// POST api/profile
public HttpResponseMessage Post(MyProfileModel value)
{
try
{
using (var ctx = new Entities())
{
/* Get logged user ID. That won't be fetched from the form to avoid XSS atacks. */
int userid = Authentication.GetLoggedUser().UserID;
UserProfile profile = ctx.UserProfiles.FirstOrDefault(i => i.UserID == userid);
/* If there isn't a profile for this user yet, create it. */
if (profile == null)
{
profile = ctx.UserProfiles.Add(new UserProfile() { UserID = userid });
}
/* Set user profile info. */
profile.FullName = value.FullName;
profile.BirthDate = value.BirthDate;
profile.UserTheme = value.UserTheme;
profile.Location = value.Location;
profile.Biography = value.Biography;
/* Save changes and refresh user's full name in the cookie. */
ctx.SaveChanges();
Authentication.RefreshCookie();
return new HttpResponseMessage(HttpStatusCode.OK);
}
}
catch
{
return new HttpResponseMessage(HttpStatusCode.InternalServerError);
}
}
public ActionResult MyProfile()
{
using (var ctx = new Entities())
{
int userid = Authentication.GetLoggedUser().UserID;
UserProfile up = ctx.UserProfiles.FirstOrDefault(i => i.UserID == userid);
if (up == null)
{
up = new UserProfile();
}
var profile = new MyProfileModel(up);
ViewBag.UserThemeList = new Choice(Utils.GetThemes(), true, up.UserTheme).GetSelectList();
return View(profile);
}
}