With jQuery and ASP.NET MVC Almost Radio Buttons

image.png

The Silicon Valley Code Camp web site used jQuery to do a lot of the page markup manipulation.  Behind the scenes of course is ASP.NET MVC5 which has a lot of helper methods for things like Check Boxes and Radio Buttons.  General purpose methods are nice (until they are not).  I’m building a more sophisticated “Opt-Out” for the code camp site and have created a choice where the user can say they want “All Emails” or “Critical Emails”.  I did not want to have a third choice for “No Emails” since say they don’t want all and they don’t want critical implies they don’t want any.  Also, it does not make sense for the user to say they want both “All” and “Critical”. It’s a one or another, just like radio buttons. Since I could not use … Continue Reading

All ASP.NET MVC Forms Need To Include Html.AntiForgeryToken() For Security

image.png

Having recently been implementing many new form pages in ASP.NET MVC, I’ve found myself over and over again adding the following two things to every form. After Html.BeginForm() I Put @Html.AntiForgeryToken() Add the Attribute [ValidateAntiForgeryToken] To Every Post Action Method Before I was doing so much ASP.NET MVC, I would often see in Channel 9 videos, the presenter add the AntiForgeryToken() after the BeginForm() method on the cshtml razor page and say something like “you should always add this”.  I never saw them say “and don’t forget to add the attribute ValidateAntiForgeryToken to the controller POST method. Just to be clear, below is what I’m talking about: What this does is to make sure that the trusted … Continue Reading

Safely Encoding Strings On ASP.NET MVC Razor Pages (sometimes)

  Background Sometimes, we want to let html tags come through our web pages from user defined content.  If for example, you have a workflow that requires approval before publishing, there are times when you want to let the author put through html, links, etc.  Solution In Visual Studio write a simple HtmlHelper method that allows for a flag you can pass through.  In my case, I have a database table with a boolean column “allowhtml”.  If this is set, then instead of using Html.Raw(…) I can use my own helper method, pass in the allowHtml value and if it is set true, then allow the not encoded Html to flow through. Here is that helper method: namespace WebAPI.Code.Helpers { public static class … Continue Reading

Collection Form Post Parameters in WebAPI Controller

image.png

There are lots of ways using ASP.NET MVC4 to collection passed in form parameters (POST) to the WebAPI Controller.  I’m not wanting to create a Model, I’m not wanting to get involved with dynamic variables, I just want the values that are posted in.  Say for example, my post looks like the following: To capture both sessionId and trackId, I can have a WebAPI controller in Visual Studio that looks just like this: namespace WebAPI.Api{ public class SessionRpcController : ApiController { [HttpPost] [ActionName("UpdateSessionTrack")] [Authorize(Roles = "admin")] public HttpResponseMessage PostUpdateSessionTrack( FormDataCollection formDataCollection) … Continue Reading

Follow

Get every new post delivered to your Inbox

Join other followers: