NextRoot

New website

Stefy — Sat, 17 Apr 2010 18:59:37 +0000

I recently change the hosting and I decided to change the blogging framework we use. So we are not using BlogEngine .NET and we are now using Wordpress. The major problem we had with BlogEngine was the lack of support for spam comments. Wordpress also has a big advantage by having a lot of plugins developed.

I’m still working on the theme currently but the site will be stable in one week.

ASP .NET MVC – Validate Request problem

Stefy — Tue, 07 Apr 2009 15:58:13 +0000

As I said in my previous post, I’m working on an ASP .NET project and I’m learning new things about this technology

I had to integrate a WYSIWYG editor in my project and after doing that I got the classic ‘A potentatially dangerous Request.Form value was detected from the client’ exception at runtime. This error appears because I tried to post a string that was recognized by the server as a potential cross-site scripting attack. In classic ASP .NET in order to resolve this problem you can either encode the string and decode it back when using it, or you can add the ValidateRequest=”false” in you Page directive.

So I went for the second choice, but I was still having the same problem. After a little digging on Google I found what was the actual problem. In ASP .NET MVC all the validation is made at the controllers level. That’s quite logic because when the controller is executing we don’t know what view is going to be rendered. Additionally, if a user posts a malicious script by the time the view is rendered it’s too late to do anything about it. So in order to resolve the problem you have to decorate your controller or action with the attribute [ValidateInput(false)]. That way we can tell the controller or the action to surpress any validation.

ASP .NET MVC – Dynamic controls

Stefy — Tue, 07 Apr 2009 11:27:46 +0000

I’m currently working on a project made with ASP .NET MVC and I had one problem the other day: How can I get the value of a dynamic generated input control in a controller? For example, let’s say that you have to put a number controls (textboxes, checkboxes etc.) on a view based on your applications logic. When the page is posted back to the server you want to be able to check the values of those controls in order to process them. To get those value you’ll have to look in the Request.Form collection after the name of your control.

ASP .NET Tutorials – Episode #2

Stefy — Sat, 04 Oct 2008 19:43:18 +0000

Hello,

The second episode from our ASP .NET tutorials in Romanian is online. This episode covers the standard ASP .NET controls, masterpages, themes and web parts. You can also find a really interesting section for advanced users.

ASP .NET tutorials and screencasts

Stefy — Wed, 17 Sep 2008 16:31:10 +0000

Hi there. Me and Mihai Tataran, director of HPC Consulting (the company where I work) are writing some ASP. NET tutorials for the Romanian ASP .NET developer community. Each tutorial will cover the basis of ASP .NET, but we also have a section for advanced developers. Our first tutorial is presenting an introduction to ASP .NET and the advanced developers section features an interesting article about UrlRewrite. Each of these articles has a screencast. To read the first tutorial press here (text and screencasts are in Romanian).

What is the __doPostBack function and how can it be used?

Stefy — Sat, 13 Sep 2008 16:05:28 +0000

This article would like to explain the functionality of the postback mechanism in ASP .NET and how the pages can be posted to the server from client code.

Let’s suppose we have a simple ASP .NET page which contains a LinkButton:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="WebApplication1._Default" %>

When this page is render if we take a look at the source of the page (any modern browser has this feature, just press right click on the page and select View Source or View Page Source) it’s going to look like this:

First of all we can see that our LinkButton is rendered as an anchor element ( tag). Also the reference of that link points to a javascript function named __doPostBack, which is defined earlier in the page. This method has 2 parameters: eventTarget (this is the id of the control that determines the function to be executed) and eventArgument (this is an optional argument which can be set up if needed).

If we inspect the code of the __doPostBack function we can see that it first sets the values of two hidden fields created by ASP .NET named __EVENTTARGET and __EVENTARGUMENT with the two parameters passed to the function. After this the page is submitted back to the server.

When a page is posted back to the server ASP .NET inspects __EVENTTARGET and __EVENTARGUMENT values and this way it can decide which of the controls caused the page to be postedback and what is the event that has to be handled.

Hello world!

Stefy — Fri, 05 Sep 2008 11:16:02 +0000

We just finished the work on our brand new website and now it’s finally online. For now, our site contains only a short briefing of our company. Soon, here will be some nice and shinny tutorials and tips for all the passionate developers from around the world. Also we’ll keep you posted with stories about our projects, about our work and about us. Keep in touch with us and you won’t regret it.

Good night for now and see you around.