}
Game newGame = new Game()
{
Name = data.Name,
GenreId = data.GenreId,
ImagePath = data.ImagePath,
ReleaseDate = data.ReleaseDate,
};
db.Games.Add(newGame);
db.SaveChanges();
Game addedGame = db.Games.Where(g => g.Name == data.Name)
.SingleOrDefault();
FinishedGame newFinishedGame = new FinishedGame()
{
GameId = addedGame.GameId,
DaysPlayed = data.DaysPlayed,
HoursPlayed = data.HoursPlayed,
GameRatingId = data.GameRatingId,
GameStartDate = data.GameStartDate,
GameFinishedDate = data.GameFinishedDate,
};
db.FinishedGames.Add(newFinishedGame);
db.SaveChanges();
result = MessageResult.SuccessMessage($"Game {data.Name} has been added to the Finished games list");
}
catch
{
throw;
}
return(result);
}
public MessageResult Remove(int gameId)
{
var game = db.Games.Find(gameId);
if (game == null)
{
return(MessageResult.ErrorMessage($"Removal incomplete, game id {gameId} doesn't exist"));
}
try
{
db.Games.Remove(game);
db.SaveChanges();
return(MessageResult.SuccessMessage($"{game.Name} has been removed"));
}
catch
{
throw;
}
}