public ActionResult New(PasteNote pasteNote) { // Encode Post text pasteNote.Post = HttpUtility.HtmlEncode(pasteNote.Post); // User pasteNote.UserName = (User.Identity.IsAuthenticated) ? User.Identity.Name : string.Empty; PasteNote newNote = _dal.AddPasteNote(pasteNote); // Tags // Pushed to a separate table if (!String.IsNullOrEmpty(Request["pastenotetags"])) _dal.AddTagsForNote(newNote.Id, ConstructNoteTags(Request["pastenotetags"])); return RedirectToAction("Notes", new { id = newNote.Id }); }
/// <summary> /// Add new <see cref="PasteNote"/> to DataBase /// </summary> /// <param name="newNote"><see cref="PasteNote"/> to submit</param> /// <returns>Returns submitted <see cref="PasteNote"/></returns> public PasteNote AddPasteNote(PasteNote newNote) { PasteNote note = null; List<SqlParameter> procedureParameters = new List<SqlParameter>(); procedureParameters.Add(new SqlParameter("@Title", newNote.Title)); procedureParameters.Add(new SqlParameter("@Description", newNote.Description)); procedureParameters.Add(new SqlParameter("@Post", newNote.Post)); procedureParameters.Add(new SqlParameter("@Language", newNote.Language)); procedureParameters.Add(new SqlParameter("@UserName", newNote.UserName)); using (IDataReader reader = _sqlDal.ExecuteQuery(_addPasteNoteProcedureName, procedureParameters)) { while (reader.Read()) { note = GetPasteNoteFromReader(reader); } } return note; }