Home Page Icon
Home Page
Table of Contents for
ABOUT THE AUTHORS
Close
ABOUT THE AUTHORS
by Rob Conery, Scott Guthrie, Scott Hanselman, Phil Haack, Jon Galloway
Professional ASP.NET MVC 2
Copyright
ABOUT THE AUTHORS
ABOUT THE TECHNICAL EDITORS
CREDITS
ACKNOWLEDGMENTS
FOREWORD
INTRODUCTION
WHO THIS BOOK IS FOR
HOW THIS BOOK IS STRUCTURED
WHAT YOU NEED TO USE THIS BOOK
CONVENTIONS
SOURCE CODE
ERRATA
P2P.WROX.COM
1. NerdDinner
1.1. FILE NEW PROJECT
1.1.1. Examining the NerdDinner Directory Structure
1.1.2. Running the NerdDinner Application
1.1.3. Testing the NerdDinner Application
1.2. CREATING THE DATABASE
1.2.1. Creating a New SQL Server Express Database
1.2.2. Creating Tables within Our Database
1.2.3. Setting Up a Foreign Key Relationship between Tables
1.2.4. Adding Data to Our Tables
1.3. BUILDING THE MODEL
1.3.1. Entity Framework
1.3.2. Adding Entity Framework Classes to Our Project
1.3.3. Creating Data Model Classes with Entity Framework
1.3.4. NerdDinnerEntities Class
1.3.5. Creating a DinnerRepository Class
1.3.6. Retrieving, Updating, Inserting, and Deleting Using the DinnerRepository Class
1.3.6.1. Querying Examples
1.3.6.2. Insert and Update Examples
1.3.6.3. Delete Example
1.3.7. Integrating Validation and Business Rule Logic with Model Classes
1.3.7.1. Schema Validation
1.3.7.2. Validation and Business Rule Logic
1.4. CONTROLLERS AND VIEWS
1.4.1. Adding a DinnersController Controller
1.4.2. Adding Index and Details Action Methods to the DinnersController Class
1.4.3. Understanding ASP.NET MVC Routing
1.4.4. Using the DinnerRepository from Our DinnersController
1.4.5. Using Views with Our Controller
1.4.6. Implementing the "NotFound" View Template
1.4.7. Implementing the "Details" View Template
1.4.8. Implementing the "Index" View Template
1.4.9. Convention-Based Naming and the Views Directory Structure
1.5. CREATE, UPDATE, DELETE FORM SCENARIOS
1.5.1. URLs Handled by DinnersController
1.5.2. Implementing the HTTP-GET Edit Action Method
1.5.3. Html.BeginForm and Html.TextBoxFor Html Helper Methods
1.5.3.1. Html.BeginForm Helper Method
1.5.3.2. Html.TextBoxFor Helper Method
1.5.4. Implementing the HTTP-POST Edit Action Method
1.5.4.1. Retrieving Form Post Values
1.5.5. Handling Edit Errors
1.5.6. Understanding ModelState and the Validation HTML Helper Methods
1.5.6.1. HTML Helper Integration with ModelState
1.5.6.2. Html .ValidationMessageFor Helper Method
1.5.6.3. Html.ValidationSummary Helper Method
1.5.7. Complete Edit Action Method Implementations
1.5.8. Implementing the HTTP-GET Create Action Method
1.5.9. Implementing the HTTP-POST Create Action Method
1.5.10. Implementing the HTTP-GET Delete Action Method
1.5.11. Implementing the HTTP-POST Delete Action Method
1.5.12. Model Binding Security
1.5.12.1. Locking Down Binding on a Per-Usage Basis
1.5.12.2. Locking Down Binding on a Type Basis
1.5.13. CRUD Wrap-Up
1.6. VIEWDATA AND VIEWMODEL
1.6.1. Passing Data from Controllers to View Templates
1.6.2. Using the ViewData Dictionary
1.6.3. Using a ViewModel Pattern
1.6.4. Custom-Shaped ViewModel Classes
1.7. PARTIALS AND MASTER PAGES
1.7.1. Revisiting Our Edit and Create View Templates
1.7.2. Using Partial View Templates
1.7.3. Using Partial View Templates to Clarify Code
1.7.4. Master Pages
1.8. PAGING SUPPORT
1.8.1. Index Action Method Recap
1.8.2. Understanding IQueryable<T>
1.8.3. Adding a page Value to the URL
1.8.3.1. Using a Querystring Value
1.8.3.2. Using Embedded URL Values
1.8.4. Adding Page Navigation UI
1.9. AUTHENTICATION AND AUTHORIZATION
1.9.1. Understanding Authentication and Authorization
1.9.2. Forms Authentication and the AccountController
1.9.3. Authorizing the /Dinners/Create URL Using the [Authorize] Filter
1.9.4. Using the User.Identity.Name Property When Creating Dinners
1.9.5. Using the User.Identity.Name Property When Editing Dinners
1.9.6. Showing/Hiding Edit and Delete Links
1.10. AJAX ENABLING RSVPS ACCEPTS
1.10.1. Indicating Whether the User Is RSVP'ed
1.10.2. Implementing the Register Action Method
1.10.3. Calling the Register Action Method Using AJAX
1.10.4. Adding a jQuery Animation
1.10.5. Cleanup — Refactor Out a RSVP Partial View
1.11. INTEGRATING AN AJAX MAP
1.11.1. Creating a Map Partial View
1.11.2. Creating a Map.js Utility Library
1.11.3. Integrating the Map with Create and Edit Forms
1.11.4. Integrating the Map with the Details View
1.11.5. Implementing Location Search in Our Database and Repository
1.11.6. Implementing a JSON-Based AJAX Search Action Method
1.11.7. Calling the JSON-Based AJAX Method Using jQuery
1.12. UNIT TESTING
1.12.1. Why Unit Test?
1.12.2. NerdDinner.Tests Project
1.12.3. Creating Unit Tests for Our Dinner Model Class
1.12.4. Running Tests
1.12.5. Creating DinnersController Unit Tests
1.12.6. Dependency Injection
1.12.7. Extracting an IDinnerRepository Interface
1.12.8. Updating DinnersController to Support Constructor Injection
1.12.9. Creating the FakeDinnerRepository Class
1.12.10. Using the FakeDinnerRepository with Unit Tests
1.12.11. Creating Edit Action Unit Tests
1.12.12. Mocking the User.Identity.Name Property
1.12.13. Testing UpdateModel Scenarios
1.12.14. Testing Wrap-Up
1.13. NERDDINNER WRAP-UP
2. Model-View-Controller and ASP.NET
2.1. WHAT IS MODEL-VIEW-CONTROLLER?
2.2. MVC ON THE WEB TODAY
2.2.1. Ruby on Rails
2.2.2. Django and Python
2.2.3. Spring, Struts, and Java
2.2.4. Zend Framework and PHP
2.2.5. MonoRail
2.3. ASP.NET MVC: THE NEW KID ON THE BLOCK
2.3.1. Serving Methods, Not Files
2.3.2. Is This Web Forms 4.0?
2.3.3. Why Not Web Forms?
2.3.4. Cost/Benefit of Web Forms
2.3.5. Should You Fear ASP.NET MVC?
2.3.5.1. It's the End of Web Forms!
2.3.5.2. It's Totally Different!
2.4. SUMMARY
3. ASP.NET > ASP.NET MVC
3.1. ABSTRACTION: WHAT WEB FORMS DOES WELL
3.1.1. A Basic Web Forms Application
3.1.2. The Importance of Events
3.2. THE LEAK: WHERE WEB FORMS DOESN'T EXACTLY FIT
3.2.1. ViewState
3.2.2. Controlling Your Angle Brackets
3.2.3. Client IDs
3.2.4. Testing
3.3. BACK TO BASICS: ASP.NET MVC BELIEVES...
3.3.1. Orchestration versus Composing
3.3.2. Separation of Concerns: What It Means
3.3.3. Approaches to Maintainability
3.4. CARING ABOUT TESTABILITY
3.5. COMMON REACTIONS TO ASP.NET MVC
3.5.1. This Looks Like Classic ASP from 1999!
3.5.2. Who Moved My <asp:Cheese runat="server"}>?
3.5.3. Yet Another Web Framework
3.6. WHY "(ASP.NET > ASP.NET MVC) == TRUE"
3.6.1. Convention over Configuration
3.6.2. Your First, er, Third, Request
3.6.3. The Request Life Cycle
3.7. SUMMARY
4. Routes and URLs
4.1. INTRODUCTION TO ROUTING
4.1.1. Compared to URL Rewriting
4.1.2. Defining Routes
4.1.2.1. Route URLs
4.1.2.2. Defaults
4.1.2.3. Constraints
4.1.3. Named Routes
4.1.4. Areas
4.1.4.1. Area Route Registration
4.1.4.2. Area Route Conflicts
4.1.5. Catch-All Parameter
4.1.6. StopRoutingHandler and IgnoreRoute
4.1.7. Debugging Routes
4.1.8. Under the Hood: How Routes Generate URLs
4.1.8.1. High-Level View of URL Generation
4.1.8.2. Detailed Look at URL Generation
4.1.8.3. Named Routes
4.1.8.4. Ambient Values
4.1.8.5. Ambient Values and Default Values without Corresponding URL Parameter
4.1.8.6. Overflow Parameters
4.1.8.7. More Examples of URL Generation with the Route Class
4.2. UNDER THE HOOD: HOW ROUTES TIE YOUR URL TO AN ACTION
4.2.1. The High-Level Request Routing Pipeline
4.2.2. Route Matching
4.2.2.1. RouteData
4.3. ADVANCED ROUTING WITH CUSTOM CONSTRAINTS
4.4. ROUTE EXTENSIBILITY
4.4.1. Editable Routes
4.5. USING ROUTING WITH WEB FORMS
4.5.1. Routing With Web Forms in ASP.NET 4
4.5.2. Routing with Web Forms in ASP.NET 3.5
4.6. SUMMARY
5. Controllers
5.1. HISTORY OF THE CONTROLLER
5.2. DEFINING THE CONTROLLER: THE ICONTROLLER INTERFACE
5.3. THE CONTROLLERBASE ABSTRACT BASE CLASS
5.4. THE CONTROLLER CLASS AND ACTIONS
5.4.1. Action Methods
5.4.1.1. Working with Parameters
5.4.1.2. Working with Multiple Parameters
5.4.1.3. Default Parameters
5.5. THE ACTIONRESULT
5.5.1. Action Result Types
5.5.1.1. EmptyResult
5.5.1.2. ContentResult
5.5.1.3. FileResult
5.5.1.4. JsonResult
5.5.1.5. JavaScriptResult
5.5.1.6. RedirectResult
5.5.1.7. RedirectToRouteResult
5.5.1.8. ViewResult
5.5.1.9. PartialViewResult
5.5.2. Action Result Helper Methods
5.5.3. Implicit Action Results
5.6. ACTION INVOKER
5.6.1. How an Action Is Mapped to a Method
5.6.1.1. Action Method Selection
5.6.1.2. ActionNameAttribute
5.6.1.3. ActionSelectorAttribute
5.6.1.4. AcceptVerbsAttribute
5.6.1.5. Simulating RESTful Verbs
5.6.2. Mapping Parameters
5.6.3. Invoking Actions
5.6.4. Using Asynchronous Controller Actions
5.6.4.1. Choosing Synchronous versus Asynchronous Pipelines
5.6.4.2. Writing Asynchronous Action Methods
5.6.4.3. The MVC Pattern for Asynchronous Actions
5.6.4.4. Performing Multiple Parallel Operations
5.6.4.5. Using Filters with Asynchronous Controller Actions
5.6.4.6. Timeouts
5.6.4.7. Additional Considerations for Asynchronous Methods
5.6.5. Passing Data to Actions: The Model Binders
5.6.5.1. Using UpdateModel to Update the Model
5.6.5.2. Validation with Data Annotations
5.6.6. A Word about User Input
5.7. SUMMARY
6. Views
6.1. WHAT A VIEW DOES
6.2. WHAT A VIEW SHOULDN'T DO
6.3. SPECIFYING A VIEW
6.4. STRONGLY TYPED VIEWS
6.5. VIEWMODELS
6.6. HTML HELPER METHODS
6.6.1. HtmlHelper Class and Extension Methods
6.6.2. Using the HTML Helpers
6.6.2.1. Strongly Typed HTML Helpers
6.6.2.2. Html.Encode
6.6.2.3. Html.TextBox
6.6.2.4. Html.ActionLink and Html.RouteLink
6.6.2.5. Html.BeginForm
6.6.2.6. Html.Hidden
6.6.2.7. Html.DropDownList and Html.ListBox
6.6.2.8. Html.Password
6.6.2.9. Html.RadioButton
6.6.2.10. Html.Partial and Html.RenderPartial
6.6.2.11. Html.Action and Html.RenderAction
6.6.2.11.1. Passing Values With RenderAction
6.6.2.11.2. Cooperating with the ActionName attribute
6.6.2.12. Html.TextArea
6.6.2.13. Html.ValidationMessage
6.6.2.14. Html.ValidationSummary
6.6.3. HTML Template Customization
6.7. THE VIEW ENGINE
6.7.1. Configuring a View Engine
6.7.2. Finding a View
6.7.3. The View Itself
6.7.4. Alternative View Engines
6.7.4.1. Spark
6.7.4.2. NHaml
6.7.4.3. NVelocity
6.7.4.4. Brail
6.8. NEW VIEW ENGINE OR NEW ACTIONRESULT?
6.9. SUMMARY
7. AJAX
7.1. WHEN AJAX IS COOL
7.2. WHEN IT'S NOT
7.3. AJAX EXAMPLES
7.3.1. Handling Disabled Scripting
7.3.2. Using Partials for Rendering
7.3.3. Some Things You May Not Know about Microsoft ASP.NET Ajax
7.3.4. How It Works
7.3.4.1. Script #
7.3.5. Updating an HTML Element When Submitting a Form
7.3.6. The AutoComplete TextBox
7.3.7. Implementing AutoComplete with Microsoft ASP.NET Ajax
7.3.8. Filtering Data with a Selectbox
7.3.9. The Modal Pop-Up with jQuery
7.3.10. The Modal Pop-Up Code
7.3.11. The Rating Control
7.4. SUMMARY
8. Filters
8.1. FILTERS INCLUDED WITH ASP.NET MVC
8.1.1. Authorize
8.1.2. RequireHttps
8.1.3. OutputCache
8.1.3.1. API
8.1.3.2. Difference with the @OutputCache Directive
8.1.3.3. Usage Examples
8.1.4. Exception Filter
8.1.5. Custom Filters
8.1.5.1. ActionFilterAttribute
8.1.5.2. Action Filter Contexts
8.1.5.3. ActionExecutingContext
8.1.5.4. ActionExecutedContext
8.1.5.5. ResultExecutingContext
8.1.5.6. ResultExecutedContext
8.2. WRITING A CUSTOM ACTION FILTER
8.3. WRITING A CUSTOM AUTHORIZATION FILTER
8.4. WRITING A CUSTOM EXCEPTION FILTER
8.5. FILTER ORDERING
8.6. FILTER NAMING
8.7. SUMMARY
9. Securing Your Application
9.1. THIS IS A WAR
9.1.1. What Do Hackers Want?
9.1.2. How Do They Get It?
9.1.2.1. Case Study: DEFCON's Capture the Flag
9.1.2.2. Case Study: Deception and Hacking into the Server Room
9.1.2.3. Case Study: Social Engineering and Kevin Mitnick
9.2. WEAPONS
9.2.1. Spam
9.2.2. Case Study: Profiting from Evil with the Srizbi and Storm Botnets
9.2.2.1. The Storm Worm
9.2.2.2. The Srizbi Trojan
9.2.2.3. The Conficker Worm
9.2.3. Digital Stealth Ninja Network
9.3. THREAT: CROSS-SITE SCRIPTING (XSS)
9.3.1. Threat Summary
9.3.1.1. Passive Injection
9.3.1.2. Active Injection
9.3.2. Preventing XSS
9.3.2.1. HTML Encode All Content
9.3.2.2. Html.AttributeEncode and Url.Encode
9.3.2.3. JavaScript Encoding
9.3.2.4. Using AntiXSS as the Default Encoder for ASP.NET
9.4. THREAT: CROSS-SITE REQUEST FORGERY
9.4.1. Threat Summary
9.4.2. Preventing CSRF Attacks
9.4.2.1. Token Verification
9.4.2.2. Idempotent GETs
9.4.2.3. HttpReferrer Validation
9.5. THREAT: COOKIE STEALING
9.5.1. Threat Summary
9.5.2. Preventing Cookie Theft with HttpOnly
9.6. THREAT: OVER-POSTING
9.6.1. Threat Summary
9.6.2. Preventing Over-Posting with the Bind Attribute
9.7. KEEPING YOUR PANTS UP: PROPER ERROR REPORTING AND THE STACK TRACE
9.8. SECURING YOUR CONTROLLERS, NOT YOUR ROUTES
9.8.1. Using [Authorize] to Lock Down Your Action or Controller
9.8.2. Using [NonAction] to Protect Public Methods
9.9. SUMMARY: IT'S UP TO YOU
10. Test Driven Development with ASP.NET MVC
10.1. A BRIEF INTRODUCTION TO TDD
10.1.1. What Does TDD Look Like?
10.1.1.1. Write a Unit Test That Fails
10.1.1.2. Write Just Enough Code to Make the Test Pass
10.1.1.3. Refactor the Code
10.1.1.4. Repeat
10.1.2. Writing Good Unit Tests
10.1.2.1. Tests Should Not Cross Boundaries
10.1.2.2. Default Unit Tests
10.1.2.3. Only Test the Code That You Write
10.1.3. What Are Some Benefits of Writing Tests?
10.1.4. How Do I Get Started?
10.2. APPLYING TDD TO ASP.NET MVC
10.2.1. Testing Routes
10.2.2. Testing Controllers
10.2.3. Redirecting to Another Action
10.2.4. Testing View Helpers
10.2.5. Testing Views
10.3. SUMMARY
11. Testable Design Patterns
11.1. WHY YOU SHOULD CARE ABOUT TESTABILITY
11.1.1. Big Design Up Front (BDUF)
11.1.1.1. General Process
11.1.1.2. Testability Considerations
11.1.2. Agile Software Development
11.1.2.1. General Process
11.1.2.2. Testability Considerations
11.2. YOU WANT TO WRITE TESTABLE CODE
11.3. USING TESTS TO PROVE YOU'RE DONE
11.4. DESIGNING YOUR APPLICATION FOR TESTABILITY
11.4.1. Future-Proofing Your Application with Interfaces
11.4.2. The Single Responsibility Principle
11.4.3. Avoid Using Singletons and Static Methods
11.4.3.1. Singletons and Tight Coupling
11.4.3.2. The Myth of Singleton Performance
11.4.3.3. Static Methods and Global Variables
11.5. TESTABLE DATA ACCESS
11.5.1. Creating the Model
11.5.2. The Repository Pattern in Detail
11.5.2.1. The Northwind Product Repository
11.5.2.2. Implementing a Repository Stub
11.5.2.3. Implementing the Real Thing with Integration Tests
11.6. IMPLEMENTING BUSINESS LOGIC WITH THE SERVICE LAYER
11.6.1. Services Gone Wild
11.6.2. Partial Solution: Setting Controller Dependencies Manually
11.6.2.1. Best Solution: Using Dependency Injection
11.6.2.2. Dependency Injection with StructureMap
11.7. SUMMARY
12. Best of Both Worlds: Web Forms and MVC Together
12.1. HOW IS IT POSSIBLE?
12.2. INCLUDING MVC IN EXISTING WEB FORMS APPLICATIONS
12.2.1. Step 1: Referencing the Required Libraries
12.2.2. Step 2: Creating the Necessary Directories
12.2.3. Step 3: Updating the Web.config
12.3. ADDING WEB FORMS TO AN EXISTING ASP.NET MVC APPLICATION
12.3.1. The Easy Part: Do Nothing
12.3.2. When/Home/Isn't/Home/
12.3.3. Using System.Web.Routing to Route to Web Forms
12.4. SHARING DATA BETWEEN WEB FORMS AND MVC
12.4.1. Using Route Parameters
12.4.2. Using HTTP-POST
12.4.3. Using the ASP.NET Session
12.4.4. Using Cross-Page Posting
12.4.5. Using TempData
12.5. MIGRATING FROM WEB FORMS TO MVC
12.5.1. Step 1: Create an Empty ASP.NET MVC Project with a Test Project
12.5.2. Step 2: Implement the Structure
12.5.3. Step 3: Add Images and Styling
12.5.4. Step 4: Set Up Routing and Controllers
12.5.4.1. Setting Up the Routing
12.5.4.2. The ClubSiteMVC Controllers
12.5.5. Step 5: Replace Complex Server Controls
12.5.5.1. Options for Control Replacement
12.5.5.2. Not Invented Here?
12.5.6. Step 6: Upload Files and Work with Images
12.5.6.1. Taking a Step Back
12.5.6.2. Using HttpRequest
12.6. SUMMARY
13. What's New in ASP.NET MVC 2
13.1. SECURITY
13.1.1. HTML Encoding Code Blocks
13.1.2. JsonResult
13.2. PRODUCTIVITY
13.2.1. Strongly Typed HTML Helpers
13.2.2. Templated Helpers
13.2.2.1. Templated Helper Methods and Conventions
13.2.2.2. Example: Using a DateTime Editor Template
13.2.3. Model Validation
13.2.3.1. Defining Validation Rules with Data Annotations
13.2.4. Client-Side Validation
13.2.5. Model Metadata
13.2.6. Html.Action and Html.RenderAction
13.2.7. Code Snippets in Views
13.2.8. Organize Projects with Areas
13.3. PERFORMANCE: ASYNCHRONOUS CONTROLLER ACTIONS
13.4. MISCELLANEOUS
13.5. SUMMARY
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Copyright
Next
Next Chapter
ABOUT THE TECHNICAL EDITORS
ABOUT THE AUTHORS
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset