tags:

views:

136

answers:

2
+1  Q: 

ASP.NET MVC: How too keep orignal object state over the wire

Consider the following code:

public ActionResult Edit(int id)
{
    return View(db.Foos.Single(x => x.Id == id));
}

When user submits the changes, I would like to receive both original and current object values, such that the Update code can be:

Foo foo = db.Foos.Attach(current, original);
db.SubmitChanges();

I see two options:

1) Render a number of hidden inputs containing original values

<input type="hidden" name="original.A" value="<%= Model.A %> />
<input type="hidden" name="original.B" value="<%= Model.B %> />

<input type="text" name="current.A" value="<%= Model.A %>
<input type="text" name="current.B" value="<%= Model.B %>

and submit to:

public ActionResult Update(Foo current, Foo original)
{
    Foo foo = db.Foos.Attach(current, original);
    db.SubmitChanges();
}

2) Use some serialization/deserialization into one hidden field

<input type="hidden" name="original" value="<%= Serialize(original) %> />

and sumbmit to:

public ActionResult Update(Foo current, string original)
{
    Foo original = DeserializeFrom<Foo>(original);
    Foo foo = db.Foos.Attach(current, original);
    db.SubmitChanges();
}

Are there any other options? Or tools that make writing such code easier?

EDIT:

To be more clear... the idea of keeping original value is to eliminate extra select that happens if code written this way:

public ActionResult Update(Foo changed)
{
    Foo original = db.Foos.Single(x => x.Id == changed.Id);
    MyUtils.CopyProps(original, current);
    db.SubmitChanges();
}
+3  A: 

make some custom HtmlHelper extension methods that simply write out both the hidden and textbox element. That way, your view markup stays simple, but you still get the pre/post state tracking in your post info.

I would stray away from the serialization option :-/

Joel Martinez  2009-06-09 17:10:05
Actually standard HtmlHelper already has Html.Hidden and Html.TextBox. But may be you mean some helpers to generate a list of hiddens using reflection?
alex2k8  2009-06-09 17:12:50
I actually mean to make a new extension method that sits along side Html.Hidden and Html.TextBox that simply aggregates those methods to simplify the fact that you have to make a hidden and textbox for every property you wish to display. That way, your view just shows something like:"Html.EditField"which will render both a hidden and textbox in the html
Joel Martinez  2009-06-09 17:23:06
Ah.. Good idea!
alex2k8  2009-06-09 17:38:44
+1  A: 

While I wouldn't know how to solve your problem, I can tell you that what you're thinking of would be extremely unsafe. In fact nothing would stop the client from altering the data sent through the request and in the best case have invalid data entered in your database. You should not trust the client with hidden fields, querystrings or cookies containing data you have to insert (unless you sign the data sent to the client in the first place and check the signature later).

emaster70  2009-06-09 17:12:40
I am going to allow user to submit any values he like, so the idea is not to be protected from crackers, just to eliminate extra queries to DB.
alex2k8  2009-06-09 17:17:32
Also, you can encrypt the value of the hidden field. Then it's just as safe as e.g. the ASPXAUTH cookie
chris166  2009-06-09 17:28:32

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data