使用VS2013并使用EF6(数据库优先)构建我的第一个MVC应用程序。我有一个工作表和一个相关的项目表(每个工作可以有数百万条记录)。我需要为用户提供导出项目子集的方法(例如,项目1,000 - 10,000)。
所以我的控制器包含一个get方法,它打开一个新视图,在那里他们可以输入起始值和结束值。
我想将这些默认值设置为items表中的min和max值,然后我需要验证输入的两个数字是否存在于items表中。
以下是我的观点:
@model PSAMVC.Models.Job
@{
ViewBag.Title = "ExportToLake";
}
<h2>ExportToLake</h2>
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
<div class="form-horizontal">
<h4>Job</h4>
<hr />
@Html.ValidationSummary(true, "", new { @class = "text-danger" })
@Html.HiddenFor(model => model.ID)
<div class="form-group">
@Html.LabelFor(model => model.JobNo, "JobNo", htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.DisplayFor(model => model.JobNo, new { htmlAttributes = new { @class = "form-control" } })
</div>
</div>
<div class="form-group">
@Html.LabelFor(model => model.VersionRef, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.DisplayFor(model => model.VersionRef, new { htmlAttributes = new { @class = "form-control" } })
</div>
</div>
<div class="form-group">
@Html.LabelFor(model => model.PSAJobRef, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.DisplayFor(model => model.PSAJobRef, new { htmlAttributes = new { @class = "form-control" } })
</div>
</div>
<div class="form-group">
@Html.Label("Start Seq No", htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.TextBox("StartSeqNo")
</div>
</div>
<div class="form-group">
@Html.Label("End Seq No", htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.TextBox("EndSeqNo")
</div>
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Export" class="btn btn-default" />
</div>
</div>
</div>
}
<div>
@Html.ActionLink("Back to List", "Index")
</div>
@section Scripts {
@Scripts.Render("~/bundles/jqueryval")
}
我如何/在哪里输入代码以根据项目表验证两个数字?
我认为在视图中进行是最好的地方,因为用户可以获得即时反馈,我可以编写控制器方法,知道它将始终传递有效值。
我可以为Db添加一个包含作业no和min和max item no的视图,但它看起来有点像黑客。
TIA
标记
更新:这是我的工作模式:
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated from a template.
//
// Manual changes to this file may cause unexpected behavior in your application.
// Manual changes to this file will be overwritten if the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
namespace PSAMVC.Models
{
using System;
using System.Collections.Generic;
public partial class Job
{
public Job()
{
this.Items = new HashSet<Item>();
this.Reprints = new HashSet<Reprint>();
this.Scans = new HashSet<Scan>();
this.LabelTypes = new HashSet<LabelType>();
}
public int ID { get; set; }
public string JobNo { get; set; }
public string VersionRef { get; set; }
public string PSAJobRef { get; set; }
public int TotalCopies { get; set; }
public int CopiesPerBundle { get; set; }
public int CopiesPerCarton { get; set; }
public int CopiesPerMasterCarton { get; set; }
public Nullable<int> CopiesPerPallet { get; set; }
public int CardType { get; set; }
public string CardTitle { get; set; }
public string CardMMYY { get; set; }
public string StartSerialNo { get; set; }
public int StartBundleNo { get; set; }
public int StartCartonNo { get; set; }
public Nullable<int> StartMasterCartonNo { get; set; }
public Nullable<int> StartPalletNo { get; set; }
public string ProductUPC { get; set; }
public string PackagingUPC { get; set; }
public bool PreProcessed { get; set; }
public bool Completed { get; set; }
public Nullable<int> FormatFileID { get; set; }
public bool UseDummyBarcode { get; set; }
public bool Samples { get; set; }
public string PartNo { get; set; }
public string ProductEAN { get; set; }
public string PONo { get; set; }
public string ImportedFileList { get; set; }
public bool ExportedToLake { get; set; }
public Nullable<int> TotalPalletsOverride { get; set; }
public virtual CardType CardType1 { get; set; }
public virtual FormatFile FormatFile { get; set; }
public virtual ICollection<Item> Items { get; set; }
public virtual SG360JobNos SG360JobNos { get; set; }
public virtual ICollection<Reprint> Reprints { get; set; }
public virtual ICollection<Scan> Scans { get; set; }
public virtual ICollection<LabelType> LabelTypes { get; set; }
}
}
这是我的工作控制器
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.Entity;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.Mvc;
using PSAMVC.Models;
using System.Data.SqlClient;
using System.Configuration;
namespace PSAMVC.Controllers
{
public class JobsController : Controller
{
private PSAMVCEntities db = new PSAMVCEntities();
// GET: Jobs
public ActionResult Index()
{
var jobs = db.Jobs.Include(j => j.CardType1).Include(j => j.FormatFile).Include(j => j.SG360JobNos);
return View(jobs.ToList());
}
// GET: Jobs/Details/5
public ActionResult Details(int? id)
{
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
Job job = db.Jobs.Find(id);
if (job == null)
{
return HttpNotFound();
}
return View(job);
}
// GET: Jobs/Create
public ActionResult Create()
{
ViewBag.CardType = new SelectList(db.CardTypes, "ID", "Description");
ViewBag.FormatFileID = new SelectList(db.FormatFiles, "ID", "Name");
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo");
return View();
}
// GET: CreateBundlesAndCartons
public ActionResult CreateBandC(Int32 id)
{
string ReturnMessage;
ReturnMessage = "";
using (SqlConnection connection = new SqlConnection())
{
//string connectionStringName = this.DataWorkspace.CooperData.Details.Name;
connection.ConnectionString =
ConfigurationManager.ConnectionStrings["PSAContext"].ConnectionString;
string procedure = "PSA.dbo.CreateBundlesAndCartons";
using (SqlCommand command = new SqlCommand(procedure, connection))
{
command.CommandType = CommandType.StoredProcedure;
command.CommandTimeout = 300;
command.Parameters.Add(
new SqlParameter("@JobID", id));
SqlParameter ErrorString = new SqlParameter("@ErrorString", ReturnMessage);
ErrorString.Direction = ParameterDirection.Output;
ErrorString.Size = 4000;
command.Parameters.Add(ErrorString);
connection.Open();
command.ExecuteNonQuery();
// Save Outout Param
ReturnMessage = ErrorString.Value.ToString();
@ViewBag.Results = ReturnMessage;
}
}
//return Content("You requested the to create bundles and cartons for job ID " + id.ToString() + "<br />Result: " + ReturnMessage + "<br /> <a href=\"~/Jobs/\">Return to Jobs</a>");
return PartialView("_SPResults");
}
// GET: Jobs/ExportToLake/5
public ActionResult ExportToLake(int? id)
{
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
Job job = db.Jobs.Find(id);
if (job == null)
{
return HttpNotFound();
}
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo", job.JobNo);
return View(job);
}
// GET: ExportToLake1
public ActionResult ExportToLake1(Int32 id, Int64 StartSeqNo, Int64 EndSeqNo, Boolean ReverseOrder, String FileNameSuffix)
{
string ReturnMessage;
ReturnMessage = "";
using (SqlConnection connection = new SqlConnection())
{
//string connectionStringName = this.DataWorkspace.CooperData.Details.Name;
connection.ConnectionString =
ConfigurationManager.ConnectionStrings["PSAContext"].ConnectionString;
string procedure = "PSA.dbo.ExportToLakeBulk";
using (SqlCommand command = new SqlCommand(procedure, connection))
{
command.CommandType = CommandType.StoredProcedure;
command.CommandTimeout = 1200;
command.Parameters.Add(
new SqlParameter("@JobID", id));
command.Parameters.Add(
new SqlParameter("@ReverseOrder", ReverseOrder));
command.Parameters.Add(
new SqlParameter("@StartSeqNo", StartSeqNo));
command.Parameters.Add(
new SqlParameter("@EndSeqNo", EndSeqNo));
command.Parameters.Add(
new SqlParameter("@Suffix", FileNameSuffix));
SqlParameter ErrorString = new SqlParameter("@ErrorString", ReturnMessage);
ErrorString.Direction = ParameterDirection.Output;
ErrorString.Size = 4000;
command.Parameters.Add(ErrorString);
connection.Open();
command.ExecuteNonQuery();
// Save Outout Param
ReturnMessage = ErrorString.Value.ToString();
@ViewBag.Results = ReturnMessage;
}
}
//return Content("You requested the to create bundles and cartons for job ID " + id.ToString() + "<br />Result: " + ReturnMessage + "<br /> <a href=\"~/Jobs/\">Return to Jobs</a>");
return PartialView("_SPResults");
}
// POST: Jobs/ExportToLake
// To protect from overposting attacks, please enable the specific properties you want to bind to, for
// more details see http://go.microsoft.com/fwlink/?LinkId=317598.
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult ExportToLake2([Bind(Include = "ID,StartSeqNo,EndSeqNo,ReverseOrder")] Job job)
{
if (ModelState.IsValid)
{
//db.Jobs.Add(job);
//db.SaveChanges();
return RedirectToAction("Index");
}
ViewBag.CardType = new SelectList(db.CardTypes, "ID", "Description", job.CardType);
ViewBag.FormatFileID = new SelectList(db.FormatFiles, "ID", "Name", job.FormatFileID);
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo", job.JobNo);
return View(job);
}
// POST: Jobs/Create
// To protect from overposting attacks, please enable the specific properties you want to bind to, for
// more details see http://go.microsoft.com/fwlink/?LinkId=317598.
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Create([Bind(Include = "ID,JobNo,VersionRef,PSAJobRef,TotalCopies,CopiesPerBundle,CopiesPerCarton,CopiesPerMasterCarton,CopiesPerPallet,CardType,CardTitle,CardMMYY,StartSerialNo,StartBundleNo,StartCartonNo,StartMasterCartonNo,StartPalletNo,ProductUPC,PackagingUPC,PreProcessed,Completed,FormatFileID,UseDummyBarcode,Samples,PartNo,ProductEAN,PONo,ImportedFileList,ExportedToLake,TotalPalletsOverride")] Job job)
{
if (ModelState.IsValid)
{
db.Jobs.Add(job);
db.SaveChanges();
return RedirectToAction("Index");
}
ViewBag.CardType = new SelectList(db.CardTypes, "ID", "Description", job.CardType);
ViewBag.FormatFileID = new SelectList(db.FormatFiles, "ID", "Name", job.FormatFileID);
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo", job.JobNo);
return View(job);
}
// GET: Jobs/Edit/5
public ActionResult Edit(int? id)
{
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
Job job = db.Jobs.Find(id);
if (job == null)
{
return HttpNotFound();
}
ViewBag.CardType = new SelectList(db.CardTypes, "ID", "Description", job.CardType);
ViewBag.FormatFileID = new SelectList(db.FormatFiles, "ID", "Name", job.FormatFileID);
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo", job.JobNo);
return View(job);
}
// POST: Jobs/Edit/5
// To protect from overposting attacks, please enable the specific properties you want to bind to, for
// more details see http://go.microsoft.com/fwlink/?LinkId=317598.
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Edit([Bind(Include = "ID,JobNo,VersionRef,PSAJobRef,TotalCopies,CopiesPerBundle,CopiesPerCarton,CopiesPerMasterCarton,CopiesPerPallet,CardType,CardTitle,CardMMYY,StartSerialNo,StartBundleNo,StartCartonNo,StartMasterCartonNo,StartPalletNo,ProductUPC,PackagingUPC,PreProcessed,Completed,FormatFileID,UseDummyBarcode,Samples,PartNo,ProductEAN,PONo,ImportedFileList,ExportedToLake,TotalPalletsOverride")] Job job)
{
if (ModelState.IsValid)
{
db.Entry(job).State = EntityState.Modified;
db.SaveChanges();
return RedirectToAction("Index");
}
ViewBag.CardType = new SelectList(db.CardTypes, "ID", "Description", job.CardType);
ViewBag.FormatFileID = new SelectList(db.FormatFiles, "ID", "Name", job.FormatFileID);
ViewBag.JobNo = new SelectList(db.SG360JobNos, "JobNo", "JobNo", job.JobNo);
return View(job);
}
// GET: Jobs/Delete/5
public ActionResult Delete(int? id)
{
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
Job job = db.Jobs.Find(id);
if (job == null)
{
return HttpNotFound();
}
return View(job);
}
// POST: Jobs/Delete/5
[HttpPost, ActionName("Delete")]
[ValidateAntiForgeryToken]
public ActionResult DeleteConfirmed(int id)
{
Job job = db.Jobs.Find(id);
db.Jobs.Remove(job);
db.SaveChanges();
return RedirectToAction("Index");
}
protected override void Dispose(bool disposing)
{
if (disposing)
{
db.Dispose();
}
base.Dispose(disposing);
}
}
}
答案 0 :(得分:1)
首先,服务器端代码不应假设传递的值有效。始终验证值并正确处理错误。可以绕过客户端验证。
在提供即时反馈方面,一种方法是在控制器上执行一个操作,该控制器接受值作为参数进行验证,并返回包含该值是否有效以及是否为错误的json。
然后可以在输入字段模糊事件上调用此操作,或者更改甚至提供关于值是否有效的接近实时反馈。
另一种方法是在页面呈现过程中确定有效值,并将其嵌入客户端验证框架(如果有)(或使用自定义JS)。
客户代码
function performValidate(data, url) {
var result = $.ajax({
type: "POST",
url: url,
data: data,
success: function (data) {
if (!data.success) {
//HandleIncorrectValue
}
//HandleCorrectValue
},
error: function (data) {
//HandleError
}
});
控制器代码
[HttpPost]
public ActionResult Validate(int value)
{
var response = ValidateValue(value);
return Json(new { success = response.Success, message = response.Message });
}