AllowHtml not working

后端未结

关注

 4  2101

难免孤独 2021-01-03 00:01

I\'m building a Content Management System to allow people other than me to update stuff on the site.

I have a front-facing HTML form that sends data, via AJAX, to a

4条回答

长发绾君心 (楼主)

2021-01-03 00:42

Try with this:

// CONTROLLER
[HttpPost]
public ActionResult CarAJAX(CarAdmin model)
{
    model.UpdateCar();
}

// MODEL
using System;
using System.Web;
using System.Web.Mvc;

namespace Site.Models
{
    public class CarAdmin
    {
        private string html;

        public String id { get; set; }
        [AllowHtml]
        public String HTML_Stuff { 
            get
            { 
                return html; 
            }
            set
            { 
                // sanitation and validation on "value"
                html = value;
            }
        }

        public CarAdmin(){}

        public void UpdateCar()
        {
            String Select = String.Format("UPDATE Car Set HTML_Stuff = {0} WHERE id = {1}", HTML_Stuff, id);

            // Execute DB Command
        }
    }
}

I also noticed that you are validating inside a method. It would probably be better, if you do that when setting the property.

EDIT:
I researched quite a bit on the topic. You actually need to bind model to the controller using AJAX. Please look at this example. I'm not sure of extents of your code, but I think you also need ActionResult to return within controller. There are nice examples of what to return from ActionResult.

0 讨论(0)

查看其它4个回答