public ActionResult Details(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
HYEQuestion question = db.HYEQuestions.Find(id);
if (question == null)
{
return(HttpNotFound());
}
return(View(question));
}
public ActionResult Edit(int id)
{
var currentUser = User.Identity.GetUserId();
var question = db.HYEQuestions.Single(q => q.Id == id && q.InquirerId == currentUser);
var hyeQuestion = new HYEQuestion
{
//Initial so the form will be autopopulated with current values
Question = question.Question,
Id = question.Id,
};
//This will redirect to the view that submits a new quetion
return(View("QuestionForm", hyeQuestion));
}
[ValidateAntiForgeryToken] //Prevents CSRF Attacks
public ActionResult Create(HYEQuestion viewModel)
{
if (!ModelState.IsValid)
{
return(View("QuestionForm", viewModel));
}
var currentUserId = User.Identity.GetUserId();
var currentUser = db.Users.Single(u => u.Id == currentUserId);
var question = new HYEQuestion
{
Inquirer = currentUser,
DateTime = DateTime.Now,
Question = viewModel.Question
};
db.HYEQuestions.Add(question);
db.SaveChanges();
return(RedirectToAction("Index", "Home"));
}