Access form post Data without request.Form - file-upload

I know this is very weird but I get following error on my page and I know I can't have Request.form with ENCTYPE="multipart/form-data" Cannot call BinaryRead after using Request.Form collection.
My Actual Uploader page I use Forms collection to access form data like Uploader.Form("txtTitle").
But on this uploder page I have included couple of ASP pages which are standard thruout app for other security checks and etc and those pages use Request.form.
What's other alternative to access form post data without Request.form on those security pages? Since those are common pages use by all other pages which don't have ENCTYPE="multipart/form-data" on their forms.
Thanks in advance!

Put the includes' code which uses Request.Form inside a function, than pass values as parameters to the function instead of using Request.Form
So in your page it will look something like this:
<!--#INCLUDE FILE="myinclude.asp"-->
MyIncludeFunction Uploader.Form("MyIncludeFunctionParameter")
And in all other pages:
<!--#INCLUDE FILE="myinclude.asp"-->
MyIncludeFunction Request.Form("MyIncludeFunctionParameter")

Related

submit button not working when generated from AJAX

I got an ASP NET Core RazorPage having a button which asynchronously replaces a part of the given HTML using an AJAX request.
Besides some text content it renders another button which is intended to post back the side when clicked. It is surrounded by a form element.
However, clicking the button I receive an HTTP 400 with the information "This page isn't working" (Chrome). Other browsers like Firefox return an HTTP 400 as well.
The relevant HTML with the button which has been created by the AJAX call is the one below:
<form method="post">
<button class="btnIcon" title="Todos" id="btnTodos" formaction="PersonManagement/Parts/MyPageName?handler=PerformTodos">Execute action</button>
</form>
As the url exists (I doublechecked it using the browser with a simple GET) I wonder whether the issue could be due to some security settings along with the browser or is there anything I am perhaps missing out here?
Thank you for any hint
Two things here first add this attribute to your form asp-antiforgery="true", then send it's value to the server in your AJAX post request.
jQuery magic starts here :)
token: $('[name=__RequestVerificationToken]').val(),
Antiforgery is ON by default since .net core 2.0 (as far as I remember), so if you do AJAX post you need to send the antiforgery token with each request.
Let us know if it helps. Spread knowledge don't hide it just for yourself :P
Finally I came across a very interesting article from Matthew Jones at https://exceptionnotfound.net/using-anti-forgery-tokens-in-asp-net-core-razor-pages/ about Anti-Forgery Tokens in Razor pages. Worth reading, indeed.
However, independently from that article what solved my issue was simply not to add the <form .. element at the client-side, but already at the server-side. As there is no need for me to explicitly adding it at the client-side, but only the button itself, this is a solution for me which works properly.
A brief summary of my scenario now:
There is a Razor Page containing usual cshtml content along with a <form method="post"..
Some anchor elements also are included, one is triggering a JQuery AJAX call to the server
The JQuery call comes back from the server with some additional HTML including the post button which which I add to the existing HTML.
The button is being rendered inside the now already existing
Clicking the button causes the page to post back in the wanted manner and executes the handler as intended.
Thanks again Stoyan for your input and help with that.

ASP.NET Core Client Side Validation With Dynamic Contents

I have some dynamic content that is loaded by AJAX and added to the current page. This content is essentially a form that is rendered on the server-side which includes client-side validation attributes. The problem is, when the resulting form is validated using unobtrusive validation - the original plus the dynamic, AJAX-loaded -, the validation on the form part that came from AJAX does not fire.
Is it possible to include it in the client validation?
The solution was to do:
//add content to the form
$(form).removeData("validator").removeData("unobtrusiveValidation");
$.validator.unobtrusive.parse(form);
There is documentation from Microsoft available at https://learn.microsoft.com/en-us/aspnet/core/mvc/models/validation#client-side-validation, but it has a small error, on which the removeData method is being called on the form element instead of the jQuery wrapping it.

PrestaShop - Reload CMS page with additional parameters

Situation: I needed to add form with POST method to CMS page. I created custom hook and a module displaying the form successfully. Then I need to react to user input errors eg. when user doesn't enter email address I need to detect it, display the whole page again together with the form and with "errors" in user input clearly stated.
Problem: The problem is to display the WHOLE page again with connected information (eg. about errors etc.). In the module PHP file when I add this kind of code,
return $this->display(__FILE__, 'modulename.tpl');
it (naturally) displays ONLY the form, not the whole CMS page with the form.
In case of this code,
Tools::redirectLink('cms.php?id_cms=7');
I can't get to transfer any information by GET neither POST method.
$_POST['test'] = 1;
Tools::redirectLink('cms.php?id_cms=7&test');
I tried to assign to smarty variables too
$smarty->assign('test', '1');
(I need to use it in .tpl file where the form itself is created) but no way to get it work.
{if isset($test)}...,
{if isset($smarty.post.test)}...,
{if isset($_POST['test'])}... {* neither of these conditionals end up as true *}
Even assigning a GET parameter to url has no impact, because there is link rewriting to some kind of friendly url I guess, no matter I included other argument or not. ([SHOPNAME]/cms.php?id_cms=7&test -> [SHOPNAME]/content/7-cmspage-name)
My question is: is there a way to "redirect" or "reload" current page (or possibly any page generally) in prestashop together with my own data included?
I kind of explained the whole case so I'm open to hear a better overall solution than my (maybe I'm thinking about the case in a wrong way at all). This would be other possible answer.
The simplest method would be to use javascript to validate the form - you can use jQuery to highlight the fields that are in error; providing visual feedback on how the submission failed. In effect you don't allow the user to submit the form (and thus leave the page) until you're happy that the action will succeed. I assume that you will then redirect to another page once a successful submission has been received.
There's lots of articles and how-tos available for using javascript, and indeed jQuery for form validation. If you want to keep the site lean and mean, then you can provide an override for the CMS controller and only enqueue the script for the specific page(s) you want to use form validation on.
If the validation is complex, then you might be best using AJAX and just reloading the form section of your page via a call to your module. Hooks aren't great for this kind of thing, so you might want to consider using an alternative mnethod to inject your code onto the cms page. I've written a few articles on this alternative approach which can be found on my prestashop blog

Would like to add some custom ajax & javascript to activeadmin based application

Hi guys I'm working on this application using activeadmin. I've come to a point where I would like to add in some ajax based functions. I have the basic form set up using teh activeadmin resource and it generates a very pretty form.
I would like to while the user is entering the details on the form - run a ajax call which would retrieve some html based on the values being entered and populate it on the page.
More likely I would like a way to add custom javascript to the page. Whats the best way to do this - I'm facing issues with returning html without the entire activeadmin layout coming with it.
You can use the /config/initializers/active_admin.rb
You can add javascript resources like this:
config.register_javascript 'my_functions.js'
I use to put code directly to /app/assets/javascripts/active_admin.js
You can also include script in /config/initializers/active_admin.rb

Keeping DRY with progressive enhancement

I'm building a website with very small amounts of Javascript, just to add things to the page (like a contact form) without having to go to a new page.
I understand that I should build the contact page anyways (just in case the user doesn't have javascript turned on) and then use javascript if they've got it.
So where do I store the HTML for the form if I don't want to have it in two places?
(Normally I'm not so picky, but I'm curious on this one.)
If you have access to a server-side language, you can keep a separate snippet of the form in an external page. Then, you can include the snippet into the HTML content page with an appropriate include call. This has the added benefit that, for your JavaScript, you can pull the contact form from this snippet file using AJAX. In fact, many plugins allow you to display DHTML windows with HTML content. For example, check out ThickBox.
Without a server-side language, you can do something similar with frames. Just display the form snippet in a frame when you need to reference it. Personally, I don't like frames very much, so this isn't a very attractive solution for me, but you can use it if you choose (and style the frames appropriately).
Just put your HTML for the contact form in a .html file. Assuming you're using PHP or something, just include the file in your contact page and include it in the section for your dynamic contact form. The form should still submit to the same server-side page and have the same look and feel..
e.g. contactForm.html
<div class="contact-form">
<input ....>
</div>