Sponsored by Gluten Free Waffles and Sliced Bananas

Tuesday, March 30, 2010

ASP.NET MVC: DRY Design with Partial Views

6:44 PM Posted by Tyson Nero No comments
The use of partial views in MVC is an example of DRY (Do Not Repeat Yourself) design. Partial Views are comparable to user controls in Web Forms and also share the same .ascx extension.

To create a partial view, simply check Create a partial view (.ascx) when adding a new view. Copy any implementation into the new view that you would like to share across other views. To render your partial view in other views, use the below syntax:

<% Html.RenderPartial("PartialViewName"); %>

Monday, March 29, 2010

Using Reserved Keywords in SQL Server (T-SQL)

2:02 PM Posted by Tyson Nero 1 comment
It's a very basic concept, but for the new database developer, it can cause fits. One T-SQL reserved keyword is "description" which is commonly used as a column name for instance. You probably should not get in the habit of using reserved keywords as column names and such, but if you do, the proper way to express them is by enclosing the name in brackets as so: [description].

SELECT [description] from Table1

Thursday, March 25, 2010

MVC: HtmlHelpers Are Extension Methods

4:36 PM Posted by Tyson Nero No comments
Take a stroll through the Object Explorer to the System.Web.Mvc.Html namespace, and you will actually find that MVC HtmlHelper methods are actually Extension Methods of the System.Web.Mvc.HtmlHelper class.

namespace System.Web.Mvc.Html
{
    public static class SelectInputExtensions
    {
        public static string DropDownlist(this HtmlHelper htmlHelper, string name) { }

        public static string DropDownlist(this HtmlHelper htmlHelper, string name, IEnumberable items) { }
    }
}

MVC: Model Binding Security

4:04 PM Posted by Tyson Nero No comments
If you want to limit what model properties can be updated from the controller, use the [Bind] attribute. You can the Bind attribute's Include and Exclude propeties to controls what properties are bindable.

Lock down model binding at the per-usage level:
  1. Create an array of allowed properties
  2. Call UpdateModel passing in your model object and the array of allowed properties
string[] allowedProperties = new[] {"Property1", "Property2"};

UpdateModel(modelObject, allowedProperties);
OR
  1. Add the [Bind] attribute to object passed into your action method
  2. Use the Include or Exclude property to control the bindable model properties
public ActionResult Create([Bind(Include="Property1,Property2")] ModelObject modelObject) 
{
    ...
}
Lock down model binding at the type level for all scenarios:
  1.  Add the [Bind] attribute to a particular interface or class
  2. Use the Include or Exclude property to control the bindable model properties
[Bind(Include="Property1,Property2")]
public partial class ModelObject
{
    ...
}
OR
  1. Register the [Bind] attribute within the Global.asax file when you don't have access to the type definition.