在ASP.NET MVC 3使用不显眼的审定提交时prevent形式 [英] Prevent form from submitting when using unobtrusive validation in ASP.NET MVC 3

问题描述

我想实现使用ASP.NET MVC3非侵入式JavaScript远程验证。

这似乎是工作，但我能提交我的形式，即使它不应该是有效的。

它看起来像验证速度不够快。我使用的是ASP.NET开发服务器在VS 2010调试器和远程验证方法并不总是被解雇。当我等了一下，确认发生了，我不能提交表单。

我开始以为客户端远程验证是不​​够可靠的，我也许应该考虑使用服务器端验证只是要确定正确的验证应用。

有没有办法来解决这个问题？

编辑：

就像你问，这里有我的$ C相对于问题$ C的一部分。
我会采取你的建议和使用服务器端验证，以避免用户绕过我的验证启动。

型号：

  [必需（的ErrorMessage =*），StringLength（50）]
[远程（EventCategoryNameExists，EventCategories
    AdditionalFields =EventCategoryId
    ErrorMessageResourceType = typeof运算（消息）
    ErrorMessageResourceName =EventCategoryNameAlreadyExists）]
[LocalizedDisplayName（姓名）]
公共字符串名称{;组; }
 

查看：

 ＆LT; D​​IV ID =formMain＆GT;    @ Html.HiddenFor（X =＆GT; x.EventCategoryId）    ＆LT;字段集类=formFieldset＆GT;
        ＆LT;传奇＆GT; @ Labels.EventCategoryDe​​tails＆LT; /传说＆GT;
        ＆LT; D​​IV CLASS =formFieldsetContent＆GT;
            ＆LT;表ID =formTable级=formTable＆GT;
                ＆所述; TR＆GT;
                    ＆LT; TD类=formLabelCell的风格=宽度：90像素;＆GT;
                        @ Html.LabelFor（X =＆GT; x.Name）及NBSP;：＆放大器; NBSP;
                    ＆LT; / TD＆GT;
                    ＆LT; TD类=formInputCell＆GT;
                        @ Html.EditorFor（X =＆GT; x.Name）
                        @ Html.ValidationMessageFor（X =＆GT; x.Name）
                    ＆LT; / TD＆GT;
                ＆LT; / TR＆GT;
                ＆所述; TR＆GT;
                    ＆LT; TD类=formLabelCell的风格=垂直对齐：首位;＆GT;
                        @ Html.LabelFor（X =＆GT; x.Color）及NBSP;：＆放大器; NBSP;
                    ＆LT; / TD＆GT;
                    ＆LT; TD类=formInputCell＆GT;
                        @ Html.EditorFor（X =＆GT; x.Color）
                        @ Html.ValidationMessageFor（X =＆GT; x.Color）
                    ＆LT; / TD＆GT;
                ＆LT; / TR＆GT;
            ＆LT; /表＆gt;
        ＆LT; / DIV＆GT;
    ＆LT; /字段集＆GT;
＆LT; / DIV＆GT;＆LT; D​​IV CLASS =formButtons＆GT;
    ＆LT;输入类型=提交ID =btnSaveVALUE =@ Labels.Save级=formButton/＆GT;
    ＆LT;输入类型=按钮ID =btnCancelVALUE =@ Labels.Cancel级=formButton/＆GT;
＆LT; / DIV＆GT;
 

控制器：

 公众的ActionResult EventCategoryNameExists（INT eventCategoryId，字符串名称）
{
    返回JSON（！_ eventService.EventCategoryNameExists（eventCategoryId，名），JsonRequestBehavior.AllowGet）;
}
 

解决方案

客户端验证是远远不够的。 JavaScript不能上启用或正确的进行计数，加上它可以通过一个狡猾的用户可以绕过。但您的客户端验证程序返回一个布尔值false？如果没有，正常提交操作将于不管。

I am trying to implement remote validation using ASP.NET MVC3 unobtrusive javascript.

It seems to work, but I am able to submit my form even if it is not supposed to be valid.

It looks like the validation is not happening fast enough. I am using the ASP.NET development server with the VS 2010 debugger and the remote validation method is not always fired. When I wait a little, the validation happens and I cannot submit the form.

I am starting to think that client-side remote validation is not reliable enough and I maybe should consider using server-side validation just to be sure the correct validations are applied.

Is there a way to fix this?

EDIT:

Like you asked, here are the part of my code relative to the problem. I will start by taking your advice and use server-side validation to avoid users bypassing my validations.

Model:

[Required(ErrorMessage = "*"), StringLength(50)]
[Remote("EventCategoryNameExists", "EventCategories",
    AdditionalFields = "EventCategoryId",
    ErrorMessageResourceType = typeof(Messages),
    ErrorMessageResourceName = "EventCategoryNameAlreadyExists")]
[LocalizedDisplayName("Name")]
public string Name { get; set; }

View:

<div id="formMain">

    @Html.HiddenFor(x => x.EventCategoryId)

    <fieldset class="formFieldset">
        <legend>@Labels.EventCategoryDetails</legend>
        <div class="formFieldsetContent">
            <table id="formTable" class="formTable">
                <tr>
                    <td class="formLabelCell" style="width: 90px;">
                        @Html.LabelFor(x => x.Name)&nbsp;:&nbsp;
                    </td>
                    <td class="formInputCell">
                        @Html.EditorFor(x => x.Name)
                        @Html.ValidationMessageFor(x => x.Name)
                    </td>
                </tr>
                <tr>
                    <td class="formLabelCell" style="vertical-align: top;">
                        @Html.LabelFor(x => x.Color)&nbsp;:&nbsp;
                    </td>
                    <td class="formInputCell">
                        @Html.EditorFor(x => x.Color)
                        @Html.ValidationMessageFor(x => x.Color)
                    </td>
                </tr>
            </table>
        </div>
    </fieldset>
</div>

<div class="formButtons">                      
    <input type="submit" id="btnSave" value="@Labels.Save" class="formButton" />
    <input type="button" id="btnCancel" value="@Labels.Cancel" class="formButton" />
</div>

Controller:

public ActionResult EventCategoryNameExists(int eventCategoryId, string name)
{
    return Json(!_eventService.EventCategoryNameExists(eventCategoryId, name), JsonRequestBehavior.AllowGet);
}

解决方案

Client-side validation is never enough. Javascript cannot be counted on to be enabled or correct, plus it can be bypassed by a devious user. But is your client-side validation routine returning a boolean false? If not, the normal submit action will take place regardless.

这篇关于在ASP.NET MVC 3使用不显眼的审定提交时prevent形式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！