C# POST后缺少密码值
下面是一些代码: 控制器C# POST后缺少密码值,c#,asp.net-mvc,C#,Asp.net Mvc,下面是一些代码: 控制器 [HttpGet] public ActionResult GetSettings() { var save = new SettingsSaver(); var dto = save.GetSettings(); var model = new SettingsModel { Password = dto.Password, Port = dto.Port, Username = dto.
[HttpGet]
public ActionResult GetSettings()
{
var save = new SettingsSaver();
var dto = save.GetSettings();
var model = new SettingsModel
{
Password = dto.Password,
Port = dto.Port,
Username = dto.Username,
Enabled = dto.Enabled,
Id = dto.Id,
IpAddress = dto.IpAddress,
};
return View(model);
}
[HttpPost]
public ActionResult GetSettings(SettingsModel viewModel)
{
if (ModelState.IsValid)
{
var dto = new SettingsDto
{
IpAddress = viewModel.IpAddress,
Password = viewModel.Password,
Port = viewModel.Port,
Username = viewModel.Username,
Enabled = viewModel.Enabled,
Id = viewModel.Id
};
var save = new SettingsSaver();
var result = save.SaveSettings(dto); //Saves correctly and updates in DB
if (result)
{
return View(); // Returns this
}
return View("Error");
}
return View("Error");
}
如有任何建议/指导,将不胜感激 从POST返回相同的视图后,ModelState将从POST值填充控件(密码字段除外) 因此,您需要一个Post重定向Get模式:
if (result)
{
return RedirectToAction("GetSettings");
}
为什么除了密码之外?我想是出于安全原因。谢谢,我真的应该这样做,以阻止人们按F5并重新提交表单。只要我能接受,只要一句话。我希望您没有将密码保存为明文,而是在将其写入数据库之前对其进行加密?出于安全考虑,这一点非常重要。我写的东西并不需要这些。密码可以是屏幕上的明文,并不重要。从这个意义上说,它们不是真正的“密码”。
public class SettingsModel : BaseSettingsViewModel // Base contains ID and Enabled properties with no data annotations
{
[Required]
[DataType(DataType.Text)]
[DisplayName("IP Address")]
public string IpAddress { get; set; }
[Required]
[DisplayName("Port")]
public int Port { get; set; }
[Required]
[DataType(DataType.Text)]
[DisplayName("Username")]
public string Username { get; set; }
[Required]
[DataType(DataType.Password)]
[DisplayName("Password")]
public string Password { get; set; }
}
if (result)
{
return RedirectToAction("GetSettings");
}