ASP.NET MVC forbid access after form was submited - asp.net

I am building a survey where customers are sent a direct link with an id that relates to the database so we can know who the customer is without them having to fill in their personal information. I based it off the Edit scaffolding since the row is precreated in the database and only needs to be edited to fill in the questions.
For clarity, the url is mydomain.com/controller/action/id -> where id is the PK of the row that holds the answers to the survey.
The issue I'm facing is that if they visit the direct link again they can edit the survey as many times as they want. I want to make it so once it is submitted the link leads to page that says "survey already submitted"

Add a Boolean column to the row, and set it to true the first time the survey is submitted. In the method that loads the survey, check the value of this column before returning the view. If the value is true, redirect to another controller action, which lands the user to the 'Survey already submitted' page.

You have a few options ahead of you. Effectively you want to disable the survey if it has been submitted.
Two solutions I can think of are:
If the survey has already been filled out, don't let them edit it.
If you want the users to have the ability to edit a survey prior to submitting it, have a "SubmittedOn" Date field. If that field is populated, the Survey is complete and unable to be edited.

Related

Populate data based on the response given in Google Form

I have created two sections
First Section I have Order ID after entering the order ID and I click Next - In second section I want to populate order id's related data like (Name, Address, list of orders) All these data are available in an excel sheet, Once it is populated I would like the user to confirm their orders are correct and then hit submit.
Is this possible using google form or any add-ons for Google forms?
Thanks!
i read your question
As far i know about google form, google form don't give option to recheck your pre-filled options. So, what we can do is to give a confirm button at the end which is must required to fill.
You can see it through this example.
https://docs.google.com/forms/d/e/1FAIpQLSchhhCjcyQe-ZTdl8pFF-ETLPGFTXPcuqQGDGQ1nMbtcwOnGQ/viewform?usp=sf_link
If you want to create a more user defined form you can make it from simple html and php.
hope this will help you.
thanks!

Wordpress: Counter for page views to be inserted in a different page

I have been looking for a plugin in wordpress that allows me to insert a page view counter in a different page: I´ll explain;
In page A I have buttom with a contact form to vote a video (it is a video contest). This contact form sends the voter an email with a link to page B so that they can validate their email this way. Every visit to page B will be counted as a vote.
The thing is that I want to count the number times that page B is accessed to show it in page A (to show the number of votes next to the video).
It seems pretty straightforward but I can´t find an easy way to do this. Do you think you could help me?
Thanks!
Guzmán
If a very small number of people will access the page you can just store a value in WordPress and add to it each time. If you expect a lot of users on the page at once you may need a more complex method.
For a lightly trafficed page, with the risk that some visits might not be counted you could leverage the post meta and simply store a counter variable. If two people viewed the page at the same time they could get the same value for the counter variable and so they would not properly increment the variable.
You could add this to the template for the page in question:
$vcount = get_post_meta($post->ID, "view_counter");
add_post_meta($post->ID, "view_counter", $vcount+1, true);
So two people accessing the page would end up with equal $vcount variables. To display the count you'd just need the post id for the post you saved the meta to: print get_post_meta(<POSTIDHERE>, "view_counter", true);
If you need to have a more robust solution, you'd want to store a unique value for each visitor and then to report the total you would count the values and display it. So you could store the visitor's IP address as a multi-value meta:
add_post_meta($post->ID, "view_counter", $_SERVER['REMOTE_ADDR'], false);
Then to display the count you'd need to count the number of post meta values stored with the view_counter key:
$ips = get_post_meta(<POSTIDHERE>, "view_counter", false);
$views = count($ips);
print "Total views: $views";
This is just a sample solution, you should probably check to see if an IP already exists and consider throttling individual IPs. You could also risk filling your database if you have a small shared server unless you write some additional code to keep this from being abused since it adds data to your database on every page view. Finally this will not work correctly if you have any type of caching enabled.
Depending on the plugin that you are using for your contact form you may also be able to report the number of times that the contact form was submitted by querying the database directly.
For more information see the documentation for add_post_meta and get_post_meta
(disclaimer, code written from memory and documentation, not tested)

filtering datagrids

In a simple scenario there is a webpage with a datagrid containing 2 columns; first name and country. There's a filter set on the grid to filter out all Australians. There's a form on the same page to add new records and a user decides to add someone from Australia. This record does not meet the filter criteria so would not normally display. However, this might be confusing from the users perspective as they might not have confidence that the person has been successfully added or have forgotten that the filter will mean the new entry is not displayed.
What is the best way to handle this from a usability perspective?:
display the new entry but leave the list in a state inconsistent
with the filter criteria?
filter out the new entry but risk confusing the user?
provide feedback to the user that the record was successfully
added but may be filtered out of the list?
?
Three tools I use, Mingle, Jira, and Quicken, use this implementation very effectively; a slight modification to your number 3:
Provide feedback to the user that the record was successfully added, but won't be shown, and provide a link to the record using its record identifier (record number + title).

How to create a form with variable no. of field set

I have to design a page for user information, for some background verification purpose, at my work. I need a set of fields for address, total count of which will be selected by user to update the form with that many fields. So, if user selects 3, form will have 3 set of address fields. Similar concept for work and education details.
Right now, I am passing the count to a handler page, which checks total count, and return it along with querystring, back to the main page. I am able to update the no. of fields, this way, but, all values are lost, once I return to the form. There are a lot of fields to even use session object for every value. Also, it resets the count of other such field set to 0. So, if I select 4 in address field, it renders four set of address fields, but fields for other details are gone.
I need to know, if it is possible to update the fields, using just one page, instead of creating a handler file to handle the redirect, so that I don't lose other data.
Sorry, for sounding a bit confusing. Will update the question, if needed.
Edit:
Similar blocks are there for education and work details. I want the update button to update the block, with that many fields, while retaining the values already entered by the user.
I have finally shifted the update code to one page. And the total count of blocks, is calculated by this way.
if request.form("addresscount") <> "" then
varaddresscount = request.form("addresscount")
else
varaddresscount = 1
end if
varaddresscount is used to loop through the html code which renders address fields. Even with this method, if I click on update button to change the total field count, every value entered by user is reset to default. Is there a way to retain the no. of fields without using session object, as there are way too many fields for which I have to store the value in session.
Why not have just a "add address" button that, whenever clicked, adds a extra set of input boxes using Javascript? That solves a lot of your problems regarding retaining the data on already filled in fields AND it makes it easier for the user.

Processing variable number of form fields

I am working on a form which displays information about orders. Each order has a unique id, but they are not necessarily sequential on the form. Also, the number of fields can vary (one field per row on the form). The input into the form will not be mapped straight into the database, but will be added to the current value in the database, and then saved. An example of the form is in the picture below - the callout on the right shows the id for each row.
I know how to generate the form like this, but I can't work out how I can easily process each of these rows reliably. I also know how to give each of the fields a unique identifier, like name="order-23" or name="order[23]", but how can I translate that name so that I can update the related record in the database?
EDIT: One solution I can think of would be to iterate through every form field in the FormCollection, and if the name of the field matches the pattern, then I will extract the number from that field-name and process it.
However, I feel that there must be a much easier way to go about it - this method would likely involve a fair bit of string processing on each field, and there would possibly fall over if I have to add extra fields for each row later on.
Don't you have a list of IDs after postback? I believe you should not depend on what IDs are actually sent from the form, as anybody could change the IDs on the form to whatever they want, so it's a security issue. So you should after postback have a list of IDs you want to update (the same list you used to create the form with). In that case, you know exactly what id string you should use to retrieve the value from FormCollection.
In case you really can't get the list of IDs you are going to update, just use the FormCollection iteration as you suggested in your comment. The string processing is not that expensive in comparation with all other stuff being done at request processing.
If you have the names, then simply read the values by using Request.Form["order-23"] or re-create the controls in page pre-init and you'll have access to the values in your save event directly through the created controls.
I've done this loads in my CMS.
Essentially i sort of cheated.
The idea is something like this ....
render the form to the client, then look at the source code gneerated.
You should see that it generated a form tag with an action attribute.
When you click the submit button the form will be sent to that url so in the case of an order submission you would post the page back to OrderPage.aspx?OrderId=xxxx
then on the server you would build an update statement for your db that contained something like ...
"Update orders where order id =" + request.querystring["OrderId"]
So how do you update the action ...
In the calling page lets say you have a link called "New Order", when that link is clicked you need to do 2 things ...
redirect to this page.
generate an order id for this new order.
ok the first is simple, simply link it to this page.
the second ...
if this page is not a postback if(!IsPostback) { /* get a new id */ } depending on your order id's this may involve generating a new guid or doing something like getting the next number in a list by doing a select max(id) from a db.
once you have this new id you should still be in the page_load event.
this.form.Action = this.form.Action + "?OrderId=" + yourNewOrderId;
... tada ...
Send page back to the client.
view the source.

Resources