I tested taking the id and passing via url, normally performs the operation, as long as it exists, otherwise the error as expected.
EX:
How can I address this issue? See a form of validation, so if the id parameter is passed via direct url does not work or something, otherwise no one can pass any id and delete important data or edit.
[HttpPost]
public ActionResult Edit(Pessoa model)
{
if (ModelState.IsValid)
{
Pessoa p = new Pessoa();
p.Salvar(model);
return View("List", p.Listar());
}
else
return View("Create", model);
}
public ActionResult Delete(int id)
{
Pessoa p = new Pessoa();
p.Deletar(id);
return View("List", p.Listar());
}