I have decided to use ASP.NET MVC to develop multi page (registration) forms in asp.net. There will be two buttons on each page that allows the user to navigate to the previous and next page. When the user navigates back to a page they recently filled out, the data should be displayed to them. I understand ASP.NET MVC should remain stateless but how should I maintain page information when the user navigates back and forth.
Should I?
Save the information to a database and retrieve information for each page change?
save information to the session?
Load all the fields and display only whats's needed with javascript?
This registration form is going to be used in multiple sites but with different sets of questions (Some may be the same). IF performance is a main concern, should I avoid generating these forms dynamically?
Jay
This sounds like the kind of information that you would want to store in a user session. What session store is used can be configured, so you could use a database to store session for users if that would be a better fit than using in-process session.
Related
I am attempting to add the Html.AntiForgeryToken() to the login form of a MVC3 site. This form is on every page of the site. I have noticed that if the user opens multiple tabs on the site, and then goes back to an old tab and submits the login form, the tokens on the other tabs become invalid, even when using salt. Is there any way to work around this?
This is just one example, there are other forms on the site that users seem to be opening multiple tabs to.
We have same issue on our e-commerce websites.
In my situation user can put things to his basket without logging in. But after opening several tabs without logging in, user decides to login and tries to add all products after logging in in one tab and that's where error lies.
So I decided to put a get on this pages just before submitting the form to get a new AntiForgeryToken.
I created a new partial view with only Html.AntiForgeryToekn in it and calling it via AJAX before submitting the form. And replace __RequestVarificationToekn value on form with the new one.
I Hope this solves the issue for you.
Are you using FormsAuthentication to login? If yes then the same token instance is being shared across multiple tabs while logging in, and hence all users with existing cookies will run into trouble. To work around this, please follow this post for further help
MVC-ANTIFORGERY-TOKEN
I'm building a system which can create forms during runtime. System is written for WinForms and works well for creation of Windows forms and reports. Forms are written to the database as XML.
Now I want to extend that principle to web domain. On Default.aspx for example I plan to put placeholder and write code for creation of web controls.
The question that bugs me is - how can I open such web page from my WinForms appliaction? I need to open it in default browser and transmit ID to it.
The sequence is this - Design the form, save it to database, open a web page with form rendered on it.
Ok so taking the trival example of saving a form to the DB it will get an ID.
You can then have an ASP.Net page that expects to be passed a param on the QS of formid=1
so
http://yoursite/formbuilder.aspx?formid=1
Within your page you can then check if that id is passed in on the querystring and create the form that way.
To open the browser you can do something similar to this
System.Diagnostics.Process.Start("http://<yoursite>/formbuilder.aspx?formid=1");
I'm currently developing a website using Visual Studio 2010. As you all might know, creating a new website here automatically adds an Account folder which contains webpages like Login.aspx, etc. I am implementing this Login.aspx which contains the ASP.NET Login control. It's now functioning the way it should but I have a few concerns.
Before, I used to create my own UI for the log-in so managing sessions is not a problem to me. But since i'm currently using the Login.aspx which has a CS file almost empty, i don't have an idea where I can start implementing my session. Meaning to say, I don't know how to check programatically if the user has been successfully logged in so I can start implementing my session.
I would very much appreciate any pointer regarding this matter.
Thanks in advance. :)
You could subscribe for the Authenticate event and perform some custom authentication logic. Also you may take a look at the following article.
There are events associate with ASP.NET Login Control that you can use to create session like OnLoggingIn. Moreover you can find more about user validation from here Validating User Credentials Against the Membership
Is there any way for one user control to raise an event that is handled by another user control without going through the page? I am using Umbraco and do not have access to the page object.
--Edit--
Umbraco has the idea of Macro's (user controls) that it loads into pages. I can't access the page directly as this is part of the framework.
There is a publish subscribe (pubsub) pattern that I know would fit my needs well (2 user controls that need to talk to each other) but am unsure how to hook it up in ASP.Net without the page object.
ANy help would be really appreciated.
I'd recommend that you use Webforms MVP if you want to do that, it has a concept of cross-presenter messaging, allowing you to raise a message on one presenter which is consumed by another.
There's a video of how to use it on their site.
We have an old web app written in classic ASP. We don't have the resources to rewrite the app.
I know that asp and aspx pages can coexist in the same ASP.NET web app, but it appears as those you cannot share Application and probably Session variables across these two groups of page extension types.
I was hoping to do new development in ASP.NET and to in theory, convert the Classic ASP pages over as we go.
Is there a way to share IIS variables across these two types of web pages (aside from passing information using the query string and forms fields)?
There is no straigthforwad solution for sharing session variables between classic ASP and ASP.NET. I would recommend you to persist sessions into a database, like it is described in this Microsoft Article. This way both ASP and ASP.NET can access session variables.
Not a direct way. You could consider using a shared database backend for your session state.
You could create a simple table in your DB to store the "session" info in. Both the classic asp and the .net pages could read and write there.
The only ways to pass this data would be GET/POST values, cookies, flat file, or storing the data to the database. There is nothing "Built In" to the .Net framework to do this.
I have seen another solution aside from using the database as shared session holder. I should say beforehand that using the database option is probably much better than this. But...
You can create an ASP page whose only function is to store into and retrieve from the ASP session state. From your ASPX page you can make a webrequest to your ASP page and return any session information in the header, querystring, or even do a scrape of the restulant load. Alternatively you can return an XML stream and make a poor man's web service.
I addition, you could get session state from ASP.NET by doing the opposite and making a .NET page that access session info and returns it.
It's not a good idea and fraught with security problems. I have seen it done is all I'm saying. It's really probably best to rely on the database and possibly pass session ID around.
Well I just have faced this problem, and want to tell you that just were able to solve it in one way. The solution was relatively easy and actually depends on your original development, in my case the system flow requires to log-in in a default.aspx page and after validating the user/password are correct the page Init.asp is executed and exactly there many session vars are created and loaded (actually are just the minimum needed) after that the last instruction redirects the user to mainmenu.aspx and form that page we call .aspx and .asp files.
This solution worked for me just because of the election the original developer made when designed this ASP 3.0 application and as you can imagine I can't retrieve those values in the asp.net pages.
I just went through this. My solution was to wrap it all in a nodejs app. I dole out JWT tokens from .NET web API that have all the users claims encoded in the payload. This token gets stored in a cookie on the client. The cookie will automatically get submitted on each request to your domain so all you need to do is read the cookie value from the header and decode the payload (in ASP.NET and Classic ASP independently). Once you read the contents, you can simply set the session variables to match those that were embedded in the JWT token.
I prefer this method because it has 0 database synchronization necessary and moves your application to OAuth2 openid and away from session.