public ActionResult Edit_Post(int id) // lesson 21 wanted to use ([Bind(exclude="Name")]Class1 class1) but must omit [required] in model which would change expected create behaviour // before lesson 20 (Class1 class1)
{
/*
* lesson 22 isn't needed because IClass1 interface and Bind would still need to omit [required] in model *same as lesson 21
*/
Class1Context class1Context = new Class1Context();
/*
* added at lesson 20
*/
Class1 class1 = class1Context.Class1S.Single(e => e.SomeId == id);
UpdateModel(class1, null, null, new[] { "name" });// take note that it is case insensitive
if (ModelState.IsValid)
{
/*
* Moved up at lesson 20
* Class1Context class1Context = new Class1Context();
*/
class1Context.Class1S.AddOrUpdate(class1);
class1Context.SaveChanges();
return(RedirectToAction("E"));
}
return(View(class1));
}
public ActionResult Delete_Post(int id)
{
Class1Context class1Context = new Class1Context();
Class1 class1 = class1Context.Class1S.Single(e => e.SomeId == id);
class1Context.Class1S.Remove(class1);
class1Context.SaveChanges();
return(RedirectToAction("E"));
}
public ActionResult Create_Post(string name)//lesson 15 at start only (Class1 class1)//lesson 14 (string name, string something) //lesson13 (FormCollection formCollection)
{
//for lesson 55 and 56 XSS using name property to prevent non-Replaced tags
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(HttpUtility.HtmlEncode(name));
stringBuilder.Replace("<b>", "<b>");
stringBuilder.Replace("</b>", "</b>");
stringBuilder.Replace("<u>", "<u>");
stringBuilder.Replace("</u>", "</u>");
/*
* added on lesson 16
*/
Class1 class1 = new Class1();
TryUpdateModel(class1);
/* lesson 15 omitted these
* Class1 class1 = new Class1();
* class1.Name = name; //lesson13 version formCollection["Name"];
* class1.Something = something; //lesson13 version formCollection["Something"];
*/
/*
* added on lesson 15
*/
if (ModelState.IsValid)
{
//for lesson 55 and 56 XSS using name property
class1.Name = stringBuilder.ToString();
/*
* omitted by lesson 16
* Class1 class1 = new Class1();
* UpdateModel(class1);*/
Class1Context class1Context = new Class1Context();
class1Context.Class1S.Add(class1);
class1Context.SaveChanges();
return(RedirectToAction("E"));
}
return(View());
/*
* before database this one was used to view on same create page
* foreach (string key in formCollection.AllKeys)
* {
* if (key == "__RequestVerificationToken")
* continue;
* Response.Write(key + " = ");
* Response.Write(formCollection[key]);
* Response.Write("<br/>");
* }
* return View();
*/
}