I spent an hour today looking at the Miniblog project and was quite impressed. I had no idea that you can do some of the things he did with MVC. What he did with robots.txt and the sitemap seems pretty cool and the rewrite section in web.config was an eye opener for me.
So this Segways into a couple of questions for me.
I see how he created views with almost a single file, but how did he do this without a controller?
I ask this because I think MVC really needs a CMS package so it can be more like Wordpress, in which website owners can create new pages. I can write a view, but I can't figure out how to handle the controller part.
I can't compete with Wordpress, and these Wordpress guys that are very low skilled, who just copy and paste code and html are really grabbing a large chuck of market share.
If my little Project Indigo Personal edition had CMS features It would be a game changer for me.
This is a product of poor design and improper use of TFS but I have started on a new project with big problems. A little background first. This is an ASP .NET MVC 3 EntityFramework multiple project application. Now, when development first began several years ago the application had a production branch of TFS source control and no other branches. Two programmers started and worked on creating this application. Now, as each did work they would download directly from the production branch and check-in directly into the production branch. This went on until two weeks before I started work on the application.
Three weeks ago a three separate named user branch tree, named for each developer, was created off of the production branch for each new developer to work on so now checkout/check-in is no longer directly off of the production branch. What we have is a main production branch as the root and three sub branches right off of the production branch. What a mess!
Now to the problem we are currently having. When they downloaded source control application code from the production branch to each person's named branch all of the asp project and third party dll's are gone along with the bin and bin/debug directories. Each of the new branches won't build their projects and the main Web project won't build. What I have done is pulled all of the asp project and third party dll's into my branch from production created a working branch. Than I checked my branch back into MY named branch of source control. Now, after doing this another developer has downloaded the new updated, MY named branch, branch to their machine and again the bin and bin\debug directories and all of the dll's are missing. Based on my confusing description of the problem can someone provide guidance on how we can fix this problem?
Not sure I fully understand the issue and it depends what these third party dlls are, but you usually solve this problem with nuget packages. So if your project needs, for example, Entity Framework, you add that to your project as a nuget package. What that does is create a folder under a "packages" folder and that folder contains xml that describes the package. When you check the code in you also check in the packages folder. When the next developer gets the project they will have the packages but not the dlls, however when they compile VS will realise this and use the data in the nuget package to download the dlls itself. So rather than manage third party dlls you manage nuget packages and VS sorts it out for you.
One problem with nuget is the application is on an intranet. What I have done is to create a root level folder and checked it in. With the new folder I have added all of the needed third party dll's and referenced them in each of the application project's references. Is this the correct way to do it or is nuget still possible?
I was considering adding a blog to my website to get more traffic or a pay wall of knowledge and was wondering if anybody has implemented any good packages for this. I really don't want to write a app for that at the moment plus I'n not really set on a design for it.
If I did write a blog app for myself, I would want to have unique page names, but I can't figure out how to dynamically add pages to a controller.
I can add views easy, but the controller part is fuzzy for me. Guess I would have to use 1 page name and add a route as the description.
we can get our job done by access token then why should i go for
....what would be the benefit.
i saw a example of refresh token which show when we are getting access token then refresh token also passing along with access token. so i was totally confuse and do not understand how and why refresh token.
if possible please discuss the story of refresh token. thanks in advance.
When a page is requested that requires a token for authentication, that is the first token.
But if the user refreshes the page, then perhaps the first token is now expired or no longer valid, so a new token is issued called a refresh token.
Most likely this is a form, so on Post, validation must be correct first then the token must match to submit the form, or to call the function after token matching.
If your tokens never match, then the form will never get written.
If you keep issuing the same token, then token authentication will become useless and bots will take over the form.
In MVC it's called the AntiForgeryToken and you call it using attributes in the MVC controller.
So on a GET request you issue the token from the controller and it gets written inside the form tags in the view if you place the correct HTML helper in the right spot.
Then the page gets submitted, a POST request and the controller will check the token if you place the right code to check for the token first before or after validation or Model.IsValid.
The question was confusing, but I thought my reply was OK without being long winded on the subject.
I didn't have time to draw diagrams or write an article on the subject.
Maybe English was not his first language.
That's for backing me up on that.
As the words itself suggests, 'Refresh Token' allows you to refresh a token. Which means that if the current ‘Access Token’ expires, then we can get the new access token by using ‘Refresh Token’. I think jkirkerx made that up clear.
I am maintaining a new ASP.Net application, which was running fine when I was using database; xxxxx, but another copy of the same Database when I started using: xxxx_20180425 then it started giving me the below error, its a Production application when I took the backup and restore, it started giving me the error as below, I am just confused is it Problem really in the application or just some issues related to new Database permissions for the user. Any help would be greatly helpful.
And can you please help me if I can copy the same roles of user123 permissions on the xxxxx database to xxxx_20180425, so that the user will have the same permissions. Any help would be greatly helpful. Thanks in advance.
Here is the error message:
A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see <a href="http://go.microsoft.com/fwlink/?LinkID=212874">http://go.microsoft.com/fwlink/?LinkID=212874</a>.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").
The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:
<li>Add a "Debug=true" directive at the top of the file that generated the error. Example:</li></ol>
2) Add the following section to the configuration file of your application:
Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.
Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").]
System.Web.HttpRequest.ValidateString(Stringvalue, String collectionKey, RequestValidationSource requestCollection) +9721353
System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) +184
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +70
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6704
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +245
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +58
ASP.error_aspx.ProcessRequest(HttpContext context) +37
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
"There is already enough hatred in the world lets spread love, compassion and affection."
The exception message is quite clear. It is not related to permissions but there was a SQL query that contains potential dangerous (HTML) content.
Unfortunately only a portion of the query string is included with the message:
"...ema 'dbo'.<br />The EXECUTE pe..."
But that does not look like a SQL query (besides a query contains such text which seems to be rather unlikely).
I suggest to debug your code to find out which code portion generates the query containing the above string and check that. For me it looks like the wrong string is passed as query (e.g. wrong variable name used or re-using a variable but forgetting to assign the new value).
A hint might be that the string portion seems to be part of an error message like "The EXECUTE permission was denied on the object ..." which is passed as SQL query. If so, fix the code that is using an error message as SQL query string first (e.g. by reporting the error instead) and then try to solve the permission error.
Thank you Richard for the clarification. I was too distracted by all that database / permission topics.
But the problem of forwarding the error text should be fixed first (that is: detect the SQL error and throw an error message / show an error page instead of passing text blindly). Then the full message is available and can be used to fix the database error.
I've seen that before in the past.
Trying to remember what it was.
But based your stack trace, HTML was detected here
System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +9721353
I think it's your HTML or web form with a simple typo in it
like a select element option on the form
Coincidence perhaps, but not database related, in front of the database
I forgot to mention that you may have some bad data in your database that looks like HTML
I found it, its kind of weird problem the Developer put into, she used the Database name as well in most of the SPs for example, for a select statement on a table she used select col1, col2..... from Database.schema.Table1, when we are using another database name for the restore, it wasn't able to execute and giving us a strange freaky and goofy error. Anyways thanks for all your suggestions my friends.
That's why I believe Developers aren't at all the smart people - Lol.
"There is already enough hatred in the world lets spread love, compassion and affection."
Last Visit: 18-Dec-18 13:40 Last Update: 18-Dec-18 13:40