asp.net mvc tutorial for beginners - Part 19 Unintended updates in mvc

Database, Information Technology

asp.net mvc tutorial for beginners

496 Lessons

Description

Part 19 Unintended updates in mvc

Text version of the video
http://csharp-video-tutorials.blogspot.com/2013/05/part-19-unintended-updates-in-mvc.html

Slides
http://csharp-video-tutorials.blogspot.com/2013/09/part-19-unintended-updates-in-mvc.html

All ADO .NET Text Articles
http://csharp-video-tutorials.blogspot.com/p/free-adonet-video-tutorial.html

All ADO .NET Slides
http://csharp-video-tutorials.blogspot.com/p/adonet-slides.html

All Dot Net and SQL Server Tutorials in English
https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd

All Dot Net and SQL Server Tutorials in Arabic
https://www.youtube.com/c/KudvenkatArabic/playlists

In this video we will dsicuss, how, unintended updates can happen in mvc. Please watch Part 18, before proceeding. Let’s understand this with an example.

At the moment, “Employee Edit” view can be used to change all of the following fields.
1. Name
2. Gender
3. City
4. DateOfBirth

Let’s make “Name” non-editable. To achieve this
CHANGE THE FOLLOWING CODE IN EDIT.CSHTML
@Html.EditorFor(model =] model.Name)

TO
@Html.DisplayFor(model =] model.Name)
@Html.HiddenFor(model =] model.Name)

Run the application and edit an employee. Notice that, Name of the employee is no longer rendered using a textbox. At this point we may think, that it is impossible for the user to change the name of the employee using “Edit” view. That is not true. Because of the way we have written our code, tools like Fiddler can be used to very easily change any properties of the “Employee” object.

Fiddler can be downloaded from the following URL
http://fiddler2.com/get-fiddler

After you have downloaded and installed fiddler, run fiddler, and navigate to the following URL
http://localhost/MVCDemo/Employee/Edit/1

In fiddler, in web sessions window, select the url. Under the “Inspectors” tab you can see Request headers and response. We will discuss more about fiddler in a later video session.

Now click on “Save” button on “Edit” view. Notice that, under “Web Sessions” in fiddler another request is captured for the same URL – http://localhost/MVCDemo/Employee/Edit/1

Now, without using the browser, let’ us see how to generate a post request using fiddler.
1. Click on “Composer” tab in fiddler
2. Drag and drop the following URL from “Web Sessions” window onto Composer window.
http://localhost/MVCDemo/Employee/Edit/1
3. In “Reques Body” under “Composer” tab, change “Name” of the employee to “XYZ”
4. Finally click “Execute” button on “Fiddler”

Now either query the database table, or navigate to “Index” view and notice that the employee name is changed to “XYZ”.

In our next video, we will discuss preventing these type of un-intended updates.

_layout

_ViewStart

.Net

.net mvc entity framework

@Ajax.ActionLink

@RenderSection

action

action filter

actionlink

actionname

actionresult

Adding

Advantages

ajax

ajaxhelper

ajaxoptions

Alert

all checkboxes

allowanonymous

application

areas

argument

array

asp net mvc 5 delete confirmation

asp net mvc hyperlink navigation

asp net mvc link helper

asp net mvc passing list to view

asp net mvc required examples

asp net mvc update view entity framework

asp net mvc url and iis

asp.net

ASP.NET MVC

asp.net mvc 4 create dropdownlist

asp.net mvc 4 multi select list

asp.net mvc 5 crud operations

asp.net mvc access form collection

asp.net mvc calendar date picker

asp.net mvc confirm delete button

asp.net mvc controller request.querystring

asp.net mvc controller return string

asp.net mvc convention over configuration

asp.net mvc conventions

asp.net mvc course

asp.net mvc create hyperlink

asp.net mvc create new view

asp.net mvc crud operations

asp.net mvc crud operations example

asp.net mvc currency model binder

asp.net mvc date picker helper

asp.net mvc datepicker dateformat

asp.net mvc datepicker example

asp.net mvc datepicker format

asp.net mvc datepicker not working

asp.net mvc datetime datepicker

asp.net mvc delete confirmation

asp.net mvc dropdownlist data binding

asp.net mvc dropdownlist from database

asp.net mvc dropdownlist required

asp.net mvc dto viewmodel

asp.net mvc entity framework

asp.net mvc example c#

asp.net mvc example step by step

asp.net mvc formcollection dropdownlist

asp.net mvc formcollection empty

asp.net mvc formcollection example

asp.net mvc formcollection select

asp.net mvc get data from database

asp.net mvc hello world

asp.net mvc html helper anchor

asp.net mvc html.actionlink pass parameters

asp.net mvc htmlhelper extension methods

asp.net mvc insert to database

asp.net mvc insert update delete

asp.net mvc javascript confirm delete

asp.net mvc jquery datepicker editorfor

asp.net mvc jquery datepicker example

asp.net mvc list view example

asp.net mvc make dropdownlist required

asp.net mvc model object

asp.net mvc model validation

asp.net mvc model validation example

asp.net mvc multiple tables

asp.net mvc pass model to view

asp.net mvc razor foreach loop

asp.net mvc required attribute

asp.net mvc required field

asp.net mvc required field validation

asp.net mvc selectlist from database

asp.net mvc tutorial

asp.net mvc two tables

asp.net mvc url mapping

asp.net mvc version

asp.net mvc view example

asp.net mvc view foreach example

asp.net mvc view from controller

asp.net mvc view function

asp.net mvc view validation

asp.net mvc viewmodel example

asp.net mvc viewmodel tutorial

aspx

assembly

attack

attribute

Attributes

Authorize

auto

auto generated

autocomplete

automatic

avoid

bad

bellevue

benefits

between

bi-directional

bidirectional

bind attribute

bind mvc dropdownlist with database values

black list

brail

built

business objects

c# mvc checkboxfor default checked

c# mvc crud example

c# mvc crud tutorial

c# mvc entity framework tutorial

c# mvc get checkbox value

c# mvc object reference not set to an instance of an object

cacheprofiles

CDN

CHECK

checkbox

checkbox list

checkboxlist

checking

child actions

childactiononly

classes

Client

client-side

code

code blocks

comments

compare

compareattribute

compile time

complete

complex

compress

compression

constant

content

control

controller

controller action

controllers

Convention

create

create asp.net mvc application

create view

Creating

cross site scripting

CRUD

crud operations in asp.net mvc 5

crud operations in asp.net mvc 5 using entity framework

currency format in mvc 4

current()

custom

custom errors

custom view engine

customize

customizing

Data

data access

Data Annotations

data transfer object

data- attributes

database

datatransferobject

DataTypeAttribute

date format in c# mvc

date format in mvc razor

date in mvc view

datetime

datetime in mvc model

datetime picker

delete

Deleting

delivery

demo

Detect

determine

diference

difference

differences

disable

disabled

disadvantages

display

display data from two tables in mvc

DisplayAttribute

DisplayColumnAttribute

DisplayFormatAttribute

displaying data from multiple tables in asp.net mvc

down

download

dropdownlist

DropDownListFor

dynamic views

edit

edit view

editing

edits

employee department mvc

enable

encode

encoding

entity framework

entity framework asp.net mvc

entity framework asp.net mvc tutorial

entity framework in mvc

entity framework in mvc 4

entity framework in mvc tutorial

errors

escape

example

example of mvc with text box in c#

exclude

excluding

explained

explicit code nugget

expression

fallback

feedback

fiddler mvc post

Fields

files

filters

FIND

find out

first

for beginners

foreach in mvc razor view

form

format date in mvc controller

FormCollection

from

functionality

generate

generating

get request

handleerror

HandleErrorAttribute

helpers

hiddeninput

HiddenInputAttribute

how asp.net mvc works

how does mvc know which view to return

how iis process mvc request

how mvc request is processed

how to create mvc application in visual studio 2013

how to install asp.net mvc 3

how to install asp.net mvc 4

how to install asp.net mvc 4 in visual studio 2010

how-to

html

html helper

html helper for textbox

html helpers

html.dropdownlist

Html.DropDownListFor

Html.Partial

Html.RadioButton

Html.RadioButtonFor

Html.RenderPartial

Html.TextBox

Html.TextBoxFor

HtmlHelper

httpget

httppost

hyperlinks

image

images

implement

implementing

include

including

index view

insert

install

install asp.net mvc 3

installing asp.net mvc 3

installing asp.net mvc 4

interfaces

IsSectionDefined

IsValid

item

javascript

jquery

jquery datepicker example in asp.net mvc

key value pair

keys

layout

links

List Box

listbox

literal text

loaded

LoadingElementDuration

LoadingElementI

local

locate

location

make a field required mvc

method

method mvc

methods

min.js

Minification

minified

minify

Model

model binding

model binding in asp.net mvc

model metadata

Model–view–controller

models

multiple

multiple tables

MVC

mvc @model in view

mvc 3

mvc 4

mvc 4 edit controller example

mvc 4 edit view

mvc 4 pass list from view to controller

mvc access model in view

mvc add validation dynamically

mvc application

mvc bind view to model

mvc c# crud

mvc checkboxfor checked by default

mvc checkboxfor database

mvc checkboxfor default value

mvc checkboxfor get value

mvc checkboxlist from database

mvc combobox database selected value

mvc combobox selected value

mvc controller

mvc create textbox

mvc database example c#

mvc dropdownlist database example

mvc dropdownlist entity framework

mvc dropdownlist entity framework database first

mvc dropdownlist required validation

mvc dropdownlist viewbag example

mvc edit controller example

mvc edit form example

mvc edit httppost

mvc edit page example

mvc edit view drop down list

mvc edit view example

mvc editable drop down list

mvc email hyperlink

mvc employee example

mvc entity framework c# tutorial

mvc entity framework example

mvc formcollection example

mvc get all checked checkboxes

mvc get selected items listbox

mvc hide field in view

mvc hide model property

mvc htmlhelper best practices

mvc htmlhelper hidden field

mvc htmlhelper strongly typed

mvc layout

mvc listbox get selected items in controller

mvc loop through checkboxes

mvc mailto link

mvc model

mvc model attributes email

mvc model class example

mvc model example c#

mvc model validation example

mvc multiselect listbox

mvc pages

mvc partial class metadata

mvc radio button database

mvc radio button selected value

mvc radiobuttonfor checked

mvc razor edit form

mvc razor edit view

mvc razor html.dropdownlist example

mvc razor mailto link

mvc required attribute example

mvc retrieve data from database

mvc return view viewname

mvc uihint example

mvc update database from model

mvc update example

mvc update stored procedure

mvc view search locations

mvc2

mvc3

mvc3 html.actionlink parameters

mvc4

Named sections

navigation

network

new row

nonaction

not working

Obtrusive

OnBegin

OnComplete

OnFailure

OnSuccess

open in a new browser window

Operations

outputcache

outputcacheattribute

override

own

page

pager

pagination

paging

parameter types

partial

partial views

partialviews

pass model from controller to view mvc 4

pass model to view from controller

pass viewmodel to controller c#

populating

post

post request

posted form values

precompiling

prevent

preventing

prevention

progress

project

properties

Public

purpose

RadioButtonFor

radiobuttonlist

range

rangeattribute

razor

razor edit view dropdown

razor multi select listbox

read

readonly

ReadOnlyAttribute

records

Reflection

regularexpression

regularexpressionattribute

remote

RemoteAttribute

render

rendered

RenderPartial

request data

requirehttps

requirehttpsattribute

restrict access

result

Routing

rows

runtime

ScaffoldColumnAttribute

Screen

search

search capability

section

sections

select

selected

selected value

selectedvalue

selectlist

selectlistitem

selectors

Server

show

side

simple

single

sort

Sorting

Spark

stringlength

strongly typed html helpers

strongly typed html helpers mvc 4

strongly typed views

Structure

summary

support

Syntax

t4 templates

templated helpers

Templates

text tag

TextBox

TextBoxFor

the view index or its master was not found mvc 4

tryupdatemodel

tutorial

typeof

uihint

uihint attribute asp.net mvc

uncheck

Unintended updates

Unobtrusive

Update

update view mvc

updatemodel

updating

url

Use

use of

using

using fiddler with asp.net mvc

using foreach in razor view

validateinput

validateinputattribute

validation

validation mvc

validationsummary

value

values

versions

vewbag

view

view engines

view index or its master was not found

viewbag pass data from controller to view

viewdata

viewdata viewbag viewmodel

ViewData.ModelMetadata

ViewData.TemplateInfo

viewmodel

views

viewstart

visual

visual studio create mvc application

visual studio create mvc project

what

what is the use of shared folder in mvc

white list

Why

Working

working with multiple tables in mvc using entity framework

xss