what are your top lessons learned when starting asp.net mvc that you would highlight to someone starting out so they can avoid these mistakes?
A:
Don't use the Forms collection, use model binding.
Try not to use ViewData, create a ViewModel.
If you have a loop or an if in your View, write an HTML helper.
Kindness,
Dan
Daniel Elliott
2009-09-07 18:00:41
+3
A:
Try to always use a ViewModel to pass data between the Controller and the View. You may think you don't need one, you can just pass your model around, but suddenly you need a list box with several options for editing a model, or displaying a message (not validation message) and you start adding items to the ViewData, with magic strings as keys, making the app harder to maintain. There are also some security issues that you solve with a ViewModel. For instance:
class user:
int id
string name
string email
string username
string password
Your view let's the user change his name and email and posts to the action
public ActionResult Edit(User user)
{
--persist data
}
Someone could tamper your form and post a new password and username and you will need to be very careful with the DefaultBinder behavior. Now, if you use a ViewModel like:
class userEditViewModel:
int id
string name
string email
The problem is gone.
Ariel Popovsky
2009-09-07 18:01:11
Why not excluding the 'username' and 'password' on action's filter?Or update model with just the list of fields you want to update?
twk
2009-09-07 20:14:33
That's perfectly valid but you can forget to do so, some new dev may not know about this since is not that obvious. Using ViewModels it's almost impossible to fail.
Ariel Popovsky
2009-09-07 20:36:13
@twk Action filters are hard to unit test.
bzlm
2010-03-04 09:19:45
+1
A:
Whenever it is possible make your view typed
Avoid logic in your views
stay away from the HttpContext
Yassir
2009-09-07 18:02:38
+6
A:
- Use Html.Encode() everywhere you print data, unless you have a very good reason to not do so, so you don't have to worry about XSS
- Don't hardcode routes into your views or javascripts - they're going to change at some point, use Url.Action() instead
- Don't be afraid of using partial views
- MVC is no silver bullet, first evaluate if it's indeed the best tool of choice for solving your problem.
DrJokepu
2009-09-07 18:03:18
+1
A:
Get Steve Sandersons Pro ASP.NET MVC Framework
Debug into the Sourcecode
Malcolm Frexner
2009-09-07 19:37:40
A:
Don't let your controller become a fat one and do too much work. I've seen 1000+ line controllers in the past and it just becomes an absolute nightmare to understand what's going.
Utilise unit testing for your controllers to ensure that dependencies are kept under control and that your code is testable.
Don't get drawn into letting jQuery and fancy clientscript define the behaviour of your application, try and use it as sparingly as you can and let it enhance your application instead.
Use partial views and HTML helpers whenever possible to ensure that your Views do not become unwieldy and a maintenance nightmare.
Use a ViewModel whenever possible.
Use a dependency injection framework to handle your dependencies (MvcContrib has several controller factories, though it's simple enough to roll your own).
sighohwell
2009-09-07 20:18:27
A:
Use a different controller for every section of your site (e.g., Home, Account)
Learn how to use ViewData and TempData
Learn what's the use of RenderPartial
jean27
2010-03-04 09:15:45
+1
A:
- If you make a Controller method with a different parameter name from id for a single parameter method, you have to make a new route. Just bite the bullet and use id (it doesn't care about the type) and explain it in the comments.
Makes sure you name your parameters with
RedirectToAction:return RedirectToAction("DonateToCharity", new { id = 1000 });
Chris S
2010-03-04 09:24:38