示例#1
0
        public ActionResult EditPost(Models.Post post)
        {
            int pId = Request.QueryString["id"].AsInt(0);

            //Fetch the post details
            Models.Post p = new Models.Post();
            p = p.GetPost(pId);

            //Is the user authenticated?
            if (Session["userID"] != null)
            {
                //Is the user an administrator or the post's author?
                if ((int)Session["userID"] == p.author || (int)Session["admin"] == 1)
                {
                    if (ModelState.IsValid)
                    {
                        if (post.Edit(pId, post.title, post.body))
                        {
                            return(RedirectToAction("Index", "Home"));
                        }

                        else
                        {
                            ModelState.AddModelError("", "Edit failed");
                        }
                    }

                    //Go to the post
                    return(View(p));
                }

                else
                {
                    return(RedirectToAction("Index", "Home"));
                }
            }

            else
            {
                return(RedirectToAction("Index", "Home"));
            }
        }
示例#2
0
        //Delete the post based on the URI, after veryfiying the user is authorised to do so
        public ActionResult DeletePost()
        {
            int pId = Request.QueryString["id"].AsInt(0);

            //Fetch the post details
            Models.Post p = new Models.Post();
            p = p.GetPost(pId);

            //Is the user authenticated?
            if (Session["userID"] != null)
            {
                //Is the user an administrator or the post's author?
                if ((int)Session["userID"] == p.author || (int)Session["admin"] == 1)
                {
                    //Delete the post
                    p.Delete(pId);
                }
            }
            return(RedirectToAction("Index", "Home"));
        }