示例#1
0
        public Customer CreateCustomer(Customer customer)
        {
            if (!ModelState.IsValid)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }

            _context.Customers.Add(customer);
            _context.SaveChanges();

            return(customer);
        }
示例#2
0
        public ActionResult Save(Customer customer)
        {
            if (!ModelState.IsValid)
            {
                var viewModel = new CustomerFormViewModel
                {
                    Customer        = customer,
                    MembershipTypes = _context.MembershipTypes.ToList()
                };
                return(View("CustomerForm", viewModel));
            }

            if (customer.Id == 0)
            {
                _context.Customers.Add(customer);
            }
            else
            {
                var customerInDb = _context.Customers.Single(c => c.Id == customer.Id);

                // According to Microsoft but it has a security gap
                // 01. TryUpdateModel(customerInDb);
                // 02. TryUpdateModel(customerInDb, "", new string[]{ "Name", "Email });


                customerInDb.Name                     = customer.Name;
                customerInDb.Birthdate                = customer.Birthdate;
                customerInDb.MembershipTypeId         = customer.MembershipTypeId;
                customerInDb.IsSubscribedToNewsletter = customer.IsSubscribedToNewsletter;
            }

            _context.SaveChanges();
            return(RedirectToAction("Index", "Customers"));
        }
示例#3
0
        public ActionResult Save(Movie movie)
        {
            if (!ModelState.IsValid)
            {
                var viewModel = new MovieFormViewModel(movie)
                {
                    Genres = _context.Genre.ToList()
                };
                return(View("MovieForm", viewModel));
            }


            if (movie.Id == 0)
            {
                movie.DateAdded = DateTime.Now;
                _context.Movies.Add(movie);
            }
            else
            {
                var movieInDb = _context.Movies.Single(m => m.Id == movie.Id);
                movieInDb.Name          = movie.Name;
                movieInDb.GenreId       = movie.GenreId;
                movieInDb.NumberInStock = movie.NumberInStock;
                movieInDb.ReleaseDate   = movie.ReleaseDate;
            }

            try
            {
                _context.SaveChanges();
            }
            catch (DbEntityValidationException e)
            {
                Console.WriteLine(e);
            }



            return(RedirectToAction("Index", "Movies"));
        }