I am developing a Webapp using MVC and Entity framework and i have encountered a problem which is starting to get pretty annoying now.
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(true)]
public ActionResult ChangeUser(HttpPostedFileBase avatar, int? id)
{
try
{
if (id == null) return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
if (ModelState.IsValid)
{
Models.Users usr = db.Users.Find(id);
var at = db.Users.Attach(usr);
if (usr == null) return HttpNotFound();
at.Password = Encryption.Encode(usr.Password);
at.Email = usr.Email;
at.NickName = usr.NickName;
if (avatar != null && avatar.ContentLength > 0)
{
var _fileName = Path.GetFileName(avatar.FileName);
var ext = Path.GetExtension(_fileName);
var fileName = Encryption.EncodeFileName(_fileName);
//End of file properties
var path = Path.Combine(Server.MapPath("~/CMS-Content/User/Files/Avatars/"), fileName + ext);
avatar.SaveAs(Server.MapPath(path));
at.ThumbnailPath = path;
}
db.Entry(usr).State = EntityState.Modified;
// other changed properties
db.SaveChanges();
TempData["result"] = "User settings changed successfully.";
}
}
catch
{
TempData["result"] = "An error occured to change the user information!";
}
return RedirectToAction("Users");
}
The problem is that the records in the database does not update. I get the output that they have been updated successfully but in database the records does not change.
Related
I'm new in backend development and Gettig 415 Unsupported Media Type in multipart API written in .net core. I have attached the postman image for your reference. Thanks in advance.
[HttpPost]
[Route("uploadFiles")]
public async Task<ActionResult<IEnumerable<status>>> UploadFilesAsync([FromBody] UploadFile uploadFile)
{
using (var client = new AmazonS3Client("Access key", "Secret key", Region))
{
status s = new status();
try
{
if (uploadFile.Image != null && uploadFile.Image.Length > 0 && uploadFile.Name != null && uploadFile.Name != "")
{
using (var fileStream = new FileStream(uploadFile.Image.FileName, FileMode.Create))
{
uploadFile.Image.CopyTo(fileStream);
var uploadRequest = new TransferUtilityUploadRequest
{
InputStream = fileStream,
Key = uploadFile.Name,
BucketName = "needbucket",
CannedACL = S3CannedACL.PublicRead
};
var fileTransferUtility = new TransferUtility(client);
await fileTransferUtility.UploadAsync(uploadRequest);
}
s.Status = "1";
s.resone = "File uploded sucesefully.";
return Ok(s);
}
else
{
s.Status = "0";
s.resone = "Image and Image name canot be blank";
return Ok(s);
}
}
catch (Exception e)
{
s.Status = "0";
s.resone = "Somthing went wrong." + e.Message;
return Ok(s);
}
}
}
Getting in response on the postman.
1.Change your [FromBody] to [FromForm]
2.In the Body tab, select the form-data option. Then hover your mouse over the row so you can see a dropdown appear that says Text. Click this dropdown and set it to File.
Below is a work demo, you can refer to it.
public class UploadFile
{
public string Name { get; set; }
public IFormFile Image { get; set; }//this is my key name
}
Result:
I went ahead and implemented an ASP .Net Core file upload controller per the documentation and it requires using a [DisableFormValueModelBinding] attribute for streaming large files. I got that working fine. Unfortunately, when using that attribute it seems to block my JSON properties coming in from the form.
Is there any way to get both the file and the form data here? Here is my controller code (the request.form calls are where I am having issues):
[Route("{caseNbr:int}/Document")]
[ResponseType(typeof(CaseDocumentModel))]
[DisableFormValueModelBinding]
[HttpPost]
public async Task<IActionResult> PostDocument(int caseNbr)
{
string errorTrackingFileName = string.Empty;
try
{
UserSessionModel userSessionModel = SessionExtensions.CurrentUserSession;
if (!MultipartRequestHelper.IsMultipartContentType(Request.ContentType))
{
return BadRequest("Bad Request");
}
var boundary = MultipartRequestHelper.GetBoundary(MediaTypeHeaderValue.Parse(Request.ContentType), _defaultFormOptions.MultipartBoundaryLengthLimit);
var reader = new MultipartReader(boundary, HttpContext.Request.Body);
var section = await reader.ReadNextSectionAsync();
while (section != null)
{
var hasContentDispositionHeader = ContentDispositionHeaderValue.TryParse(section.ContentDisposition, out var contentDisposition);
if (hasContentDispositionHeader)
{
if (!MultipartRequestHelper.HasFileContentDisposition(contentDisposition))
{
return BadRequest("Bad Request");
}
var fileName = WebUtility.HtmlEncode(contentDisposition.FileName.Value);
errorTrackingFileName = fileName;
var trustedFileNameForFileStorage = fileName; //Path.GetRandomFileName();
var streamedFileContent = await FileHelpers.ProcessStreamedFile(section, contentDisposition, ModelState, _permittedExtensions, _fileSizeLimit);
if (!ModelState.IsValid)
{
return BadRequest("Bad Request");
}
using (var targetStream = System.IO.File.Create(Path.Combine(_tempFilePath, trustedFileNameForFileStorage)))
{
await targetStream.WriteAsync(streamedFileContent);
**//This is where I am having trouble:**
string descrip = HttpContext.Request.Form["Description"].ToString();
string docType = HttpContext.Request.Form["DocType"].ToString() ?? "Document";
bool isGeneralFileUpload = false;
if (string.IsNullOrWhiteSpace(Request.Form["GeneralFileUpload"]) == false && AppHelper.IsBool(Request.Form["GeneralFileUpload"]))
isGeneralFileUpload = bool.Parse(Request.Form["GeneralFileUpload"]);
int transcriptionJobId = 0;
if (string.IsNullOrWhiteSpace(Request.Form["TranscriptionJobId"]) == false && AppHelper.IsNumeric(Request.Form["TranscriptionJobId"]))
transcriptionJobId = int.Parse(Request.Form["TranscriptionJobId"]);
CaseDocumentModel createdCaseDocumentModel;
if (docType.Equals("Dictation"))
createdCaseDocumentModel = DictationRepository.ProcessDictationFile(userSessionModel.DBID, caseNbr, _tempFilePath, fileName, userSessionModel);
else if (isGeneralFileUpload)
createdCaseDocumentModel = DashboardAdjusterRepository.CreateGeneralFileUploadDocument(_tempFilePath, fileName, userSessionModel, docType, descrip);
else if (docType.Equals("Transcription"))
createdCaseDocumentModel = TranscriptionRepository.UploadTranscriptionFile(userSessionModel.DBID, _tempFilePath, fileName, userSessionModel, transcriptionJobId);
else
createdCaseDocumentModel = CaseRepository.CreateCaseDocumentRecord(userSessionModel.DBID, caseNbr, descrip, docType, _tempFilePath, fileName, userSessionModel);
return Ok(createdCaseDocumentModel);
}
}
// Drain any remaining section body that hasn't been consumed and
// read the headers for the next section.
section = await reader.ReadNextSectionAsync();
}
}
catch (Exception ex)
{
AppHelper.WriteErrorLog("CaseController PostDocument failed due to " + ex.Message + " case number was " + caseNbr + " file name was " + errorTrackingFileName);
return BadRequest("Bad Request");
}
return BadRequest("Bad Request");
}
Here is a sample call with Postman:
Screen shot of Postman
I have no idea why the following code sometimes create duplicate records with different record ID. I suspect the user has post multiple times. If so, how should I change the code to prevent this?
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Add(LeaveHandleViewModel LeaveVM)
{
//Check if record exists
if (_context.InOutRecords.Where(x => x.User == User.Identity.Name
&& x.StartForm == LeaveVM.TodayDate).Count() > 0)
{
//Modify record
var LeaveRecord = _context.InOutRecords.Where(x => x.Email == User.Identity.Name
&& x.StartForm == LeaveVM.TodayDate).FirstOrDefault();
LeaveRecord.Remarks = LeaveVM.TodayRemarks;
var entry = _context.Entry(LeaveRecord);
entry.State = EntityState.Modified;
_context.SaveChanges();
return RedirectToAction("Index");
}
else
{
//create new record
Leave LeaveRecord = new Leave();
LeaveRecord.Remarks = LeaveVM.TodayRemarks;
LeaveRecord.StartForm = LeaveVM.TodayDate;
LeaveRecord.User = User.Identity.Name;
LeaveRecord.CreateDate = DateTime.Now;
_context.InOutRecords.Add(LeaveRecord);
_context.SaveChanges();
return RedirectToAction("Index");
}
}
Check if the problem is not because of date comparison x.StartForm == LeaveVM.TodayDate or because of some special characters that are in username.
Oh and try code below and let me know if something changed.
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Add(LeaveHandleViewModel LeaveVM)
{
var inOutRecord = _context.InOutRecords.FirstOrDefault(x => x.User == User.Identity.Name
&& x.StartForm == LeaveVM.TodayDate);
if(inOutRecord != null)
{
//Edit already existing record
inOutRecord.Remarks = LeaveVM.TodayRemarks;
_context.InOutRecords.Update(inoutRecord);
_context.SaveChanges();
return RedirectToAction(nameOf(Index));
}else
{
//Create new one
Leave LeaveRecord = new Leave();
LeaveRecord.Remarks = LeaveVM.TodayRemarks;
LeaveRecord.StartForm = LeaveVM.TodayDate;
LeaveRecord.User = User.Identity.Name;
LeaveRecord.CreateDate = DateTime.Now;
_context.InOutRecords.Add(LeaveRecord);
_context.SaveChanges();
return RedirectToAction(nameOf(Index));
}
}
I have an mvc4 forms application that uses the simple membership OOTB account controller. I have a view model for the application where I was successfully able to retrieve the username after completing registration as follows:
this.UserName = HttpContext.Current.User.Identity.Name;
At the point this was working my registration method was as follows:
try
{
WebSecurity.CreateUserAndAccount(model.UserName, model.Password, propertyValues: new
{
//Form defined values
Forename = model.Forename,
Surname = model.Surname,
Email = model.Email,
Password = model.Password,
Answer = model.SecretAnswer,
DOB = model.DOB,
//Auto defined values
JoinDate = DateTime.Today,
LastLogin = DateTime.Now,
CompanyID = 5,
ParticipationPoints = 0,
Privacy = 0,
IsDeleted = 0,
ImageURL = "/Images/user-holder.jpg"
});
WebSecurity.Login(model.UserName, model.Password);
return RedirectToAction("Index", "Home");
}
catch (MembershipCreateUserException e)
{
ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
}
After consultation with my customer it was decided that to prevent anyone from just registering on the internet they should already be contained with the usertable with the username value found as a pre existing user. So after this the registration was changed to:
Controller
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
avm.Username = model.UserName;
avm.Forename = model.Forename;
avm.Surname = model.Surname;
avm.Email = model.Email;
avm.Password = model.Password;
avm.Answer = model.SecretAnswer;
avm.DOB = model.DOB;
avm.RegisterUser();
if (avm.StatusCode == "Success")
{
return RedirectToAction("Index", "Home");
}
else
{
//ModelState.AddModelError("", ErrorCodeToString(avm.StatusCode));
return View();
}
}
}
ViewModel
try
{
this.dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);
userRepository = new Repository<MyUser>(dbcontext);
//Step 1 - Check User is in user table.
MyUser userCheck = userRepository.Get(u => u.Username == this.Username).ToList().FirstOrDefault();
if (userCheck == null)
{
StatusCode = "NoUserError";
return;
}
else
{
//Step 2 - Check user has not already registered
if (userCheck.Password != null || userCheck.Answer != null)
{
StatusCode = "AlreadyRegistered";
return;
}
}
//Step 3 - Check the email is valid and the password confirms to password length.
Regex expEmail = new Regex(#"^([a-zA-Z0-9_\-\.]+)#((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$");
if (!expEmail.IsMatch(this.Email))
{
StatusCode = "InvalidEmail";
return;
}
if (this.Password.Length < 8)
{
StatusCode = "InvalidPassword";
return;
}
//Encrypt the password to store in SQL Azure. It does not at this point have any encryption.
EncryptionUtils encryptor = new EncryptionUtils();
string encrytpedPassword = encryptor.Encrypt(this.Password);
//Form defined fields
userCheck.Username = this.Username;
userCheck.Password = encrytpedPassword;
userCheck.Forename = this.Forename;
userCheck.Surname = this.Surname;
userCheck.Email = this.Email;
userCheck.Answer = this.Answer;
userCheck.DOB = this.DOB;
//Automatically defined values
userCheck.JoinDate = DateTime.Today;
userCheck.LastLogin = DateTime.Now;
userCheck.CompanyID = 5;
userCheck.RoleID = 3;
userCheck.ParticipationPoints = 0;
userCheck.Privacy = 0;
userCheck.IsDeleted = false;
userCheck.ImageURL = "/Images/user-holder.jpg";
userRepository.Update(userCheck);
userRepository.SaveChanges();
StatusCode = "Success";
}
catch (Exception ex)
{
StatusCode = "Error";
return;
}
}
Now when I hit the home controller I am not able to access the HttpContext.Current.User.Identity.Name value. Has the authenticated username been stored elsewhere due to the changes?
Authentication cookie must be issued after registration success. Try,
if (avm.StatusCode == "Success")
{
FormsAuthentication.SetAuthCookie(model.UserName, false);
return RedirectToAction("Index", "Home");
}
hope this helps.
my colleague and myself are working on an application form with login functionality the user logs in from the mvc 4 app and there details are submitted to the web api to be checked against the values held in the database once verified the web api returns a loginResult class that contains the error message (if any) and a bool for stating whether it has been successful or not.
at the mvc 4 application level the code below is used to submit the login details to the web api:
Login Action
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(AccountViewModel model)
{
if (!ModelState.IsValid) return View("Login", model);
await _client.PostAsJsonAsync("api/Applicant/CheckApplicant", model)
.ContinueWith((postTask) => postTask.Result.EnsureSuccessStatusCode());
var service = DependencyResolver.Current.GetService<IApplyService>();
var loginResult = service.GetLoginResult();
var loginSuccess = loginResult.LoginSuccess;
if (loginSuccess != null && (bool) loginSuccess)
{
FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);
return RedirectToRoute("Terms And Conditions");
}
return View("Login");
}
the login details are then received at the web api in this method:
Check Applicant Method
public String CheckApplicant(Applicant applicant)
{
Int32 passwordFailureTimeoutMins = Convert.ToInt32(System.Configuration.ConfigurationSettings.AppSettings["PasswordFailureTimeoutMins"]);
Int32 passwordFailureAttempts = Convert.ToInt32(System.Configuration.ConfigurationSettings.AppSettings["PasswordFailureAttempts"]);
ApplicantRepository applicantRepository = new ApplicantRepository();
Applicant applicantDB = applicantRepository.GetById(applicant.Email);
LoginResult loginResult = new LoginResult();
PasswordHelper passwordHelper = new PasswordHelper();
if (applicantDB == null)
{
loginResult.LoginSuccess = false;
loginResult.LoginError = "Your password or login may not be correct.";
}
else
{
bool loginFailureCheck;
if (applicantDB.LoginFailureCount > passwordFailureAttempts)
{
System.TimeSpan diffResult = DateTime.Now.Subtract(Convert.ToDateTime(applicantDB.LastLoginFailure));
if (diffResult.Minutes < passwordFailureTimeoutMins)
{
loginFailureCheck = false;
}
else
{
loginFailureCheck = true;
}
}
else
{
loginFailureCheck = true;
}
if (passwordHelper.CheckPassword(applicant.Password, applicantDB.Password))
{
if(loginFailureCheck)
{
if(applicantDB.AccountActive)
{
loginResult.LoginSuccess = true;
loginResult.LoginError = "Login Successful.";
applicantDB.LastLoginFailure = null;
applicantDB.LastLoginSuccess = DateTime.Now;
applicantDB.LoginFailureCount = 0;
applicantRepository.Update(applicantDB);
}
else
{
loginResult.LoginSuccess = false;
loginResult.LoginError = "This account has been permanently banned.";
}
}
else
{
loginResult.LoginSuccess = false;
loginResult.LoginError = "This account is now temporarily disabled please wait " + passwordFailureTimeoutMins + " minutes before trying again";
applicantDB.LastLoginFailure = DateTime.Now;
applicantDB.LoginFailureCount = applicantDB.LoginFailureCount + 1;
applicantRepository.Update(applicantDB);
}
}
else
{
loginResult.LoginSuccess = false;
loginResult.LoginError = "Your password or login may not be correct.";
applicantDB.LastLoginFailure = DateTime.Now;
applicantDB.LoginFailureCount = applicantDB.LoginFailureCount + 1;
applicantRepository.Update(applicantDB);
}
}
return JsonConvert.SerializeObject(loginResult);
}
as you can see it returns a JsonConvert.SerializeObject(loginResult).
when this is done the process returns to the Login ActionResult as above it then moves to the GetLoginResult() method as shown below:
GetLoginResult
public LoginResult GetLoginResult()
{
const string uri = "http://localhost:55830/api/Applicant/CheckApplicant";
using (var httpClient = new HttpClient())
{
var response = httpClient.GetStringAsync(uri);
return JsonConvert.DeserializeObject<LoginResult>(response.Result);
}
}
when it get to this point it returns an error 405 method not allowed.
How do I consume the loginResult at the mvc 4 app level and what is the best way of sending the loginResult from the web api?
Any advice would be greatly appreciated.
Not sure what exactly you are trying to do but are you making a GET to read the result of the previous POST? You can read the response message of POST to get the result, like this.
public async Task<ActionResult> Login(AccountViewModel model)
{
if (!ModelState.IsValid) return View("Login", model);
var message = await _client.PostAsJsonAsync
("api/Applicant/CheckApplicant", model);
message.EnsureSuccessStatusCode();
LoginResult result = await message.Content.ReadAsAsync<LoginResult>();
// do other stuff here
}
Change the web API action method to return LoginResult directly. The framework will serialize it for you.
public LoginResult CheckApplicant(Applicant applicant)
{
}