tags:

views:

231

answers:

3
Q: 

Calling a javascript function with a parameter retrieved from the model in ASP.NET MVC

I have a javascript function that I need to call inside my body tags. My javascript fuction looks like this:

function NewExistingPicture(pictureName) {

    //code for javascript function
}

And this is what I'm trying to do in HTML:

Existing Photos:
<% foreach (var Photo in Model.ProductThumbnails) 
   { %>
      NewExistingPicture(<%= Html.Encode(Photo.PhotoName) %>) 
<% } %>

Obviously this isn't going to work, but I'm at a loss as to how to pass the function the information from the model.

A: 

I think you'll need to do something like writting out a complete script section with all the javascript in it which is then run when the document has completed loading.

I think this might also be best written out from the controller code so you can set a variable and then insert that into the page.

<%= Model.Javascript %>

and in the controller;

ActionResult MyAction()
{
  myModel.Javascript = "<script>alert(9);</script";
  return View(myModel);
}

The above is completely untested but should work anyway me thinks.

griegs  2009-08-28 01:06:45
You would need to create a Javascript property on the Model. For the sake of example, you may be better off using ViewData.
JoshJordan  2009-08-28 01:13:40
Agreed but I'm just not a big fan of ViewData.
griegs  2009-08-28 01:26:13
+2  A: 

Try this:

<script type="text/javascript">
<% foreach (var Photo in Model.ProductThumbnails) 
   { %>
      NewExistingPicture('<%= Photo.PhotoName.Replace(@"'", @"\'") %>'); 
<% } %>
</script>

(the .Replace() is to escape any single quotes in your string, so the string you're creating will be valid)

kevingessner  2009-08-28 01:07:58
Oh cool, I wasn't aware that the <% tags would get picked up
ajbeaven  2009-08-28 02:01:27
Assuming users have any control at all over photo names, this is not safe (XSS).
nullptr  2009-08-28 04:45:06
Where's the XSS vulnerability? The .Replace guarantees that the entire photo name will be within the JS string, even evil input like "');alert('hacked');alert('".
kevingessner  2009-08-29 14:29:17
Does doing <% Htlm.Encode(//stuff here) %> do the same?
ajbeaven  2009-08-30 20:27:00
A:  
<%@ Import Namespace="System.Web.Script.Serialization" %>
<% var js = new JavaScriptSerializer(); %>
...
NewExistingPicture(<%= Html.Encode(js.Serialize(Photo.PhotoName)) %>)
nullptr  2009-08-28 01:10:32

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript