[ValidateAntiForgeryToken] // This is to prevent Cross-site Request Forgery (CSRF) attacks. public ActionResult Create(MeetupFormViewModel viewModel) { // If our view model is not valid, return the user back to the Create view with // validation messages showing. if (!ModelState.IsValid) { // We have to re-initialize our Categories list or a null exception will be thrown. viewModel.Categories = _context.Categories.ToList(); return View("MeetupForm", viewModel); } var meetup = new Meetup { GroupId = User.Identity.GetUserId(), DateTime = viewModel.GetDateTime(), CategoryId = viewModel.Category, Venue = viewModel.Venue, Title = viewModel.Title, Description = viewModel.Description }; _context.Meetups.Add(meetup); _context.SaveChanges(); return RedirectToAction("Mine", "Meetups"); }
public ActionResult Create() { var viewModel = new MeetupFormViewModel { Heading = "Add a Meetup", Categories = _context.Categories.ToList() }; return View("MeetupForm", viewModel); }
[ValidateAntiForgeryToken] // This is to prevent Cross-site Request Forgery (CSRF) attacks. public ActionResult Update(MeetupFormViewModel viewModel) { // If our view model is not valid, return the user back to the Create view with // validation messages showing. if (!ModelState.IsValid) { // We have to re-initialize our Categories list or a null exception will be thrown. viewModel.Categories = _context.Categories.ToList(); return View("MeetupForm", viewModel); } var userId = User.Identity.GetUserId(); var meetup = _context.Meetups .Include(m => m.Attendances.Select(a => a.Attendee)) .Single(m => m.Id == viewModel.Id && m.GroupId == userId); meetup.Modify(viewModel.GetDateTime(), viewModel.Venue, viewModel.Category); _context.SaveChanges(); return RedirectToAction("Mine", "Meetups"); }
public ActionResult Edit(int id) { // We cannot allow anyone to edit any meetup. The meetup's group id must match // the id of the currently logged in user id. var userId = User.Identity.GetUserId(); var meetup = _context.Meetups.Single(m => m.Id == id && userId == m.GroupId); var viewModel = new MeetupFormViewModel { Id = meetup.Id, Heading = "Edit this Meetup", Categories = _context.Categories.ToList(), Date = meetup.DateTime.ToString("MMM d yyyy"), Time = meetup.DateTime.ToString("HH:mm"), Title = meetup.Title, Venue = meetup.Venue, Description = meetup.Description }; return View("MeetupForm", viewModel); }