public ActionResult Create() { var goal = new Goal(); goal.Date = DateTime.Today; ViewBag.Units = GoalBL.GetUnits(); var db = new DatabaseConnection(Server.MapPath("~")); db.connection.Open(); ViewBag.Movements = GoalBL.GetMovementTypes(db); db.connection.Close(); return(View(goal)); }
public ActionResult Details(int idGoal) { ViewBag.Units = GoalBL.GetUnits(); var db = new DatabaseConnection(Server.MapPath("~")); db.connection.Open(); ViewBag.Movements = GoalBL.GetMovementTypes(db); var goal = GoalBL.GetGoal(idGoal, db); db.connection.Close(); if (goal.IdUser == (int)Session["IdUser"]) { return(View(goal)); } //Prevents users from accessing other users goals else { return(RedirectToAction("Index", "Goal")); } }