ASP.Net MVC2 Passing Parameters in URL - asp.net-mvc-2

After using the original MVC for sometime I am getting familiar with MVC 2, but I would like to know whether there is away of passing values from a form, like a user name and password, which is not sent as part of URL when moving on to the next page?
I have a basic form that takes in a few values binding to an entity and then the next thing I do is call my model level for the database. After that I return RedirectToAction.
Can anyone advise me, please?

When you redirect you are loosing all POSTed values that were present in the form. A redirect means a new GET request and a GET request means that if you want to be able to retrieve those values on the target action you have a couple of choices:
Save them in the database and pass only the id as query string parameter that will allow the target action to retrieve them
Pass all values as query string parameters
Use TempData or Session (not recommended)

Related

Getting data via query params vs a database query to send nonsensitive data

I want to know when to use URL query params to pass data between pages vs querying the database directly, and what the best practices around this is. Here's my specific scenario:
I have a site where, if users solve a puzzle, I redirect them to a url like this:
http://myawesomedomain.com/correct?puzzle_id=174&answer_id=107750&message_code=4
The message_code signals the kind of message they should receive ("you've earned all the points!", "you earn half points because you had more than 5 incorrect answers", etc). And the puzzle_id is used to populate some puzzle-specific data/responses. The answer_id is a user specific and puzzle specific id for this given instance.
However, I could get all this data by just include the answer_id param in my url and then querying my answers table for the puzzle_id and message_code values. Then my url would just be this:
http://myawesomedomain.com/correct?answer_id=107750
My current logic is that if I can pass it in the url and avoid a database call, that would be better/faster, but I'm curious what the general industry standard is. Is there a best practice around how much/when to put non sensitive data into url params?

RESTful url - getting new subentity

There are 2 models: Entity and Subentity. Entity can have many connected Subentities (one:many relation).
There is a method on server that returns new Subentity (let's call it GetEmptySubentity). Point is, when you want to create new Subentity, you press a button, and model comes from server with some fields pre-filled. Some of those Subentity pre-filled values depend on according Entity, so I need to pass an Entity id in this request.
So should the correct url to get the empty Subentity be like /Entity/{id}/Subentity/empty? Or I am getting something wrong?
Yes you are. According to the uniform interface / hateoas constraint you should send hyperlinks to your REST clients and they should use the API by following those hyperlinks. In order to do this you need a hypermedia format, for example HTML, ATOM+XML, HAL+JSON, LD+JSON & Hydra, etc... (use google). So by HTML the result should contain a HTML form with input fields having default values, etc... You should add semantics to that for with RDFa and so by processing the HTML your REST client will know, that the link is about creating a new resource. Ofc it is easier to parse the other hypermedia formats. By them you can use the same concept with RDF (by JSON-LD or ATOM for example), or you can use link relations with vendor specific MIME types (by HAL or ATOM for example), or your custom solution which describes those input fields. So you usually get the necessary information with the hyperlink, and you don't have to send another request to get the default values.
If you want to make things complicated, then you can send a request for the default values to the entity itself in order to send the values of properties, and not to send a form with input fields. Optionally you can send a request which returns the entire link, for example GET /Entity/{id}/SubEntity/offset=0&count=0 can return an empty array of subentities and the form for creation. You can use additional query or path parameters if that form is really big, and you don't want to send it with every response related to the SubEntity collection. The URL specification says only that the path should contain the hierarchical part and the query should contain the non-hierarchical part of the URL.
Btw. REST is just a delivery method, you don't have to map it to your database entities. The REST resource and URL structure can be completely different from your database, since you can use any type of data storage mechanisms with REST, even the file system...

How do I trigger form validation without binding a request?

I have a very long order form that enables saving drafts. If saved as draft, only order name is required but when actually placing an order a more thorough validation is required. I implemented this by using different validation groups. When editing the order I display two buttons: "Save draft" and "Place order". Each of them performs validation using a different validation group.
But now I would like to make a button on the list of orders which enables to change order status from 'draft' to 'placed' directly. To do so, validation must be performed without displaying edit form and submitting it. I would just like to validate the entity that is already in the database. I can use the validator service and everything is simple as long as the data is valid. But in case data isn't valid, I would like to redirect user to the edit form with fields with missing data highlighted. The idea seems to load data from database into the form and run validation as if that data were sent using a browser but execution of this doesn't seem to be trivial because Symfony2 triggers validation on form only when binding the request.
I was going through the Symfony source code and found s class called Symfony\Component\Form\Extension\Validator\EventListener\ValidationListener. It seems to attach itself on the FormEvents::POST_SUBMIT event. Is there a way to trigger this event manually from the controller without request binding? Or are there any alternative approaches to my problem?
Just to point out the correct answer already given by Matjaž Drolc in the comments:
If you want to validate a form without getting the data from the request, you have to call the form->submit() function, because Symfony does not validate the fields if they are not marked as submitted, which is done by this function.
Call the function like this
$form->submit(array(), false);
With an empty array as the submitted data and not clearing the missing fields.

ATG Form handling - Form values getting retained on successful submission

In ATG form Handling, i have a scenario, where the success and error URL are same? This Formhandler is for creating/Editing/Deleting the Gift certificate.
When ever we add a Gift certificate entering all the fields in the page, it gets added to the cart? but the form fields are getting retained in the input fields? It should get retained only in case of error in validation, but on success it should remove all the user enter fields in the input fields.
i cannot set value="", as this will fail in error flow where i need to show the user entered values along with the invalid field data entered.
Do we need to manually reset the values to empty string or is there any better way?
Please suggest?
Is your form handler session scoped? If you do not need the values post submission in the form handler input fields, you can make it request scoped, the values will be cleared after the request is handled.
If you are saying the fields are stored even when your form handler is session scoped, I would like to know how that is happening.
If you want to display the incorrect entry by the user, add it to the form Exceptions with the formatted message, so you don't need it later.
Hope this helps.

CakePHP how to write a search form to display results

I am writing a search form in CakePHP 2.0, current I have set it up running with the index action and view (it also posts to the index action) with validation against the model so that if anything incorrect is entered into a search field (fields include date, price) there is a nice validation error message next to the element. Basically it is a bit like a scaffolded add form.
If validation is successful I need to actually run a query and return some data. I don't want to display this data in the index view - should I:
Run the query then render a different view (which means the URL doesn't change - not sure I want that).
Store the search parameters in a session, redirect off to another action then retrieve the search details.
Is there any other way?
Both options are ok. You must decide what you like more, to not change the url or to change it?
you may also use the named parameters to pass the info so a user can bookmark their request, though it would need to do the validations in the same page as where it shows results. I usually do this with the cakedc search plugin.
Returning to your two options, if you mean which is better in performance i would choose number one, since the second one needs to load a new model/controller etc