|
This is also possible with the linq by using the same order by query.
|
|
|
|
|
You should tell OP, not me.
|
|
|
|
|
This is a product of poor design and improper use of TFS but I have started on a new project with big problems. A little background first. This is an ASP .NET MVC 3 EntityFramework multiple project application. Now, when development first began several years ago the application had a production branch of TFS source control and no other branches. Two programmers started and worked on creating this application. Now, as each did work they would download directly from the production branch and check-in directly into the production branch. This went on until two weeks before I started work on the application.
Three weeks ago a three separate named user branch tree, named for each developer, was created off of the production branch for each new developer to work on so now checkout/check-in is no longer directly off of the production branch. What we have is a main production branch as the root and three sub branches right off of the production branch. What a mess!
Now to the problem we are currently having. When they downloaded source control application code from the production branch to each person's named branch all of the asp project and third party dll's are gone along with the bin and bin/debug directories. Each of the new branches won't build their projects and the main Web project won't build. What I have done is pulled all of the asp project and third party dll's into my branch from production created a working branch. Than I checked my branch back into MY named branch of source control. Now, after doing this another developer has downloaded the new updated, MY named branch, branch to their machine and again the bin and bin\debug directories and all of the dll's are missing. Based on my confusing description of the problem can someone provide guidance on how we can fix this problem?
modified 24-May-18 20:55pm.
|
|
|
|
|
Not sure I fully understand the issue and it depends what these third party dlls are, but you usually solve this problem with nuget packages. So if your project needs, for example, Entity Framework, you add that to your project as a nuget package. What that does is create a folder under a "packages" folder and that folder contains xml that describes the package. When you check the code in you also check in the packages folder. When the next developer gets the project they will have the packages but not the dlls, however when they compile VS will realise this and use the data in the nuget package to download the dlls itself. So rather than manage third party dlls you manage nuget packages and VS sorts it out for you.
|
|
|
|
|
One problem with nuget is the application is on an intranet. What I have done is to create a root level folder and checked it in. With the new folder I have added all of the needed third party dll's and referenced them in each of the application project's references. Is this the correct way to do it or is nuget still possible?
|
|
|
|
|
You can host your own nuget server and even make your own nuget packages, so yes it's possible. It'll take some learning and trial and error, but I know it's possible.
|
|
|
|
|
I was considering adding a blog to my website to get more traffic or a pay wall of knowledge and was wondering if anybody has implemented any good packages for this. I really don't want to write a app for that at the moment plus I'n not really set on a design for it.
If I did write a blog app for myself, I would want to have unique page names, but I can't figure out how to dynamically add pages to a controller.
I can add views easy, but the controller part is fuzzy for me. Guess I would have to use 1 page name and add a route as the description.
Any thoughts?
If it ain't broke don't fix it
|
|
|
|
|
|
I remember the original one, it was pretty cool.
I take a look at this today, Thanks!
I did look around but didn't see much, strange I didn't find this one.
If it ain't broke don't fix it
|
|
|
|
|
I like to know what is
refresh token and its usages.
we can get our job done by access token then why should i go for
refresh token ....what would be the benefit.
i saw a example of refresh token which show when we are getting access token then refresh token also passing along with access token. so i was totally confuse and do not understand how and why refresh token.
if possible please discuss the story of refresh token. thanks in advance.
|
|
|
|
|
When a page is requested that requires a token for authentication, that is the first token.
But if the user refreshes the page, then perhaps the first token is now expired or no longer valid, so a new token is issued called a refresh token.
Most likely this is a form, so on Post, validation must be correct first then the token must match to submit the form, or to call the function after token matching.
If your tokens never match, then the form will never get written.
If you keep issuing the same token, then token authentication will become useless and bots will take over the form.
In MVC it's called the AntiForgeryToken and you call it using attributes in the MVC controller.
So on a GET request you issue the token from the controller and it gets written inside the form tags in the view if you place the correct HTML helper in the right spot.
Then the page gets submitted, a POST request and the controller will check the token if you place the right code to check for the token first before or after validation or Model.IsValid.
If it ain't broke don't fix it
|
|
|
|
|
sorry not a good answer. my other points are not considered.
|
|
|
|
|
Interesting, I thought it was a pretty clear description of the process and the reasons for that process.
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
The question was confusing, but I thought my reply was OK without being long winded on the subject.
I didn't have time to draw diagrams or write an article on the subject.
Maybe English was not his first language.
That's for backing me up on that.
If it ain't broke don't fix it
|
|
|
|
|
|
Hi,
I am maintaining a new ASP.Net application, which was running fine when I was using database; xxxxx, but another copy of the same Database when I started using: xxxx_20180425 then it started giving me the below error, its a Production application when I took the backup and restore, it started giving me the error as below, I am just confused is it Problem really in the application or just some issues related to new Database permissions for the user. Any help would be greatly helpful.
And can you please help me if I can copy the same roles of user123 permissions on the xxxxx database to xxxx_20180425, so that the user will have the same permissions. Any help would be greatly helpful. Thanks in advance.
Here is the error message:
A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see <a href="http://go.microsoft.com/fwlink/?LinkID=212874">http://go.microsoft.com/fwlink/?LinkID=212874</a>.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").
Source Error:
The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:
<ol>
<li>Add a "Debug=true" directive at the top of the file that generated the error. Example:</li>
</ol>
H615311168H
or:
2) Add the following section to the configuration file of your application:
<configuration>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.
Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (msg="...ema 'dbo'.<br />The EXECUTE pe...").]
System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +9721353
System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) +184
System.Web.HttpRequest.get_QueryString() +55
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +70
System.Web.UI.Page.DeterminePostBackMode() +69
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6704
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +245
System.Web.UI.Page.ProcessRequest() +72
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +58
ASP.error_aspx.ProcessRequest(HttpContext context) +37
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +341
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69
Thanks,
Abdul Aleem
"There is already enough hatred in the world lets spread love, compassion and affection."
|
|
|
|
|
You need to examine the actual data to see whether it is a definite threat or not. It may be just that ASP.NET has seen a set of tokens which suggest something.
|
|
|
|
|
The exception message is quite clear. It is not related to permissions but there was a SQL query that contains potential dangerous (HTML) content.
Unfortunately only a portion of the query string is included with the message:
"...ema 'dbo'.<br />The EXECUTE pe..." But that does not look like a SQL query (besides a query contains such text which seems to be rather unlikely).
I suggest to debug your code to find out which code portion generates the query containing the above string and check that. For me it looks like the wrong string is passed as query (e.g. wrong variable name used or re-using a variable but forgetting to assign the new value).
A hint might be that the string portion seems to be part of an error message like "The EXECUTE permission was denied on the object ..." which is passed as SQL query. If so, fix the code that is using an error message as SQL query string first (e.g. by reporting the error instead) and then try to solve the permission error.
|
|
|
|
|
Jochen Arndt wrote: there was a SQL query that contains potential dangerous (HTML) content
It's not moaning about a SQL query; it's moaning about the request's querystring - the part of the URL after the ? character.
Query string - Wikipedia[^]
It looks like there was an error executing a SQL query, and an HTML representation of that error is being passed to another page in the querystring.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thank you Richard for the clarification. I was too distracted by all that database / permission topics.
But the problem of forwarding the error text should be fixed first (that is: detect the SQL error and throw an error message / show an error page instead of passing text blindly). Then the full message is available and can be used to fix the database error.
|
|
|
|
|
I've seen that before in the past.
Trying to remember what it was.
But based your stack trace, HTML was detected here
System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +9721353
I think it's your HTML or web form with a simple typo in it
like a select element option on the form
Coincidence perhaps, but not database related, in front of the database
I forgot to mention that you may have some bad data in your database that looks like HTML
A potentially dangerous Request.Form value was detected… | MikeSchinkel.com
If it ain't broke don't fix it
modified 24-May-18 15:52pm.
|
|
|
|
|
I found it, its kind of weird problem the Developer put into, she used the Database name as well in most of the SPs for example, for a select statement on a table she used select col1, col2..... from Database.schema.Table1, when we are using another database name for the restore, it wasn't able to execute and giving us a strange freaky and goofy error. Anyways thanks for all your suggestions my friends.
That's why I believe Developers aren't at all the smart people - Lol.
Thanks,
Abdul Aleem
"There is already enough hatred in the world lets spread love, compassion and affection."
|
|
|
|
|
I'm stuggling to understand attr routing on index page.
I use this in the home controller to fix https://website.com but it crashes on https://website.com/home/index
I'm scratching my head on this
[AdminCheck]
[HttpGet]
[Route("~/")]
[Route("")]
I can add another one [Route("Index")] and it seems to fix it but I think it's just a bandaid in which something else will pop up
If it ain't broke don't fix it
|
|
|
|
|
|
This is my route config.
It's better now, but I'm befuddled as to why I had to add the extra 2 when it worked for years.
I did upgrade my MVC to 5.2.3, but stopped there due to issues with X.PagedList.Boostrap4
I thought I knew what I was doing but it fell apart on me when I went attr routing.
This is the website
https://jkirkerx.com
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapMvcAttributeRoutes();
Route ajaxRoute = new Route("{controller}/{action}", new MvcRouteHandler());
routes.Add("Ajax", ajaxRoute);
Route errorRoute = new Route("{controller}/{action}/{error}", new MvcRouteHandler());
routes.Add("Error", errorRoute);
Route diagUserNameRoute = new Route("{controller}/{userName}/{action}", new MvcRouteHandler());
routes.Add("Diagnostics", diagUserNameRoute);
Route setupUserNameRoute = new Route("{controller}/{userName}/{action}", new MvcRouteHandler());
routes.Add("Setup", setupUserNameRoute);
Route adminUserNameRoute = new Route("{controller}/{userName}/{action}", new MvcRouteHandler());
routes.Add("Admin", adminUserNameRoute);
Route portfolioRoute = new Route("{controller}/{action}", new MvcRouteHandler());
routes.Add("Portfolio", portfolioRoute);
Route reviewRequestRoute = new Route("{controller}/{sT}", new MvcRouteHandler());
routes.Add("ReviewRequest", reviewRequestRoute);
Route reviewRoute = new Route("{controller}/{action}", new MvcRouteHandler());
routes.Add("Reviews", reviewRoute);
Route homeRoute = new Route("{controller}/{action}", new MvcRouteHandler())
{
Defaults = new RouteValueDictionary(new { controller = "Home", action = "Index", id = UrlParameter.Optional })
};
routes.Add("Default", homeRoute);
}
}
If it ain't broke don't fix it
modified 22-May-18 19:36pm.
|
|
|
|