In my Checkout.SelectAddress.cshtml page I have the following form:
#using (Html.BeginFormAntiForgeryPost(Url.Action("SelectAddress", "Checkout", new { area = "Store" })))
{
//extra code collecting information
<li class="align right"><button type="submit">#T("Next")</button></li>
}
I am using orchard cms 1.6 but I am having a problem with a navigation issue.
When the user clicks the above button they are directed to the URL:
http://localhost:30320/OrchardLocal/UMACS.Store/Checkout/Summary
I want to navigate to : http://localhost:30320/OrchardLocal/
i've tried replaing 'checkout' from the original form but having no joy. Anyone have any idea?
That form posts to a specific action in some module apparently named "Store". That action seems to then redirect to Summary. The only way you can make it redirect to something else is by changing its code.
Related
I have a Razor Pages project with a modal based on the
Bootstrap Modals for Razor Pages project. I've also added a razor page for a privacy statement to it.
When the user hits the OnPostContactModalPartial action, I want to redirect to the privacy page. So in the GitHub project, I placed the following in index.cs:
public IActionResult OnPostContactModalPartial(Contact model)
{
…
return RedirectToPage("Privacy");
}
But in continues loading the page instead of redirecting. Does anybody know how to solve this?
I need to move to another page, because I must logout and go to the first page in the same click.
Try using
Server.Transfer("Privacy");
Update:
What are the control/fields whose value would be submitted when the form is post back?
In an ASP.NET MVC Form, if user double clicks on the submit button, the form would be submitted two times. In order to solve this problem I implemented the solution explained here.
This is my solution, where I disable the submit button on form submit so it cannot be clicked again:
function preventFromBeingDoubleSubmitted() {
$('form').each(function () {
$(this).submit(function (e) {
if ($("form").valid()) {
// if form is valid, then disable the submit button so it cannot be double clicked (double submitted)
$(this).find(':submit').attr('disabled', 'disabled');
}
});
});
}
$(document).ready(function () {
preventFromBeingDoubleSubmitted();
});
This works fine, but I am getting a very strange behavior with ASP.NET Built in, Identity code. My login page, allows user to login with Facebook or Google (each of those buttons are submit buttons):
This is the code which generates the above login form (this is the built-in identity template):
#{
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
if (loginProviders.Count() > 0)
{
using (Html.BeginForm("ExternalLogin", "Account", new { ReturnUrl = Model.ReturnUrl }))
{
#Html.AntiForgeryToken()
<div class="form-group">
#foreach (AuthenticationDescription p in loginProviders.OrderBy(o => o.Caption))
{
if (string.Equals(p.AuthenticationType, "google", StringComparison.InvariantCultureIgnoreCase))
{
<button type="submit" class="external-login-btn btn-google" id="#p.AuthenticationType" name="provider" value="#p.AuthenticationType" title="Log in using your #p.Caption account">Log in with #p.AuthenticationType</button>
}
if (string.Equals(p.AuthenticationType, "facebook", StringComparison.InvariantCultureIgnoreCase))
{
<button type="submit" class="external-login-btn btn-facebook" id="#p.AuthenticationType" name="provider" value="#p.AuthenticationType" title="Log in using your #p.Caption account">Log in with #p.AuthenticationType</button>
}
}
</div>
}
}
}
The above code, should hit the following Controller Action (built-in identity template):
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider, string returnUrl)
{
return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
}
After, adding the .js code to prevent double submission, the external login no longer works. The problem is, when user clicks on Log in with Facebook button, the provider name is no longer passed in to ExternalLogin Action.
If I remove preventFromBeingDoubleSubmitted() function, provider name would be passed in ExternalLogin Action method and everything works fine.
What I don't understand is, how is provider passed in to action method at the first place? And why disabling the button prevents provider from being passed in?
I will first answer this question:
What I don't understand is, how is provider passed in to action method at the first place?
You have a button with name="provider" value="#p.AuthenticationType" this code is passing the provider name to your action method.
Next:
And why disabling the button prevents provider from being passed in?
When the form is submitted, the value of disabled fields is not passed to the server. This is the default behaviour.
Now to solve it, we can hide the button instead of disabling it. So in your preventFromBeingDoubleSubmitted() you can change $(this).find(':submit').attr('disabled', 'disabled'); to $(this).find(':submit').hide();
Hope this helps.
Update
To answer a new question about which fields are included in the form data.
<input>
<button>
<option>
An HTML form is a section of a document containing normal content, markup, special elements called controls (checkboxes, radio buttons, menus, etc.), and labels on those controls. Users generally "complete" a form by modifying its controls (entering text, selecting menu items, etc.), before submitting the form to an agent for processing (e.g., to a Web server, to a mail server, etc.)
Users interact with forms through named controls.
A control's "control name" is given by its name attribute. The scope of the name attribute for a control within a FORM element is the FORM element.
HTML defines the following control types:
buttons
checkboxes
radio buttons
menus: Menus offer users options from which to choose. The SELECT element creates a menu, in combination with the OPTGROUP and OPTION elements.
input controls (number, text, etc.)
hidden controls
object controls: Authors may insert generic objects in forms such that associated values are submitted along with other controls. Authors create object controls with the OBJECT element.
Because buttons are controls so the button's value will be posted to the server (if the buttons have name and value like your example). So it is about html specification. NOT asp.net mvc, not Microsoft's specification
You can refer these links for more details
https://www.w3.org/TR/html4/interact/forms.html#h-17.2.1
https://www.w3.org/TR/html5/sec-forms.html#submittable-element
Ok, so I have an ASP.Net MVC 5 project. Each page can contain several "Widget" aka partial views. Now I have a button in one of the partial view and when that button is clicked I want to capture the browser URL. Here is my attempt:
Suppose I go to https://www.elloh.com/test below is the code behind.
Main Page
{
partial view one
{
// some razor code
}
partial view two
{
<div>#Request.Url.ToString()</div>
<div>#Request.Url.AbsoluteUri</div>
<button type="button" onclick="location.href='#Url.Action("Logoff", "Security")'"> LogOff</button>
}
}
Points: Now I some how want to pass the https://www.olleh.com/test when the LogOff button is clicked. I have https://www.olleh.com/test in the browser tab. I know I can pass the anonymous object. But All I get is the URL pertaining to logout partial view. So the div in the second partial view displays something like https://www.olleh.com/test/partialView2. So if I do something like below it will not work.
<button type="button" onclick="location.href='#Url.Action("Logoff",
"Security", new {id = #Request.Url.ToString()})'"> LogOff</button>
P.S: the code snippet is not correct syntax wise. Bear with me on this.
Expected output: Need to be able to capture Browser URL when button in partial view is clicked.
HttpContext.Current.Request.Url Or use Raw URL
https://msdn.microsoft.com/en-us/library/system.web.httprequest.rawurl.aspx
You can do it using HttpContext.Current.Request.UrlReferrer property.
I'm using partial views within an MVC.Net website to display content from a database.
I want to be able to offer as WYSIWYG as possible an interface for modifying that content.
Ideally I'd like to be able to put an #Html.Action in whatever page I need some content on. Then automatically offer an "Edit" link for authenticated users.
Once the edit link is clicked, I want to show the same page as they were already on. (From a different controller). But with the partial replaced with it's "Edit" state alternative.
Obviously at the moment, putting an ActionLink in the partial navigates away from the current page and displays the Edit view full screen.
The Controller "SiteCMSController" looks up the id from the db/cache and inserts it in the page.
If the user is an admin, it adds an edit link.
<div>
#Html.Action("_Content", "SiteCMS", new { id = 1 })
</div>
results in
<div>
Some text pulled in from the database.
<br>
Edit this content
</div>
(Off the top of my head code.)
use some ajax
<div>
#Ajax.Actionlink("_Content", "SiteCMS", new { id = 1}, new AjaxOptions { UpdateTargetId = "someDiv"})
</div>
UpdateTargetId, this is were your partial will be stored, you have to make a div with the id "someDiv", or something else ofc :)
Actually I have a asp.net mvc web application Now I have a button which if a user has sufficient rights then its visibility is set as true or false (using jquery)
Now, recently working through firebug in the browser i changed its visibility to true.
It performed the action(which is wrong).
How to prevent this?
Thanks.
You need to perform the authorization on the controller method or parent class that clicking your button invokes.
You can use the AuthorizeAttribute class to decorate your class.
There's more information here on MSDN regarding the Authorize Attribute.
You'll see examples on that page such as:
[Authorize(Roles = "Admin, Super User")]
public ActionResult AdministratorsOnly()
{
return View();
}
The underlining issue is validation should not be done client side. The clients browser can activate / deactivate anything and change any value.
If the user doe not have sufficient permissions do not render the button at all or (if design requires it) render a disabled button with no link so that the user could activate via dom manipulation but not click.
<% if (((int) ViewData["permission"]) >= 3) { // one of many ways to do this, perhaps not the best but quick. %>
<input type="button" />
<% } %>