Exemplo n.º 1
0
        //[ValidateAntiForgeryToken]特性用来防止伪造的跨站请求,配合表单中的@Html.AntiForgeryToken()使用
        //对数据进行增删改时要防止csrf攻击!
        //该特性表示检测服务器请求是否被篡改。注意:该特性只能用于post请求,get请求无效。
        public ActionResult GoodsEdit(Goods goods)
        {
            //[Bind(Include = "Goods_id,GoodsName,GoodsImage,GoodsJianjie,GoodsDetails,AddTime,Price,Count,GoodsK_id")]
            //使用Bind属性的目的是限制用户在提交form表单时使用合适且正确的值。当我们提交一个表单时,就会检查每一个实体上绑定的特性。
            //Bind属性是一个重要的安全机制,可以防止黑客攻击。

            if (ModelState.IsValid)
            {
                HttpPostedFileBase postimage1 = Request.Files["GoodsImage"];
                if (postimage1 != null)
                {
                    string filePath     = postimage1.FileName;
                    string filename     = filePath.Substring(filePath.LastIndexOf("\\") + 1);
                    string serverpath   = Server.MapPath(@"\Images\goods\") + filename;
                    string relativepath = @"/Images/goods/" + filename;
                    postimage1.SaveAs(serverpath);
                    goods.GoodsImage = relativepath;
                }
                db.SaveChanges();
                goodsmanager.EditGoods(goods);
                return(RedirectToAction("Index"));
            }
            ViewBag.GoodsK_id = new SelectList(db.GoodsK, "GoodsK_id", "GoodsKName", goods.GoodsK_id);

            return(View(goods));
        }
Exemplo n.º 2
0
        public async Task <ActionResult> EditGood(CreateGoodViewModel model)
        {
            if (ModelState.IsValid)
            {
                IBLL.IGoodsManager goodsManager = new GoodsManager();
                await goodsManager.EditGoods(model.Id, model.Name, model.ImgsUrl, model.Price, model.PriceOld);

                return(RedirectToAction("GoodsList"));
            }
            else
            {
                return(View(model));
            }
        }