Showing posts from June, 2012

ASP.NET DropDownList Postback: The jQuery AJAX Replacement for MVC

It was handy in ASP.NET WebForms to have the AutoPostback property and use the SelectedIndexChanged event, to allow other parts of your WebForm to be updated depending on user selection!

With MVC and Razor you can achieve the same functionality, but it has to be done using some other way that fits in with a View. Recently I had a requirement to render a list of checkboxes on a user form; the catch was that the list of checkboxes to be rendered was dependant on a drop down list option the user selected on the same form...
With this senario, we have three main components to any solution:
1. We need to fire a method when the drop down list selection changes. 2. This method needs to take the value of the selected item in the drop down list and return output based on that value. 3. The returned output needs to be rendered in the view.
With the requirement I had, I needed to query a database to return the data needed to render the checkboxes. The solution I used utilised jQuery AJAX and JSO…

MVC: Security Best Practises for Entity Framework 4.3 Code First and SQL Server

With Entity Framework, using code first development is a real time saver - however there are several best practises to consider when using SQL Server as your data store.

1. The user credentials you specify in the web.config when developing your application must have elevated privileges to drop/create the database depending on the database initialiser you are using for development. The use of web.config transforms for specifying different configurations for different build environments is essential, so that a connection string for a production build has user credentials with the lowest possible privileges.

2. Use DataAnnotations to specify schemas. In most of the examples I have seen, objects are created in the dbo schema. An example of how to specify a schema for your entity is:

[Table("Course", Schema = "Students")] public class Course { public int CourseID { get; set; } public string Title { get; set; } public int Credits { get; set; …