I have a main page with a large list of companies, I have a search button and if I want to find a company by state or city I can filter my search.
I decide to filter my search by cities, lets say Chicago, and I get 10 companies as a result of my search.
I click any company in that list and I go to the company details but I realize that is not the one I am looking for, so I want to go back to my 10 companies result list but instead I go back to the main company search interface and I have to re-start my search again.
How to use a session variable or cookies for this case?
Somebody can help me with this?
Another valid option not involving Session or cookies would be using the url for passing search parameters. If your site is public this may also help you with SEO.
You could use a friendly url + rewriting rules or just querystring if you are not using any rewriting.
On the company details page you'd store the referrer url and if the user wants to come back, you do it to that page.
I agree with Claudio, but if you do want to use session I would do something like the following
In page load do something like this
if(!Page.IsPostBack)
{
string filter = Session["SearchQuery"].ToString();
if(filter != null)
{
FilterResults(filter)
}
}
And then in your filter event do something like
Session["Filter"] = txtCityName.txt;
FilterResults(txtCityName.txt);
Related
To give some context on what I know. I learn some time ago from this tutorial even when you set a field from your model READ ONLY on the View how easy is use tools like fiddler to alter the POST data and change the value.
What you do in this case is use Model Binding to specify the list of fields you want Edit and ignore the rest
[HttpPost]
[ActionName("Edit")]
public ActionResult Edit_Post(int id)
{
EmployeeBusinessLayer employeeBusinessLayer = new EmployeeBusinessLayer();
Employee employee = employeeBusinessLayer.Employees.Single(x => x.ID == id);
UpdateModel(employee, new string[] { "ID", "Gender", "City", "DateOfBirth" });
^^^ Name isnt updated
if (ModelState.IsValid)
{
employeeBusinessLayer.SaveEmployee(employee);
return RedirectToAction("Index");
}
return View(employee);
}
Now I learn about Authentication using AspNet.Identity.
Can check if user isn't authenticated to send him to the Login page.
If user belong to certain Role, I can show personalized menus.
Or check the list of contacts for the user and show only those.
But even if you filter the list of contacts based on the user_id before create the view you can access the actions EDIT and DELETE using links like this.
http://MVCDemo/Employee/Edit/1
http://MVCDemo/Employee/Delete/1
And as long you are authenticated, you can change other users data.
So, how you integrate authentication with CRUD actions to avoid unintended actions?
Seem to me to solve this situation I have to apply something similar to the Model Binding example. When get and Edit or Delete post request, first get the Employee from the DB using the id and compare if belong to the current user.
But that create a lot of repeats code across all the functions.
So what is the right way to handle this?
EDIT
To try to make it clear. Lets assume I have an address book application. Each user have contacts:
contact_id user_id name phone ....
1 1 A
2 1 B
3 1 C
4 2 D
5 2 E
6 2 F
The action to show contacts use authenticated user_id to filter the contacts before send it to the view.
Then you have an Edit/Delete actions where you get contact_id and process to Update/Delete. Even when both users have permission to these actions they shouldn't be able to affect other users contacts. But as I explain is very easy change the page using a tool like fiddler.
I can only speak from personal experience but I don't know any MVC features for managing this for you; I've only ever taken the approach you outline of retrieving the data model from the database and explicitly writing the logic to check if the current user has permissions to modify this resource, returning a 401 error if not.
You can compare the incoming request userid with the userid you have in the session, encrypted cookie or web tokens like jwt which ever you use.
Usually if i have load balancer i use encrypted cookie where i store the logged in user's id and compare it with the id i am getting from the request. if both match, update/delete profile else return Unauthorized.
Same can be done in case of Session or tokens as well.
Actually in my application there are two type of searching facility one is Quack search and another is Advance search
and i use routing the url means when i use Quack search with computer then my url is
1) http://www.example.com:1270/Computer-Company/Computer/1
we have more TABS or BUTTON on screen like Projects,Services,Leads....etc by default selected company TABS/BUTTON you can click on any tabs/button
suppose you search with computer then by default company is searching, then you can click on Project, you can see the result computers project and url is like below
Computer-Projects/Computer/
and pagination is working also fine Because we have only one Searching text like computers
But my problem is in Advance search
THERE ARE THE TWO TYPE OF PROBLEM
=> when i search with multiple criteria like Company Name,Contact Person,Tags,....etc
User may be search with all criteria or single criteria so ADVANCE SEARCH URL IS LIKE
3)http://www.example.com:1270/AdvanceSearch/Company/1
so please let me know how can i pass the all data from view to controller at pagination time.
so please let me know how can i pass the data from view to controller with the use of model
Temporary i am passing hidden data,But in controller side parameters write like
public ActionReslut Company(string companyName,string contactPerson,string country.....)
{
that is not proper way
}
You should use a ViewModel that contains all the fields that you need in the search:
public class SearchParameters{
string companyName {get;set;}
string contactOerson {get;set;}
string country {get;set;}
....
}
Your action:
public ActionReslut Company(SearchParameters searchParameters)
and then using these fields to filter your data.
I am trying to use slugs in an MVC web application but can seem to work out the best way to implement them.
I have found the the recommendation on how to create the URL friendly slug stackoverflow slug post
I still want to be able to query the Db with the ID but don't want this to be in the URL similarly to most stackoverflow URLs, for example
http://website/home/list/outdoor-products
How can a slug be displayed in the URL while still passing and using an ID to be used to query with?
It's doesn't really depends on a technology/framework which you are using, the main thing is you have to have destinctive urls to unambiguously select page content.
If you do have unique titles/slugs for pages, then you may use them as identity for content selection. Otherwise, you need to put some sort of id (it could be int or guid, whatever) into your urls. There isn't anything which will hide your int id behind the slug.
Talking about stakoverflow's urls, you'll find id just before the friendly title. Another option could be put actual id at the end of friendly title (friendly-title-1559063).
I have two views and two controllers. One for clients and the other for their addresses. Clients can have one address. In my model definition for client I allow the addressID of the client to be nullable. When I want to create an address for a client, according to the addressId being null or not i will redirect to either the address's "create" or "details" view. For now I want to just display the clients name when I reach the Create view("creating address for John Doe"). How do i go about doing this? I'm trying to learn MVC slowly and I'm having trouble dealing with the separation of concerns and where to pass data.
Since you are redirecting manually you know the next request for sure. In this case TempData may fit your needs best. If you need the data for more than the next request you should probably use Session or Cookies as already suggested.
Use this to store data for the next request:
TempData["ClientName"] = "John Doe";
And this to get the data out in the next request:
var clientName = TempData["ClientName"];
Please note that TempData stores its data only for the next request. For further info about TempData MSDN is your friend: http://msdn.microsoft.com/en-us/library/dd394711%28v=vs.100%29.aspx
Try to put some code for others to help you better, but for now what I can tell you is that you want to keep state across requests, therefore you have many options. You can keep a session state, you can have a querystring appended to your following requests, you can have cookies transporting the id, etc.
I would recommend you using session for this .. store the username is session("username") and use it in view or in any controller u want ..
I stucked at a condition , where i need to share values between the pages. I want to share value from Codebehind via little or no javascript. I already have a question here on SO , but using JS. Still did'nt got any result so another approach i am asking.
So I want to know can i pass any .net object in query string. SO that i can unbox it on other end conveniently.
Update
Or is there any JavaScript approach, by passing it to windows modal dialog. or something like that.
What I am doing
What i was doing is that on my parent page load. I am extracting the properties from my class that has values fetched from db. and put it in a Session["mySession"]. Some thing like this.
Session["mySession"] = myClass.myStatus which is List<int>;
Now on one my event that checkbox click event from client side, i am opening a popup. and on its page load, extracting the list and filling the checkbox list on the child page.
Now from here user can modify its selection and close this page. Close is done via a button called save , on which i am iterating through the checked items and again sending it in Session["mySession"].
But the problem is here , when ever i again click on radio button to view the updated values , it displays the previous one. That is , If my total count of list is 3 from the db, and after modification it is 1. After reopening it still displays 3 instead of 1.
Yes, you could but you would have to serialize that value so that it could be encoded as a string. I think a much better approach would be to put the object in session rather than on the URL.
I would so something like this.
var stringNumbers = intNumbers.Select(i => i.ToString()).ToArray();
var qsValue = string.Join(",", stringNumbers);
Request.Redirect("Page.aspx?numbers=" + sqValue);
Keep in mind that if there are too many numbers the query string is not the best option. Also remember that anyone can see the query string so if this data needs to be secure do not use the query string. Keep in mind the suggestions of other posters.
Note
If you are using .NET 4 you can simplify the above code:
var qsValue = string.Join(",", intNumbers);
Make the object serializable and store it in an out-of-process session.
All pages on your web application will then be able to access the object.
you could serialize it and make it printable but you shouldn't
really, you shouldn't
The specification does not dictate a minimum or maximum URL length, but implementation varies by browser and version. For example, Internet Explorer does not support URLs that have more than 2083 characters.[6][7] There is no limit on the number of parameters in a URL; only the raw (as opposed to URL encoded) character length of the URL matters. Web servers may also impose limits on the length of the query string, depending on how the URL and query string is stored. If the URL is too long, the web server fails with the 414 Request-URI Too Long HTTP status code.
I would probably use a cookie to store the object.