开发者

What's the proper way to handle a signup WIZARD with ASP.NET MVC3?

问答 作者:

I'm trying to make a sign up wizard that will be 3 pages, but I'm not sure how I can pass the data between the pages.

At first I tried using return RedirectToAction("New", "Authentication", newUser);, where newUser was the instance of the user which contains the initial first page info (which is their OpenId identifier and any extra meta data which the provider has provided.)

When I did this, I noticed all the data (which existed) was in the query string HEADE开发者_如何学编程R:

Request URL:http://localhost:1200/Account/New?UserId=0&OpenIds=System.Collections.Generic.List%601%5BSystem.String%5D
Request Method:GET
Status Code:200 OK

This makes me worried that it could be open to serious attack/abuse, especially if the openId identifier is there (not to mention that the OpenId value is incorrect, it didn't serialize the IList<string> correctly.)

So does anyone have any suggestions?

I ended up using TempData to store the data between requests. And I also used TempData.Keep() to make sure it's sticky for one more request for error handling, when I need to show some error message.

For RedirectToAction you need to pass the object AND the name for the route:

return RedirectToAction("New", "Authentication", new { id=newUser});

Also see "How to RedirectToAction..."

Can you use the ViewData or ViewBag objects for temp storage until you get through all 3 steps?

In Steve Sanderson's book on MVC 2, it discusses this topic in detail and has a working example of how to pass data back and forth between wizard steps.

I would buy the book and look at the solution in there.

Edit:

As stated in a comment, read the sample on Page 477, chapter 13. It covers your problem.

Why is this valid as an answer, as opposed to a comment?:

People scanning through myriad threads will find a direct reference to how to solve wizard issues.

Comments are easily ignored, and overlooked, by a stressed developer trying to find the solution to a problem.

I would keep this information in the Session object.

Session["UserObject"] = MyUserObject

Then retrieve it with

var myUser = Session["UserObject"] as MyUserClass;

继续阅读:.netasp.net-mvc-3authentication

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9