0

I have a page with a form that accepts a list of account numbers into a text box, a bulk search essentially.

This does posts to the server, does a validation exercise and then if sucessful redirects to a display page.

Currently the list is added as a GET variable in the URL to the display page. This is limiting in that it means users can mess with it and larger data sets may be a problem. It also allows for a bypass of the validation but this is accounted for.

I see 2 general solutions which are basically variations of 1 theme:

  1. Save the list to a DB and pass a key to load this to the diplay page.
  2. Save to MemoryCache and again pass the key to the display page.

Based on these options it seems that 1. is better if I need multiple IIS node but needs manual cache cleanup where 2. will clean it's self up but may be a problem if I need to scale. This will be an intranet applcation so scale will probably not be required.

Is there a "industry standard" approach to this class of problem. I'm coming from the winforms world where keeping track of state wasn't an issue.

Cœur
  • 32,421
  • 21
  • 173
  • 232
themaninthesuitcase
  • 4,612
  • 5
  • 22
  • 34
  • 1
    POST to a display page instead of redirecting (GET), then you can pass the values in the body (where it can't be seen by the end user) instead of the querystring. This is easily done with a HTML form, put the data into the form (hidden inputs, etc), set it's action to the new page, submit it. – Liam Mar 16 '16 at 16:07
  • [POST vs GET](http://stackoverflow.com/questions/3477333/what-is-the-difference-between-post-and-get) – Liam Mar 16 '16 at 16:11
  • I would see the need of GET only if you want users to share links for the result pages to other users, so that those result pages can be directly accessible. Otherwise, you can go with just POSTing the data and be done with it (without any redirect), such as in dburner 's example. – Dan Mirescu Mar 16 '16 at 16:20

2 Answers2

2

I don't think you really have to redirect to the display page at all. From the controller that gets the user input and prints the result just return the View that should render the results like:

public class SearchController : Controller
{
    public ActionResult SearchForAccounts(string[] accounts)
    {
        var searchResults = db.Search(accounts);

        return View('ResultsView', searchResults);
    }
}

If you really really need to redirect, I guess you chould save the results into the application Cache and later if you need to scale you could use a Redis Cache provider for example, but again you should be able to show the required view.

dburner
  • 969
  • 6
  • 19
0

Whether it's Webforms or MVC, I recommend not getting into the pattern of separating validation/processing and results into separate pages.

I'm guessing that if the data is invalid you want to put it back on the page so the user can edit it. (That's a guess inferred from what you're asking.)

You can post the data, and then if the data is valid then the "result" page shows the results. If the data isn't valid then the page can re-render the input form, populate it with the original inputs, and display a validation error. That way the user can modify their original input and try again. (Just be sure to escape/unescape if you're taking user input and reflecting it back onto the page.) That's easier if the form is a partial view (MVC) or a user control (Webforms.)

Scott Hannen
  • 21,450
  • 3
  • 33
  • 44