[ValidateAntiForgeryToken] //CSRF attack
public ActionResult Update(TourFormViewModel tourFormViewModel)
{
if (!ModelState.IsValid)
{
tourFormViewModel.Genres = _unitOfWork.Genres.GetGenre();
return(View("TourForm", tourFormViewModel));
}
var tour = _unitOfWork.Tours.GetTourWithAttendees(tourFormViewModel.Id);
if (tour == null)
{
return(HttpNotFound());
}
if (tour.TravellerID != User.Identity.GetUserId())
{
return(new HttpUnauthorizedResult());
}
tour.Modify(tourFormViewModel.GetDateTime(), tourFormViewModel.Place,
tourFormViewModel.TotalSeat, tourFormViewModel.Cost,
tourFormViewModel.Genre);
//tour.Place = tourFormViewModel.Place;
//tour.TotalSeat = tourFormViewModel.TotalSeat;
//tour.DateTime = tourFormViewModel.GetDateTime();
//tour.Cost = tourFormViewModel.Cost;
//tour.GenreID = tourFormViewModel.Genre;
//update data
_unitOfWork.Complete();
return(RedirectToAction("Mine", "Tour"));
}
[ValidateAntiForgeryToken] //CSRF attack
public ActionResult Create(TourFormViewModel tourFormViewModel)
{
if (!ModelState.IsValid)
{
tourFormViewModel.Genres = _unitOfWork.Genres.GetGenre();
return(View("TourForm", tourFormViewModel));
}
var tour = new Tour
{
TravellerID = User.Identity.GetUserId(),
DateTime = tourFormViewModel.GetDateTime(),
GenreID = tourFormViewModel.Genre,
Cost = tourFormViewModel.Cost,
Place = tourFormViewModel.Place,
TotalSeat = tourFormViewModel.TotalSeat
};
_unitOfWork.Tours.Add(tour);
_unitOfWork.Complete();
return(RedirectToAction("Mine", "Tour"));
}
