public ActionResult EditAddress(CustomerAddress address, string returnUrl)
{
if (ModelState.IsValid)
{
if(address.UserName!=User.Identity.Name)
{
return View("Error", new string[] { "You are NOT authorized!" });
}
if (dbContext.Orders.Select(o => o.CustomerBillingAddressId).Any(i => i == address.Id) || dbContext.Orders.Select(o => o.CustomerShippingAddressId).Any(i => i == address.Id))
{
dbContext.CustomerAddresses.FirstOrDefault(a => a.Id == address.Id).Status = "Deleted";
dbContext.CustomerAddresses.Add(address);
}
else
{
dbContext.CustomerAddresses.Attach(address);
dbContext.Entry(address).State = EntityState.Modified;
}
try
{
dbContext.SaveChanges();
if (returnUrl == null || returnUrl == string.Empty)
{
return RedirectToAction("ShowAddresses");
}
else
{
return Redirect(returnUrl);
}
}
catch
{
return View("error", new string[] { "Database Error!" });
}
}
return View(address);
}
public ActionResult CreateAddress(CustomerAddress address,string returnUrl)
{
if (ModelState.IsValid)
{
dbContext.CustomerAddresses.Add(address);
try
{
dbContext.SaveChanges();
if (returnUrl != null && returnUrl!="")
return Redirect(returnUrl);
else
return RedirectToAction("Index");
}
catch
{
return View("error", new string[] { "Database Error!" });
}
}
ViewBag.returnUrl = returnUrl;
return View(address);
}
