European ASP.NET MVC Hosting

BLOG about Latest ASP.NET MVC Hosting and Its Technology - Dedicated to European Windows Hosting Customer

European ASP.NET Core 8.0.1 Hosting - HostForLIFE :: How to Restrict Uploaded File Type in ASP.NET Core?

clock March 15, 2024 08:57 by author Peter

In ASP.NET Core MVC, you can restrict the file types that can be uploaded by adding server-side validation. Here's a simple example of how to accomplish this:

Why do we need to restrict uploaded File Type in an ASP.NET Core?

  • Security: Allowing unrestricted file uploads can pose security risks. Certain file types, such as executable files (.exe), scripts (.js, .ps1), or files containing macros (.docm), could be used to execute malicious code on the server or client-side when downloaded. Restricting file types mitigates these risks by preventing potentially harmful files from being uploaded.
  • Data Integrity: Limiting the accepted file types ensures that the application only processes files that are compatible with its functionality. Accepting only specific file types reduces the chances of errors or unexpected behavior caused by unsupported file formats.
  • Compliance: In some industries or applications, there might be regulatory or compliance requirements regarding the types of files that can be uploaded. Enforcing restrictions helps ensure compliance with such standards.
  • Resource Management: Different file types require different processing and storage resources. By restricting the allowed file types, you can better manage server resources and avoid unnecessary strain on the system.
  • User Experience: Providing clear restrictions on acceptable file types helps users understand what they can upload, reducing confusion and errors during the file upload process. This improves the overall user experience of the application.

1-Client-Side Validation (Optional): You can use the HTML5 accept attribute on your file input to restrict file types. However, keep in mind that this can be easily bypassed by users, so server-side validation is essential.
<input type="file" name="file" accept=".pdf,.doc,.docx">

2. Server-Side Validation: In your controller action, where you handle the file upload, you can check the file's content type or extension and reject files that are not allowed.
Add a controller

  • In Solution Explorer, right-click Controllers > Add > Controller.
  • In the Add New Scaffolded Item dialog box, select MVC Controller - Empty > Add.
  • In the Add New Item - RestrictUploadedFileSize_Demo dialog, enter FileUploadController.cs and select Add.

Replace the contents of Controllers/ FileUploadController.cs with the following code.
using Microsoft.AspNetCore.Mvc;

namespace RestrictUploadedFileSize_Demo.Controllers
{
    public class FileUploadController : Controller
    {
        public IActionResult Index()
        {
            return View();
        }

        [HttpPost]
        public async Task<IActionResult> FileUpload(IFormFile SingleFile)
        {
            if (SingleFile == null || SingleFile.Length == 0)
            {
                ModelState.AddModelError("", "File not selected");
                return View("Index");
            }

            var permittedExtensions = new[] { ".jpg", ".png", ".gif" };
            var extension = Path.GetExtension(SingleFile.FileName).ToLowerInvariant();

            if (string.IsNullOrEmpty(extension) || !permittedExtensions.Contains(extension))
            {
                ModelState.AddModelError("", "Invalid file type.");
            }

            // Optional: Validate MIME type as well
            var mimeType = SingleFile.ContentType;
            var permittedMimeTypes = new[] { "image/jpeg", "image/png", "image/gif" };
            if (!permittedMimeTypes.Contains(mimeType))
            {
                ModelState.AddModelError("", "Invalid MIME type.");
            }

            //Validating the File Size
            if (SingleFile.Length > 10000000) // Limit to 10 MB
            {
                ModelState.AddModelError("", "The file is too large.");
            }

            if (ModelState.IsValid)
            {
                var filePath = Path.Combine(Directory.GetCurrentDirectory(), "wwwroot/uploads", SingleFile.FileName);

                //Using Streaming
                using (var stream = new FileStream(filePath, FileMode.Create, FileAccess.Write))
                {
                    await SingleFile.CopyToAsync(stream);
                }

                // Process the file here (e.g., save to the database, storage, etc.)
                return View("UploadSuccess");
            }

            return View("Index");
        }
    }
}


This code snippet checks both the file extension and content type to ensure that it meets your criteria. You can adjust the allowed file types and content types according to your requirements. Additionally, you can improve this validation logic based on your specific needs, such as checking the file's signature or using a more comprehensive file type validation library.Add a view

  • Right-click on the Views folder, then Add > New Folder and name the folder Companies
  • Right-click on the Views/ FileUpload folder, and then Add > New Item.
  • In the Add New Item dialog, select Show All Templates.
  • In the Add New Item - RestrictUploadedFileSize_Demo dialog:
  • In the search box in the upper-right, enter the view
  • Select Razor View - Empty
  • Keep the Name box value, Index.cshtml.
  • Select Add
  • Replace the contents of the Views/Companies/Index.cshtml Razor view file with the following:

Index.cshtml
@{
    ViewData["Title"] = "Index";
}

<h2>File Upload</h2>
<hr />
<div class="row">
    <div class="col-md-12">
        <form method="post" asp-controller="FileUpload" asp-action="FileUpload"enctype="multipart/form-data">
            <div asp-validation-summary="All" class="text-danger"></div>
            <input type="file" name="SingleFile" class="form-control" />
            <button type="submit" name="Upload" class="btn btn-primary">Upload</button>
        </form>
    </div>
</div>


Run the Application

Select Ctrl+F5 to run the app without the debugger. Visual Studio runs the ASP.NET app and opens the default browser.

Restricting uploaded file types in ASP.NET Core increases security, data integrity, regulatory compliance, resource efficiency, and user experience. It's a critical component of developing robust and secure web apps.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Session Management in ASP.NET Core MVC

clock March 4, 2024 08:32 by author Peter

Importance of Sessions in Web Applications
Sessions bridge this gap by providing a means to preserve user-specific data across multiple requests within a defined period.

  • Maintain User Identity: Sessions are instrumental in user authentication and authorization processes. They allow web applications to identify and track users across various interactions, ensuring secure access to restricted resources.
  • Customized User Experience: Sessions facilitate the personalization of user experiences by storing user preferences, settings, and browsing history. This enables applications to tailor content and functionality based on individual user profiles.
  • Shopping Carts and E-commerce: In e-commerce applications, sessions are indispensable for managing shopping carts and order processing. By persisting cart contents and user selections across page transitions, sessions streamline the purchasing journey and enhance user convenience.
  • Form Persistence: Sessions enable the retention of form data entered by users, safeguarding against data loss during navigation or submission errors. This ensures a seamless and uninterrupted form-filling experience.
  • Tracking User Activity: Sessions empower web analytics and tracking mechanisms by storing user session data, such as page views, interactions, and session duration. This information aids in understanding user behavior and optimizing website performance.

Implement Session Management in ASP.NET Core MVC
Create a New ASP.NET Core MVC Project: Start by creating a new ASP.NET Core MVC project in Visual Studio or using the .NET CLI.

Install Required Packages
Install the required packages for session management using NuGet Package Manager or the .NET CLI. In this example, we'll need the Microsoft.AspNetCore.Session package.

Configure Services

In the ConfigureServices method of the Startup class, add the session services using services.AddSession().

Configure Middleware

In the Configure method of the Startup class, use the session middleware using the app.UseSession().

Create Controllers

Create controllers to handle your application's logic. For this example, we'll use HomeController and RecordsController.

Here I have created a home cotroller with an Index action method to set data into session.
public class HomeController : Controller
{
    private readonly ILogger<HomeController> _logger;

    public HomeController(ILogger<HomeController> logger)
    {
        _logger = logger;
    }

    public IActionResult Index()
    {
        // Add list of records to session
        var records = new List<Record>
        {
            new Record { Id = 1, Name = "Record 1" },
            new Record { Id = 2, Name = "Record 2" },
            // Add more records here as needed
        };

        var serializedRecords = JsonSerializer.Serialize(records);
        HttpContext.Session.SetString("Records", serializedRecords);
        return RedirectToAction("GetRecords", "Records");
    }
}


Store Data in Session
In one of your controller actions (for example, the Index action of HomeController), store the data you want to maintain in the session. Serialize complex types like lists into strings or byte arrays before storing them.

I have stored data using var serializedRecords = JsonSerializer.Serialize(records);

Retrieve Data from Session
In another controller action (for example, the GetRecords action of RecordsController), retrieve the data from the session. Deserialize the stored data back into its original type if necessary.

public class RecordsController : Controller
{
    public IActionResult GetRecords()
    {
        // Retrieve list of records from session
        var records = HttpContext.Session.Get<List<Record>>("Records");
        return View(records);
    }
}


Summary
Session management is a fundamental aspect of web development, enabling developers to create interactive, personalized, and secure web applications.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: How Do I Use Twilio to Send SMS in a C#.NET MVC Project?

clock February 27, 2024 06:45 by author Peter

In today's fast-paced world, where everyone uses hundreds of websites and applications every day, there are numerous in-app notifications, and all communication is critical. However, these in-app notifications will only appear when we start the app. As a result, introducing SMS capabilities into projects can greatly boost user engagement and participation. Twilio, a well-known cloud communications company, has a robust API that enables developers to easily send and receive SMS texts, among other communication functions.


This post will show you how to integrate Twilio to send SMS in a C# MVC project from scratch. So, before we get started with the project, let's register a Twilio account.

Setting up a Twilio account
To create a Twilio account, we first need to sign up, which is simple. If you already have a Twilio account, you can skip step 1 and proceed to step 2.

Step 1: Sign up for Twilio
Sign up by entering your basic information on the following link: www.twilio.com. By clicking "Continue," you will be taken to another page to validate your email address. Once the email address has been verified, you must also verify your phone number. Following that, you will be taken to another page containing a recovery code. Please copy the code and store it somewhere safe for future use.

Step 2: Login to Twilio
If you are checking in for the first time, Twilio will prompt you with a few questions. Simply answer them, and it will lead you to the dashboard/

Step 3. Get the Phone Number
Click on the "Get Phone Number" button, and you will receive the number. Before purchasing their plan, your account will be a trial account, and the number given to you will be a trial number.

Step 4. Get SID and Auth Token
In the same screen, you will have a section named "Account Info", where you will following information -Account SID, Auth Token, and My Twilio phone number, which we will be using during development.

Step 5. Verify Phone Numbers
This step is only for trial account users. Since it is a trial account, you will need to verify the numbers, on which you want to send the SMS using your project. You can skip this step if you have purchased a Twilio SMS plan. To verify numbers follow the following steps.

  • Click on the verified phone numbers link, you will be redirected to another page.
  • Click on the "Add a new caller ID" button in the right corner. A popup will open to add the number.
  • Select the country, number, and mode through which you want to verify the number.
  • Click verify the number, you will get an OTP on the number you just entered.
  • Enter the OTP to verify the number and it will be shown in verified caller IDs.

Now that you have set up the Twilio account. Let's move to the project.

Setting up the project

You can either create a new project or you can integrate Twilio into an existing project. Here, I have created a demo project to integrate Twilio in it and created a Controller named "TwilioIntegrationController". In this controller, I will be writing Twilio-related code. Let's move to the project.

Step 1. Install dependencies
To be able to integrate Twilio in the project, you will need some dependencies, that will help Twilio run.

  • Click on Tools.
  • Select "Nuget Package Manager".
  • Click "Manage Nuget Package for solution".
  • In the Browse section, search for Package "Twilio" and install the solution.
  • Then, search "Twilio.AspNet.Mvc" and install it too.

Now that you have installed all the necessary dependencies. Let's move to the next step.

Step 2. Code to Send SMS

In the "TwilioIntegrationController", write your code for sending SMS. Here, I am putting all my code in one file. But you should put the necessary code where it should be.
using Microsoft.AspNetCore.Mvc;
using Twilio;
using Twilio.Rest.Api.V2010.Account;

namespace TwilioIntegration.Controllers
{
public class TwilioIntegrationController : Controller
{
    [Route("send-SMS")]
    public IActionResult SendSMS()
    {
        string sId = ""; // add Account from Twilio
        string authToken = ""; //add Auth Token from Twilio
        string fromPhoneNumber = "+120*******"; //add Twilio phone number

        TwilioClient.Init(sId, authToken);
        var message = MessageResource.Create(
            body: "Hi, there!!",
            from: new Twilio.Types.PhoneNumber(fromPhoneNumber),
            to: new Twilio.Types.PhoneNumber("+9175********") //add receiver's phone number
        );
        Console.WriteLine(message.ErrorCode);
        return View(message);
    }
}
}

Code Explanation
In the above code,

  • Add 'using Microsoft.AspNetCore.Mvc;', 'using Twilio;', 'using Twilio.Rest.Api.V2010.Account;' to use Twilio API in the code.
  • Then, I have created a method named SendSMS().
  • In the method, I created three string variables - sId, authToken, and fromPhoneNumber to store Twilio account SId, Auth Token, and Twilio phone number. I have placed all three in this method, but you should store them in an appsettings file and access them from there.
  • Then initiate TwilioClient by passing your account SId and Auth Token, using this lineTwilioClient.Init(sId, authToken);.
  • In the next line "MessageResource.Create()" is a method call to create a new SMS message using the Twilio API. It indicates that we are creating a new message resource. We are passing the message body, from phone number and to phone number in it. It creates the message and sends it using the Twilio API.
  • In the next line, I have consoled the ErrorCode, if any error occurs during the sending of SMS.
Step 3: Call the aforementioned procedure
Call the method we defined previously from your code to send SMS from anywhere in your code, and Twilio will send the SMS to the account you specified earlier.

The above image shows that the message was successfully sent from the project, and the body is the same as we specified in our code. However, because we are using a trial account, Twilio automatically inserts the prefix "Sent from your Twilio trial account-" to all messages sent from your trial account. As a result, real-world projects benefit from purchasing a plan.

Conclusion
In this article, we learned how to create a Twilio account, configure it, and connect Twilio with the code in the C# MVC project. By setting up a Twilio account and using Twilio's API, developers may simply send and receive SMS messages, providing a valuable tool for increasing project functionality and user experience.

In the same way, Twilio can be integrated into other languages. The method is virtually identical. You may also use Twilio to deliver WhatsApp messages, audio messages, and other types of messaging by integrating it into your project. This connection enables developers to use Twilio's strong cloud communication infrastructure to improve their projects across many programming languages, resulting in more effective communication and user engagement.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Async Patterns in MVC Controllers: Are they Efficient or Add Unnecessary Complexity?

clock February 22, 2024 09:05 by author Peter

Previously, when I started implementing action methods within controllers, I took a standard approach that seemed to work. However, my curiosity drove me to investigate various ways, and what I discovered was a wide world of coding styles. It became clear that the way I developed my code was only one option among several. As I compared my methods to those used by other developers, I began to wonder if there were major disparities in logic, performance, or other factors.

In this post, we will delve into the complexities of MVC controller methods, investigating the influence of asynchronous design decisions and throwing light on the rationale for seemingly complex async patterns.

As you can see below.

In MVC controllers, one function gets users regularly, while another adds 'async' but not 'await.'

1. Normal action method in the controller
[HttpGet]
public IActionResult GetUsers()
{
    // Retrieve a list of all user objects synchronously.
    List<User> userList = _dbService.ReadAllUsers();
    return View(userList);
}
2) Action method contains async keyword without await keyword[HttpGet]
public async Task<IActionResult> GetUsers()
{
  //Do some work and get a list of all user-objects.
  List<User> userList = _dbService.ReadAllUsers();
  return View(userList);
}

In terms of functionality, the first and second methods will act similarly because the 'async' method does not contain the 'await' keyword. Both techniques will execute simultaneously, and the distinction is not relevant in this case. However, it's worth noting that the second function is declared as an asynchronous method (async Task<IActionResult>), although there are no asynchronous operations.

The method is declared as asynchronous (async Task<IActionResult>), but there are no actual asynchronous actions with the await keyword. The ReadAllUsers() method is called synchronously, with no asynchronous operations awaiting it.

3) The Action method contains async and await keyword
[HttpGet]
public async Task<IActionResult> GetUsers()
{
    // Do some work and get a list of all user-objects.
    List<User> userList = await _dbService.ReadAllUsersAsync();
    return View(userList);
}


When you use 'await' with an asynchronous operation, like _dbService.ReadAllUsersAsync(), the method will pause and wait for the asynchronous operation to complete. Importantly, the thread is not blocked during this waiting period, allowing other tasks or operations to proceed concurrently. However, in this specific case, where there is no additional asynchronous work to be performed while waiting for the _dbService.ReadAllLinesAsync() operation, the asynchronous version doesn't offer any noticeable advantages. Consequently, there wouldn't be a significant difference between the two methods.

Summary
All three of the approaches listed above will work the same way. Why write in such a sophisticated way? In a web application, using async and await might be useful, especially when dealing with many requests. It is regarded best practice to utilize async and await when there are true asynchronous operations to run or when they are expected to be introduced in the future.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Custom Filter In MVC Or Logging Using MVC Filter

clock February 15, 2024 08:34 by author Peter

In my MVC project, I want to build a filter that records every controller action. All I'm doing is injecting an ILogger object to log the logs into my table storage. This blog post explains how to make an action filter and how to add it to any action, controller, or global location.


Make an Action filter class:

    namespace Filter {  
        using System;  
        using Microsoft.AspNetCore.Mvc.Filters;  
        using Microsoft.AspNetCore.Routing;  
        using Core.Logging;  
        /// <summary>  
        /// This is tog every action activity  
        /// </summary>  
        /// <seealso cref="Microsoft.AspNetCore.Mvc.Filters.ActionFilterAttribute" />  
        [AttributeUsage(AttributeTargets.Class)]  
        public class LogActionFilterAttribute: ActionFilterAttribute {  
            private readonly ILogger logger;  
            /// <summary>  
            /// Initializes a new instance of the <see cref="LogActionFilterAttribute" /> class.  
            /// </summary>  
            /// <param name="logger">The logger.</param>  
            public LogActionFilterAttribute(ILogger logger) {  
                this.logger = logger;  
            }  
            /// <summary>  
            /// Called when [action executing].  
            /// </summary>  
            /// <param name="context">The filter context.</param>  
            public override void OnActionExecuting(ActionExecutingContext context) {  
                this.Log("OnActionExecuting", context.RouteData);  
                base.OnActionExecuting(context);  
            }  
            /// <summary>  
            /// Called when [action executed].  
            /// </summary>  
            /// <param name="context"></param>  
            /// <inheritdoc />  
            public override void OnActionExecuted(ActionExecutedContext context) {  
                this.Log("OnActionExecuted", context.RouteData);  
                base.OnActionExecuted(context);  
            }  
            /// <summary>  
            /// Called when [result executing].  
            /// </summary>  
            /// <param name="context">The filter context.</param>  
            public override void OnResultExecuting(ResultExecutingContext context) {  
                this.Log("OnResultExecuting", context.RouteData);  
                base.OnResultExecuting(context);  
            }  
            /// <summary>  
            /// Called when [result executed].  
            /// </summary>  
            /// <param name="context">The filter context.</param>  
            public override void OnResultExecuted(ResultExecutedContext context) {  
                this.Log("OnResultExecuted", context.RouteData);  
                base.OnResultExecuted(context);  
            }  
            /// <summary>  
            /// Logs the specified method name.  
            /// </summary>  
            /// <param name="methodName">Name of the method.</param>  
            /// <param name="routeData">The route data.</param>  
            private void Log(string methodName, RouteData routeData) {  
                var controllerName = routeData.Values["controller"];  
                var actionName = routeData.Values["action"];  
                string message = $ "MethodName :{methodName} , controller:{controllerName} , action:{actionName}";  
                this.logger.log(message);  
            }  
        }  
    }  

How to make any controller to use this action filter:

Method 1
If you want the functionality to enable for all controllers by default

In starup.cs write the below line:
services.AddMvc(options =>  

options.Filters.Add(typeof(LogActionFilterAttribute));  

});  

Method 2
If you want to use it in Controller specifically:

In starup.cs write the below line:
services.AddScoped<LogActionFilterAttribute>();    

In Action Method or controller use the below attribute:
[ServiceFilter(typeof(ExampleFilterWithDI))]  



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Stars Rating System in ASP.NET Core MVC with Dapper

clock January 30, 2024 07:14 by author Peter

The construction of ASP.NET Core MVC web applications using controllers and views is covered in this lesson. There are various phases involved in implementing a star rating system using Dapper in.NET Core. To save ratings, you must first configure your database schema. Next, in order to communicate with the database, you'll need to establish the Dapper repository and the required model classes.

What is Rate Yo?
Rate Yo is a free, tiny, and flexible jQuery star rating plugin, it uses SVG to generate an image and render rating, so no images are required.

Prerequisites

  • Visual Studio is the latest version with the ASP.NET and web development workload.
  • .NET SDK latest version (.NET 8.0)
  • SQL SERVER latest

Making a table in a database
Start SQL Server, choose Database, then click Create New Database.

CREATE TABLE [dbo].[t_company_rating]
(
    [f_uid]              UNIQUEIDENTIFIER PRIMARY KEY NOT NULL,
    [f_iid]              INT              IDENTITY (1, 1) NOT NULL,
    [f_company_name]     NVARCHAR (100)   NULL,
    [f_company_location] NVARCHAR (100)   NULL,
    [f_country]          NVARCHAR (100)   NULL,
    [f_glassdoor_rating] FLOAT (53)       NULL,
)

Starting a New Visual Studio Project
Open Visual Studio, then choose File > New Project.


Make a Web Application

  • Launch Visual Studio, then choose File > New Project
  • Select the ASP.NET Core Web App (Model-View-Controller) > Next option from the Create a new project dialog box

Setting Up Your New Project
Enter RatingSystem_Demo as the project name in the Configure your new project dialog.

  • The project should be named RatingSystem_Demo. When copying code, capitalization must match each namespace.
  • Select a place to work on your project.
  • Name the solution.
  • Click on Next.

Additional information
In the Additional information dialog.

  • Select .NET 8.0 (Long Term Support).
  • Verify that Do not use top-level statements is unchecked.
  • Select Create.

Option 1. Install the Dapper, Microsoft.Data.SqlClient Library through NuGet Package Manager

  • Go to Project > Manage NuGet Packages.
  • On the NuGet Package Manager page, select nuget.org as the Package source.
  • Under the Browse tab, search for Dapper, then choose Dapper from the list and select Install.
  • If prompted to verify the installation, click OK.

Option 2: Using the Visual Studio Command Line to install the Dapper Library
Go to Tools > NuGet Package Manager > Package Manager Console in Visual Studio.
Under the Package Manager Console tab, type the following command.
Install-Package Dapper

Add RateYo library files

Library files can be added to an ASP.NET Core project in two different ways.

  • Use the Add Client-Side Library dialog
  • Manually configure LibMan manifest file entries

Use the Add Client-Side Library dialog
Follow these steps to install a client-side library.
In Solution Explorer, right-click the project folder in which the files should be added. Choose Add > Client-Side Library. The Add Client-Side Library dialog appears.

Add Client-side Library

The suggested Target Location folder is based on the location from which the dialog is launched.
If launched from the project root.

  • wwwroot/lib is used if wwwroot exists.
  • lib is used if wwwroot doesn't exist.
  • If launched from a project folder, the corresponding folder name is used.

The folder suggestion is suffixed with the library name. The following table illustrates folder suggestions when installing jQuery in a Razor Pages project.

Click the Install button to download the files, per the configuration in libman.json.

Add a data model class

Right-click the Models folder > Add > Class. Name the file CompanyModel.cs.
Replace the Models/CompanyModel.cs file with using c# following code.
The CompanyModel class contains a f_uid field, which is required by the database for the primary key.

CompanyModel.cs
using System.ComponentModel.DataAnnotations;

namespace RatingSystem_Demo.Models
{
    public class CompanyModel
    {
        public Guid f_uid { get; set; }

        [Display(Name ="ID")]
        public int f_iid { get; set; }

        [Display(Name = "Company Name")]
        public string f_company_name { get; set; }

        [Display(Name = "Location")]
        public string f_company_location { get; set; }

        [Display(Name = "Country")]
        public string f_country { get; set; }

        [Display(Name = "Glassdoor Rating")]
        public float f_glassdoor_rating { get; set; }
    }
}


Adding interfaces

  • In Solution Explorer, right-click Add New Folder.
  • Rename the folder to Repositories.
  • Right-click on the renamed folder and Add the interface name IGenericRepository.cs

IGenericRepository.cs
namespace RatingSystem_Demo.Repositories
{
    public interface IGenericRepository<T> where T : class
    {
        Task<IEnumerable<T>> Get();
        Task<T> Find(Guid uid);
        Task<T> Add(T model);
        Task<T> Update(T model);
        Task<T> Remove(T model);
    }
}


IUnitOfWork.cs
namespace RatingSystem_Demo.Repositories
{
    public interface IUnitOfWork
    {
        ICompany Companies { get; }
    }
}

ICompany.cs
using RatingSystem_Demo.Models;

namespace RatingSystem_Demo.Repositories
{
    public interface ICompany:IGenericRepository<CompanyModel>
    {

    }
}


Interface Implementation
UnitOfWork.cs
namespace RatingSystem_Demo.Repositories
{
    public class UnitOfWork : IUnitOfWork
    {
        public ICompany Companies { get; set; }
        public UnitOfWork(ICompany Companies)
        {
            this.Companies = Companies;
        }
    }
}

CompanyRepository.cs
using Dapper;
using Microsoft.Data.SqlClient;
using RatingSystem_Demo.Models;

namespace RatingSystem_Demo.Repositories
{
    public class CompanyRepository : ICompany
    {
        private readonly IConfiguration _configuration;
        private readonly SqlConnection _connection;
        public CompanyRepository(IConfiguration configuration)
        {
            _configuration = configuration;
            _connection = new SqlConnection(_configuration.GetConnectionString("DefaultConnection"));
        }
        public async Task<IEnumerable<CompanyModel>> Get()
        {
            var sql = $@"
                        SELECT [f_uid]
                              ,[f_iid]
                              ,[f_company_name]
                              ,[f_company_location]
                              ,[f_country]
                              ,[f_glassdoor_rating]
                          FROM
                               [Sample-DB].[dbo].[t_company_rating]
                               ORDER BY f_iid ASC";

            return await _connection.QueryAsync<CompanyModel>(sql);
        }
        public async Task<CompanyModel> Find(Guid uid)
        {
            var sql = $@"
                        SELECT [f_uid]
                              ,[f_iid]
                              ,[f_company_name]
                              ,[f_company_location]
                              ,[f_country]
                              ,[f_glassdoor_rating]
                          FROM [Sample-DB].[dbo].[t_company_rating]
                          WHERE
                               [f_uid]=@uid";

            return await _connection.QueryFirstOrDefaultAsync<CompanyModel>(sql, new { uid });
        }
        public async Task<CompanyModel> Add(CompanyModel model)
        {
            model.f_uid = Guid.NewGuid();

            var sql = $@"
                     INSERT INTO [dbo].[t_company_rating]
                           ([f_uid]
                           ,[f_company_name]
                           ,[f_company_location]
                           ,[f_country]
                           ,[f_glassdoor_rating])
                     VALUES
                           (@f_uid,
                            @f_company_name,
                            @f_company_location,
                            @f_country,
                            @f_glassdoor_rating)";

            await _connection.ExecuteAsync(sql, model);
            return model;
        }
        public async Task<CompanyModel> Update(CompanyModel model)
        {
            var sql = $@"UPDATE [dbo].[t_company_rating]
                        SET
                            [f_company_name] = @f_company_name,
                            [f_company_location] = @f_company_location,
                            [f_country] = @f_country,
                            [f_glassdoor_rating] = @f_glassdoor_rating
                         WHERE
                            f_uid=@f_uid";

            await _connection.ExecuteAsync(sql, model);
            return model;
        }
        public async Task<CompanyModel> Remove(CompanyModel model)
        {
            var sql = $@"
                        DELETE FROM
                            [dbo].[t_company_rating]
                        WHERE
                            [f_uid]=@f_uid";

            await _connection.ExecuteAsync(sql, model);
            return model;
        }
    }
}

Add a controller

  • In Solution Explorer, right-click Controllers > Add > Controller.
  • In the Add New Scaffolded Item dialog box, select MVC Controller - Empty > Add.
  • In the Add New Item - RatingSystem_Demo dialog, enter CompaniesController.cs and select Add.

Replace the contents of Controllers/CompaniesController.cs with the following code.
using Microsoft.AspNetCore.Mvc;
using RatingSystem_Demo.Models;
using RatingSystem_Demo.Repositories;

namespace RatingSystem_Demo.Controllers
{
    public class CompaniesController : Controller
    {
        private readonly IUnitOfWork unitOfWork;
        public CompaniesController(IUnitOfWork unitOfWork)
        {
            this.unitOfWork = unitOfWork;
        }
        public async Task<IActionResult> Index()
        {
            var companies = await unitOfWork.Companies.Get();
            var ratings = companies.Select(x => x.f_glassdoor_rating).ToList();
            ViewBag.Ratings = string.Join(", ", ratings);
            return View(companies);
        }
        public async Task<IActionResult> Details(Guid id)
        {
            var company = await unitOfWork.Companies.Find(id);
            return View(company);
        }

        public IActionResult Create()
        {
            return View();
        }

        [HttpPost]
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> Create(CompanyModel model)
        {
            var company = await unitOfWork.Companies.Add(model);
            return RedirectToAction(nameof(Index));
        }

        [HttpGet]
        public async Task<IActionResult> Edit(Guid id)
        {
            if (id == Guid.Empty)
            {
                return NotFound();
            }
            var company = await unitOfWork.Companies.Find(id);
            if (company == null)
            {
                return BadRequest();
            }
            return View(company);
        }

        [HttpPost]
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> Edit(Guid id, CompanyModel model)
        {
            if (id == Guid.Empty)
            {
                return NotFound();
            }
            var company = await unitOfWork.Companies.Find(id);
            if (company == null)
            {
                return BadRequest();
            }
            await unitOfWork.Companies.Update(model);
            return RedirectToAction(nameof(Index));
        }
        public async Task<IActionResult> Delete(Guid id)
        {
            if (id == Guid.Empty)
            {
                return NotFound();
            }
            var company = await unitOfWork.Companies.Find(id);
            if (company == null)
            {
                return BadRequest();
            }
            return View(company);
        }

        [HttpPost, ActionName("Delete")]
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> ConfirmDelete(Guid id)
        {
            var company = await unitOfWork.Companies.Find(id);
            await unitOfWork.Companies.Remove(company);
            return RedirectToAction(nameof(Index));
        }
    }
}


Add a view

  • Right-click on the Views folder, then Add > New Folder, and name the folder Companies
  • Right-click on the Views/Companies folder, and then Add > New Item.
  • In the Add New Item dialog, select Show All Templates.
  • In the Add New Item - RatingSystem_Demo dialog:
  • In the search box in the upper-right, enter the view
  • Select Razor View - Empty
  • Keep the Name box value, Index.cshtml.
  • Select Add

Replace the contents of the Views/Companies/Index.cshtml, Create.cshtml, Edit.cshtml and Delete.cshtml Razor view file with the following:

Index.cshtml
@model IEnumerable<RatingSystem_Demo.Models.CompanyModel>

@{
    ViewData["Title"] = "Index";
}

<h4 class="text-uppercase text-center">List of companies</h4>

<p style="float:right"><a asp-action="Create" class="btn btn-primary btn-md rounded-0"><i class="fa-solid fa-plus"></i> Add New</a></p>
<table class="table table-bordered table-striped">
    <thead>
        <tr>
            <th>@Html.DisplayNameFor(model => model.f_iid)</th>
            <th>@Html.DisplayNameFor(model => model.f_company_name)</th>
            <th>@Html.DisplayNameFor(model => model.f_company_location)</th>
            <th>@Html.DisplayNameFor(model => model.f_country)</th>
            <th>@Html.DisplayNameFor(model => model.f_glassdoor_rating)</th>
            <th>Action(s)</th>
        </tr>
    </thead>
    <tbody>
        @foreach (var item in Model) {
        <tr>
            <td>@item.f_iid</td>
            <td><a style="text-decoration:none" href="@Url.Action("Details","Companies", new { id = item.f_uid })">@item.f_company_name</a></td>
            <td>@item.f_company_location</td>
            <td>@item.f_country</td>
            <td>
                <span style="float:left;display:inline">@item.f_glassdoor_rating <span style="float:left;display:inline" class="rateYo"></span></span>
            <td>
                <a href="@Url.Action("Edit","Companies", new { id = item.f_uid })" class="btn btn-info btn-sm rounded-0"><i class="fa-solid fa-pen-to-square"></i></a>
                <a href="@Url.Action("Delete","Companies", new { id = item.f_uid })" class="btn btn-danger btn-sm rounded-0"><i class="fa-solid fa-trash"></i></a>
            </td>
        </tr>
}
    </tbody>
</table>
@section Scripts {
    @{
        await Html.RenderPartialAsync("_ValidationScriptsPartial");
    }
    <script type="text/javascript">
        $(function () {
             var demoRatings = [@ViewBag.Ratings],
            stars = $('.rateYo');
            for (var i = 0; i < stars.length; i++) {
                $('.rateYo').eq(i).rateYo({
                    rating: demoRatings[i],
                    readOnly: true
                });
            }
        });
    </script>
}

Create.cshtml
@model RatingSystem_Demo.Models.CompanyModel

@{
    ViewData["Title"] = "Create";
}
<div class="container">
    <div class="card">
        <div class="card-header">
            <h4>Compnay</h4>
        </div>
        <div class="card-body">
            <div class="row">
                <div class="col-md-4">
                    <form asp-action="Create">
                        <div asp-validation-summary="ModelOnly" class="text-danger"></div>
                        <div class="form-group">
                            <label asp-for="f_company_name" class="control-label"></label>
                            <input asp-for="f_company_name" class="form-control" />
                            <span asp-validation-for="f_company_name" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_company_location" class="control-label"></label>
                            <input asp-for="f_company_location" class="form-control" />
                            <span asp-validation-for="f_company_location" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_country" class="control-label"></label>
                            <input asp-for="f_country" class="form-control" />
                            <span asp-validation-for="f_country" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_glassdoor_rating" class="control-label"></label>
                            <input asp-for="f_glassdoor_rating" readonly class="form-control counter" />
                            <br />
                            <div id="rateYo"></div>
                            <br />
                            <span asp-validation-for="f_glassdoor_rating" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <input type="submit" value="Save" class="btn btn-primary btn-md rounded-0" />
                            <a asp-action="Index" class="btn btn-primary btn-md rounded-0"><i class="fa-solid fa-backward"></i>Back to List </a>
                        </div>
                    </form>
                </div>
            </div>
        </div>
     </div>
</div>

@section Scripts {
    @{await Html.RenderPartialAsync("_ValidationScriptsPartial");}
    <script>
        $(function () {
            $("#rateYo").rateYo({
                onChange: function (rating, rateYoInstance) {
                    $("#f_glassdoor_rating").val(rating);
                }
            });
        });
    </script>
}

Edit.cshtml
@model RatingSystem_Demo.Models.CompanyModel

@{
    ViewData["Title"] = "Edit";
}

<div class="container">
    <div class="card">
        <div class="card-header">
            <h4>Compnay</h4>
        </div>
        <div class="card-body">
            <div class="row">
                <div class="col-md-4">
                    <form asp-action="Edit">
                        <div asp-validation-summary="ModelOnly" class="text-danger"></div>
                        <input hidden asp-for="f_uid" />
                        <input hidden asp-for="f_iid" />
                        <div class="form-group">
                            <label asp-for="f_company_name" class="control-label"></label>
                            <input asp-for="f_company_name" class="form-control" />
                            <span asp-validation-for="f_company_name" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_company_location" class="control-label"></label>
                            <input asp-for="f_company_location" class="form-control" />
                            <span asp-validation-for="f_company_location" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_country" class="control-label"></label>
                            <input asp-for="f_country" class="form-control" />
                            <span asp-validation-for="f_country" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <label asp-for="f_glassdoor_rating" class="control-label"></label>
                            <input asp-for="f_glassdoor_rating" readonly class="form-control counter" />
                            <br />
                            <div id="rateYo"></div>
                            <br />
                            <span asp-validation-for="f_glassdoor_rating" class="text-danger"></span>
                        </div>
                        <div class="form-group">
                            <input type="submit" value="Save" class="btn btn-primary btn-md rounded-0" />
                            <a asp-action="Index" class="btn btn-primary btn-md rounded-0"><i class="fa-solid fa-backward"></i>Back to List </a>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>

@section Scripts {
    @{
        await Html.RenderPartialAsync("_ValidationScriptsPartial");
    }
    <script>
        $(function () {
            $("#rateYo").rateYo({
                rating: @Model.f_glassdoor_rating,
                onChange: function (rating, rateYoInstance) {
                    $("#f_glassdoor_rating").val(rating);
                }
            });
        });
    </script>
}


Delete.cshtml
@model RatingSystem_Demo.Models.CompanyModel

@{
    ViewData["Title"] = "Delete";
}

<div class="container">
    <div class="card">
        <div class="card-header">
            <h4>Compnay</h4>
        </div>
        <div class="card-body">
            <h5 class="alert alert-danger" role="alert">Are you sure you want to delete this?</h5>
            <dl class="row">
                <dt class="col-sm-2">
                    @Html.DisplayNameFor(model => model.f_iid)
                </dt>
                <dd class="col-sm-10">
                    @Html.DisplayFor(model => model.f_iid)
                </dd>
                <dt class="col-sm-2">
                    @Html.DisplayNameFor(model => model.f_company_name)
                </dt>
                <dd class="col-sm-10">
                    @Html.DisplayFor(model => model.f_company_name)
                </dd>
                <dt class="col-sm-2">
                    @Html.DisplayNameFor(model => model.f_company_location)
                </dt>
                <dd class="col-sm-10">
                    @Html.DisplayFor(model => model.f_company_location)
                </dd>
                <dt class="col-sm-2">
                    @Html.DisplayNameFor(model => model.f_country)
                </dt>
                <dd class="col-sm-10">
                    @Html.DisplayFor(model => model.f_country)
                </dd>
                <dt class="col-sm-2">
                    @Html.DisplayNameFor(model => model.f_glassdoor_rating)
                </dt>
                <dd class="col-sm-10">
                    <div id="rateYo"></div>
                </dd>
            </dl>
        </div>
        <div class="card-footer">
            <form asp-action="Delete">
                <button type="submit" class="btn btn-danger btn-sm rounded-0"><i class="fa-solid fa-trash"></i></button>
                <a asp-action="Index" class="btn btn-primary btn-sm rounded-0"><i class="fa-solid fa-backward"></i></a>
            </form>
        </div>
    </div>
</div>
@section Scripts {
    @{
        await Html.RenderPartialAsync("_ValidationScriptsPartial");
    }
    <script>
        $(function () {
            $("#rateYo").rateYo({
                rating: @Model.f_glassdoor_rating,
                readOnly: true
            });
        });
    </script>
}


Add repository services to the Program.cs
The object get method handles for example the task of connecting to the database and mapping Speaker objects to database records.
The database context get method is registered with the Dependency Injection container using the C# method, for example, the Program.cs file.
builder.Services.AddTransient<ICompany, CompanyRepository>();
builder.Services.AddTransient<IUnitOfWork, UnitOfWork>()

C#
Add Connection String

The ASP.NET Core Configuration system reads the DefaultConnection key. For local development, it gets the connection string from the appsettings.json file.

{
  "ConnectionStrings": {
    "DefaultConnection": "Data Source=farhan1086\\SQLEXPRESS;Initial Catalog=Sample-DB;Integrated Security=True;MultipleActiveResultSets=True;Encrypt=False;TrustServerCertificate=False;"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*"
}

Run the Application
Select Ctrl+F5 to run the app without the debugger. Visual Studio runs the ASP.NET app and opens the default browser.




ASP.NET MVC Hosting - HostForLIFEASP.NET :: ASP.NET MVC Model Binding with Data Annotations

clock January 17, 2024 07:27 by author Peter

ASP.NET MVC enables developers to link server-side models and user interface elements with ease in the dynamic world of web development. In this process, model binding is essential, and data annotations offer a potent toolkit for specifying metadata about the features of the model. This blog offers a thorough how-to for ASP.NET MVC newcomers, with the goal of demystifying the relationship between model binding and data annotations.

The Model-View-Controller architectural pattern, which is used by ASP.NET MVC, has views handle display while controllers handle user input and coordinate interactions between views and models. Models contain data and business logic. The process by which user input from a form or other sources is used to populate the model properties is known as model binding.

On the other side, characteristics added to model properties to provide metadata about how they should be handled during model binding, validation, and rendering are known as data annotations.

Model Binding Basics
Consider a simple scenario where you have a Person model.

public class Person
{
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public int Age { get; set; }
}

It may be desirable to connect user input to this model in a controller action.

[HttpPost]
public ActionResult SavePerson(Person person)
{
    // Process the person object
    // ...
}

Introducing Data Annotations
Now, let's enhance the Person model with data annotations to provide more information to the model binder.
public class Person
{
    [Required(ErrorMessage = "First Name is required")]
    [StringLength(50, ErrorMessage = "First Name should be less than 50 characters")]
    public string FirstName { get; set; }

    [Required(ErrorMessage = "Last Name is required")]
    [StringLength(50, ErrorMessage = "Last Name should be less than 50 characters")]
    public string LastName { get; set; }

    [Range(1, 150, ErrorMessage = "Age should be between 1 and 150")]
    public int Age { get; set; }
}

Important Data Annotations Employed

  • Indicates that a certain attribute is necessary.
  • StringLength: Indicates a string property's maximum length.
  • Range: Indicates a numeric property's value range.

Making the Most of Data Annotations in Views

@using (Html.BeginForm("SavePerson", "YourController", FormMethod.Post))
{
    @Html.LabelFor(model => model.FirstName)
    @Html.TextBoxFor(model => model.FirstName)
    @Html.ValidationMessageFor(model => model.FirstName)

    // Repeat for LastName and Age properties

    <input type="submit" value="Save" />
}

Important HTML Helpers Employed

  • The label element for a model attribute is rendered by LabelFor.
  • Renders a text input element for a model attribute using TextBoxFor.
  • ValidationMessageFor: Validation error messages for a model property rendered by the renderer.

In-Progress Model Validation
The model binder automatically validates the user input when the form is submitted by using the data annotations. Error notifications appear next to the respective form fields if any validation fails.

HTML helpers can be used to render form components in a view. Annotations on data affect the generation and validation of these elements.

Data Annotations' Advantages in Model Binding
Consistency: Data annotations offer a declarative and consistent means of defining validation criteria, guaranteeing consistency throughout the program.
Readability: Developers can readily comprehend the limitations and specifications of each property since validation rules are incorporated directly into the model.
Reuse: Data annotations facilitate code reuse by allowing the same model to be applied with identical validation rules across contexts.

Validating form data and processing user input are made easier using ASP.NET MVC model binding and data annotations. Developers can define validation criteria succinctly within the model itself by utilizing properties like Required, StringLength, and Range. This method makes code more readable, encourages consistency, and makes it easier to maintain reliable and user-friendly online applications. Embrace the power of model binding and data annotations as you begin your ASP.NET MVC adventure to build applications that are robust and user-friendly.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Preventing PDF Injection and Cross-Site Scripting Vulnerabilities to Secure PDF Uploads in MVC

clock January 16, 2024 06:46 by author Peter

Cross-site Scripting, or PDF XSS, is another name for PDF Injection, which is a potentially dangerous security flaw. In an MVC (Model-View-Controller) application, it is imperative to include appropriate validation and sanitation techniques to prevent such difficulties during PDF upload and viewing. The sample code that shows how to handle PDF uploads safely and stop PDF Injection from causing Cross-site Scripting in an MVC environment is provided below.


Assuming you are working with a well-known MVC framework such as ASP.NET MVC, the following is a C# example that is simplified:

PDF Upload Validation: Implement server-side validation to ensure that only legitimate PDF files are accepted throughout the upload process.

[HttpPost]
public ActionResult UploadPdf(HttpPostedFileBase pdfFile)
{
    if (pdfFile != null && pdfFile.ContentLength > 0)
    {
        // Check if the uploaded file is a PDF
        if (pdfFile.ContentType != "application/pdf" || !pdfFile.FileName.EndsWith(".pdf"))
        {
            ModelState.AddModelError("pdfFile", "Only PDF files are allowed.");
            return View("Upload");
        }

        // Process the PDF file
        // ...
    }

    return RedirectToAction("Index");
}

Viewing a PDF: Use secure libraries that don't run any embedded JavaScript while rendering the PDF for viewing. Don't forget to sanitize the PDF's contents.

public ActionResult ViewPdf(int fileId)
{
    // Fetch the PDF file from the database or file system based on the fileId
    var pdfContent = GetPdfContent(fileId);

    // Sanitize the PDF content to prevent XSS
    var sanitizedPdfContent = SanitizePdfContent(pdfContent);

    // Render the sanitized PDF content
    return File(sanitizedPdfContent, "application/pdf");
}

Sanitizing PDF Content: To stop JavaScript from running, implement a function that sanitizes the PDF content.

private byte[] SanitizePdfContent(byte[] pdfContent)
{
    // Implement PDF content sanitization logic here
    // Check that the PDF content does not contain malicious scripts

    // Example: Using a library to remove JavaScript from the PDF content
    // var sanitizedContent = PdfSanitizationLibrary.Sanitize(pdfContent);

    // Return the sanitized PDF content
    // return sanitizedContent;

    // For illustration purposes, let's assume no sanitization for simplicity
    return pdfContent;
}

This is a rudimentary example; in a real-world situation, you might want to make sure that the PDF processing library is secure against PDF Injection and utilize a separate library. To reduce the danger of cross-site scripting (XSS) attacks, think about adding Content Security Policy (CSP) headers to your online application.

To take advantage of security updates and enhancements, make sure your libraries and frameworks are up to date at all times.

To sum up, strengthening your web environment begins with giving your MVC application's security first priority when it comes to PDF uploads. Strong validation checks put in place during the upload process create a strong initial line of defense against efforts at harmful PDF Injection. Choosing safe and up-to-date PDF rendering libraries reduces the possibility of Cross-site Scripting (XSS) vulnerabilities by guaranteeing that the material shown to users is free of malicious scripts. By including content sanitization procedures, a thorough defense against potential security threats is provided, adding an additional layer of protection.

It's critical to remain proactive as the digital landscape changes constantly. It is essential to keep your application's dependencies, such as PDF processing libraries, up to date in order to take advantage of the most recent security improvements. Your development lifecycle should include regular penetration tests and security assessments as they can assist find and fix new vulnerabilities. Following these guidelines will make your MVC application more resilient and help your users have a safer and more reliable online experience.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: Stripe Payment Gateway Integration in ASP.NET MVC

clock November 14, 2023 06:11 by author Peter

There are numerous Payment Gateways on the market that provide secure and simple setup. Stripe is among them. Stripe integration consists of numerous phases. In general, there are two approaches.

  • Client Side: You may use Stripe.js to load the Stripe UI and enter credit card information to make the payment.
  • If you already have a fully functional Checkout page and everything is in place, you may utilize the library (DLL) to process the payment.

Today, we'll look at Stripe's server-side implementation.

Stripe Payment Gateway can be readily integrated if you follow each step.

Step 1: Fill out the registration form at https://dashboard.stripe.com/register with your email, name, and password.
Step 2: Use Install-Package Stripe.net to add the Stripe library to your Visual Project. Stripe.net.dll will be downloaded and included as a reference to your project.
Step 3: Add the Stripe.Infrastructure; Namespace to the Class where you wish to create the payment gateway.
Step 4: To implement, you must experiment with various classes. To make the payment, please complete each step.
Step 5: You'll need KEY - "Publishable key" - to connect to Stripe. It is available at https://dashboard.stripe.com/account/apikeys.

Step 6. Set the API key with the below function
Stripe.StripeConfiguration.SetApiKey(“pk_test_FyPZYPyqf8jU6IdG2DONgudS”);

Step 7: To generate a Token, create an Object of a Credit Card. That Token will be assigned to the Customer object at the time the Customer is created.
//Create Card Object to create Token
Stripe.CreditCardOptions card = new Stripe.CreditCardOptions();
card.Name = tParams.CardOwnerFirstName + " " + tParams.CardOwnerLastName;
card.Number = tParams.CardNumber;
card.ExpYear = tParams.ExpirationYear;
card.ExpMonth = tParams.ExpirationMonth;
card.Cvc = tParams.CVV2;
//Assign Card to Token Object and create Token
Stripe.TokenCreateOptions token = new Stripe.TokenCreateOptions();
token.Card = card;
Stripe.TokenService serviceToken = new Stripe.TokenService();
Stripe.Token newToken = serviceToken.Create(token);

Step 8: Assign TokenID to the Customer Object so that a card is created and linked to the Customer when the customer is created.
//Create Customer Object and Register it on StripeStripe.CustomerCreateOptions myCustomer = new Stripe.CustomerCreateOptions();myCustomer.Email = tParams.Buyer_Email;myCustomer.SourceToken = newToken.Id;var customerService = new Stripe.CustomerService();Stripe.Customer stripeCustomer = customerService.Create(myCustomer);

Step 9: Make a Charge Object. The charge object is the actual object that will perform the payment.

//Create Charge Object with details of Charge
var options = new Stripe.ChargeCreateOptions {
    Amount = Convert.ToInt32(tParams.Amount),
        Currency = tParams.CurrencyId == 1 ? "ILS" : "USD",
        ReceiptEmail = tParams.Buyer_Email,
        CustomerId = stripeCustomer.Id,
        Description = Convert.ToString(tParams.TransactionId), //Optional
};
//and Create Method of this object is doing the payment execution.
var service = new Stripe.ChargeService();
Stripe.Charge charge = service.Create(options); // This will do the Payment

Step ten: Charge.The status will be returned.

Step 11: Go to https://dashboard.stripe.com/test/customers and look for Created Customer.

And Payment using this link - https://dashboard.stripe.com/test/payments.



ASP.NET MVC Hosting - HostForLIFEASP.NET :: In ASP.NET MVC, Create a Simple Login Application That Makes use of Sessions

clock November 3, 2023 08:45 by author Peter

1. Create your database
Using the following script, create the UserProfile table

CREATE TABLE UserProfile
(
    UserId INT PRIMARY KEY IDENTITY(1, 1),
    UserName VARCHAR(50),
    Password VARCHAR(50),
    IsActive BIT
);

Insert user records using the following script:
INSERT INTO UserProfile (UserName, Password, IsActive)
VALUES ('Peter', 'Peter1234', 1),
       ('Scott', 'Scott1234', 1),
       ('Alex', 'Alex1234', 1);

2. Create Project
Go to File, New, then click on Project.

Select Visual C#, Web under Installed templates. After that, select ASP.NET MVC 4 Web Application, then mention the Application Name (MvcLoginAppDemo) and Solution Name as you wish, then click OK.

Under Project template, select a template as Basic, then view the engine as Razor. Click OK.

3. Include an Entity Data Model
Navigate to Solution Explorer, select Project, Add, and then ADO.NET Entity Data Model.

Give it a meaningful model name, and then click on Add.

Select Generate from the database and then click on Next.

Click on New Connection.

After clicking on New Connection, we have to provide the following Connection Properties in the following wizard.

Provide the Server name.

  • Select the "Use SQL Server Authentication" radio button.
  • Enter the Username and Password in the password text box.
  • Check the "Save my password" checkbox.
  • Select the "Select or enter a database name:" radio button.
  • Select the database to which you want to set the connection.
  • Click on the "Test Connection" button to ensure the connection can be established.
  • Then click OK.

Select the radio button, and yes, include the sensitive data in the connection string.

Choose your database objects, as in the following image.

Click on Finish. At this point UserProfie entity will be created.

4. Add a Controller
Go to Solution Explorer, right-click on the Controller folder, Add, and then click on Controller.
( Or ) Simply use shortcut key Ctrl + M, Ctrl + C,


Provide the Controller Name and Scaffolding template as Empty MVC Controller. Then click on Add.

Write the following code in HomeController.
using System.Linq;
using System.Web.Mvc;

namespace MvcLoginAppDemo.Controllers
{
    public class HomeController : Controller
    {
        public ActionResult Login()
        {
            return View();
        }

        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult Login(UserProfile objUser)
        {
            if (ModelState.IsValid)
            {
                using (DB_Entities db = new DB_Entities())
                {
                    var obj = db.UserProfiles.Where(a => a.UserName.Equals(objUser.UserName) && a.Password.Equals(objUser.Password)).FirstOrDefault();
                    if (obj != null)
                    {
                        Session["UserID"] = obj.UserId.ToString();
                        Session["UserName"] = obj.UserName.ToString();
                        return RedirectToAction("UserDashBoard");
                    }
                }
            }
            return View(objUser);
        }

        public ActionResult UserDashBoard()
        {
            if (Session["UserID"] != null)
            {
                return View();
            }
            else
            {
                return RedirectToAction("Login");
            }
        }
    }
}


5. Create Views

Create View for Login Action Method
Right-click on the Login Action method, then click on Add View, as in the following picture.

Create a Strongly Typed View

View Name must be an action method name.
Select the view engine as Razor.
Select Create a strongly typed view CheckBox.
Select Model class as UserProfile (MvcLoginAppDemo)
Select the Scaffold template as Empty
Click on Add

Write the following code in Login.cshtml (view).
@model MvcLoginAppDemo.UserProfile

@{
    ViewBag.Title = "Login";
}

@using (Html.BeginForm("Login", "Home", FormMethod.Post))
{
    <fieldset>
        <legend>Mvc Simple Login Application Demo</legend>

        @Html.AntiForgeryToken()
        @Html.ValidationSummary(true)

        @if (ViewBag.Message != null)
        {
            <p style="border: 1px solid red">
                @ViewBag.Message
            </p>
        }

        <table>
            <tr>
                <td>@Html.LabelFor(a => a.UserName)</td>
                <td>@Html.TextBoxFor(a => a.UserName)</td>
                <td>@Html.ValidationMessageFor(a => a.UserName)</td>
            </tr>
            <tr>
                <td>@Html.LabelFor(a => a.Password)</td>
                <td>@Html.PasswordFor(a => a.Password)</td>
                <td>@Html.ValidationMessageFor(a => a.Password)</td>
            </tr>
            <tr>
                <td></td>
                <td><input type="submit" value="Login" /></td>
                <td></td>
            </tr>
        </table>
    </fieldset>
}

Create View for UserDashBoard Action method same as login view. And write the following code in UserDashBoard.cshtml (View).
@{
    ViewBag.Title = "UserDashboard";
}

<fieldset>
    <legend>User Dashboard</legend>

    @if (Session["UserName"] != null)
    {
        <text>Welcome @Session["UserName"].ToString()</text>
    }
</fieldset>


6. Set as StartUp Page
Go to Solution Explorer, Project, App_Start, then RouteConfig.cs, and change the action name from Index to Login (Login. cshtml as start-up page).

7. Run the Application

Provide the user credentials and click on OK. If you provide valid user credentials, then the user name will be displayed on your dashboard.




About HostForLIFE

HostForLIFE is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes.

We have offered the latest Windows 2019 Hosting, ASP.NET 5 Hosting, ASP.NET MVC 6 Hosting and SQL 2019 Hosting.


Tag cloud

Sign in