public IHttpActionResult PutReview(int id, Review review)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != review.ReviewID)
{
return BadRequest();
}
db.Entry(review).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!ReviewExists(id))
{
return NotFound();
}
else
{
throw;
}
}
return StatusCode(HttpStatusCode.NoContent);
}
public IHttpActionResult PostReview(Review review)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
db.Reviews.Add(review);
db.SaveChanges();
return CreatedAtRoute("DefaultApi", new { id = review.ID }, review);
}
public IHttpActionResult PutReview(int id, Review review, string username, string password)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != review.ID)
{
return BadRequest();
}
foreach (Admin a in db.Admins.ToList())
{
if (a.username.Equals(username))
{
if (a.password.Equals(password))
{
db.Entry(review).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!ReviewExists(id))
{
return NotFound();
}
else
{
throw;
}
}
return StatusCode(HttpStatusCode.NoContent);
}
// If the password is incorrect for this username,
// it will not be correct for other usernames either.
break;
}
}
return StatusCode(HttpStatusCode.Unauthorized);
}
