// POST api/profile public HttpResponseMessage Post(MyProfileModel value) { try { using (var ctx = new Entities()) { /* Get logged user ID. That won't be fetched from the form to avoid XSS atacks. */ int userid = Authentication.GetLoggedUser().UserID; UserProfile profile = ctx.UserProfiles.FirstOrDefault(i => i.UserID == userid); /* If there isn't a profile for this user yet, create it. */ if (profile == null) { profile = ctx.UserProfiles.Add(new UserProfile() { UserID = userid }); } /* Set user profile info. */ profile.FullName = value.FullName; profile.BirthDate = value.BirthDate; profile.UserTheme = value.UserTheme; profile.Location = value.Location; profile.Biography = value.Biography; /* Save changes and refresh user's full name in the cookie. */ ctx.SaveChanges(); Authentication.RefreshCookie(); return new HttpResponseMessage(HttpStatusCode.OK); } } catch { return new HttpResponseMessage(HttpStatusCode.InternalServerError); } }
public ActionResult MyProfile() { using (var ctx = new Entities()) { int userid = Authentication.GetLoggedUser().UserID; UserProfile up = ctx.UserProfiles.FirstOrDefault(i => i.UserID == userid); if (up == null) { up = new UserProfile(); } var profile = new MyProfileModel(up); ViewBag.UserThemeList = new Choice(Utils.GetThemes(), true, up.UserTheme).GetSelectList(); return View(profile); } }