public MasterIncident Create(MasterIncident masterIncident) { using (ShoutboxContext db = new ShoutboxContext()) { //Html encode all user submitted input to prevent XSS masterIncident.IM = Encoder.HtmlEncode(masterIncident.IM); masterIncident.KM = Encoder.HtmlEncode(masterIncident.KM); masterIncident.Description = Encoder.HtmlEncode(masterIncident.Description); masterIncident.Active = true; db.Users.Attach(masterIncident.User); db.MasterIncidents.Add(masterIncident); db.SaveChanges(); return(db.MasterIncidents.FirstOrDefault(f => f.MasterIncidentID == masterIncident.MasterIncidentID)); } }
public Task CreateMasterIncident(string description, string km, string im) { User user = _userRepository.GetByLogonUser(Context.User.Identity.Name); if (user.Role < Roles.Moderator) { return(null); } MasterIncident masterincident = new MasterIncident { Description = description, KM = km, IM = im, Timestamp = DateTime.Now, User = user }; _MasterIncidentRepository.Create(masterincident); return(Clients.All.AddMasterIncident(masterincident.MasterIncidentID, masterincident.Description, masterincident.KM, masterincident.IM, masterincident.Timestamp)); }