tags:

views:

55

answers:

2
Q: 

What is "posted" in ASP.NET MVC applications?

As I review more code and blog posts from lots of MVC sources, I still haven't wrapped my mind around what is "posted" when a request is made. I realize MVC doesn't support post, but I'm having trouble finding resources that can explain it well enough to understand.

Inside the controller's public ActionResult nameOfAction(what the heck goes here?) { ... } what are my parameters?

Sometimes it looks like Visual Studio scaffolds (int id, MyObject myobject) for an Edit-style action--it includes something from my model, but not always.

Sometimes, it's (int id, FormCollection collection) for a delete-style action. Why not use the modeled object here? Is a FormCollection object always "posted"?

Sometimes, I see (RouteInfo routeInfo) which isn't recognized in my MVC2 Intellisense (is this MVC1 only or something?)

How can/do/should I establish these parameters? I think this will help me a lot at design time.

+1  A: 

Use strongly typed views with a view-model and the strongly typed helpers. Then when you POST, you should get an instance of that view-model out.

Daniel A. White  2010-07-28 16:25:43
What if I'm not always using a strongly-typed view? I don't necessarily see why I wouldn't, but why does the default Delete method use a FormCollection and not a MyObject as a paramter? And is there some MVC2 equivalent to RouteInfo?
David  2010-07-28 16:30:59
The form collection is just just one way of representing the data with out model binding. I'm not sure how well model binding works without strongly typed views.
Daniel A. White  2010-07-28 16:32:56
How would the data coming into the view ensure you are getting strongly typed data out of the view?
Wyatt Barnett  2010-07-28 23:56:32
+2  A: 

What gets post back from a form in MVC is the form data which includes each form element in a keyvalue pair.

If you only need this information then you would use:

public ActionResult nameOfAction(string name, string lastName, string etc)

MVC has some smart data model binding which takes the form data and automatically creates an object which is part of you domain model. For instance it could automatically create a Person object with the provided form data.

I believe there is a security concern with this as a user of your site may post data which is not part of your form and guess what your models are to inject their own data. I dont think this is a massive issue though and this is the way I would go.

I think you can use the anti-forgery helper to prevent users from posting back data which is not allowed in a form. anti-forgery

skyfoot  2010-07-28 16:33:35
I am assuming name, lastName, and etc are all ID's of some kind of input element? So, I can use just the field ID's I need, or the `FormCollection` object to avoid excessive naming of parameters in the signature of the method?
David  2010-07-29 14:01:34

related questions

Mocking WebResponse's from a WebRequest
What's the best way to learn server RESTful code?
JAX-RS Frameworks
SOAP or REST
Are REST request headers encrypted by SSL?
REST in Java
REST type API for non web based applications, Is It a good idea?
Getting started with REST
Plain text passwords in Ruby on Rails using Restful_Authentication
Where WCF and ADO.Net Data services stand?
REST how to handle query parameters when put to resource?
Any way to handle Put and Delete verbs in ASP.Net MVC?
How do you implement resource "edit" forms in a RESTful way?
Friendly URLs for ASP.NET
Possible to create REST web service with ASP.NET 2.0
Strange Rails Authentication Issue
How to respond to an alternate URI in a RESTful web service
Guide to choosing between REST vs SOAP services?
guid REST URL for ado.net dataservice call?
RESTful web services and HTTP verbs
Calling REST web services from a classic asp page
Best way to write a RESTful service "client" in .Net?
Best Practices for securing a REST API / web service
Document or RPC based web services
Modify Address Bar URL in AJAX App to Match Current State