Vulnerabilities that ASP. net mvc has fallen _ MVC initial knowledge and MVC application structure, _ mvcmvc
APS. Net MVC [go] From MSDN click to access the MVC Theoretical Structure
Model-View-controller (MVC) architecture model divides an application into three main components: model, view, and controller. The ASP. net mvc framework provides an alternative ASP. NET Web form mode for creating Web applications. ASP. net mvc Framework is a lightweight demonstration framework with extremely high testability (just like Web forms-based applications). It integrates with existing ASP.. NET functions, such as the master page and membership-based authentication. The MVC framework is defined in the System. Web. Mvc program.
MVC is a standard design model that many developers are familiar. Some types of Web applications will benefit from the MVC framework. Some types will continue to use the traditional ASP. NET application mode based on Web forms and sending back. Other types of Web applications combine these two methods, which are mutually exclusive. The MVC framework includes the following components:
Model. A model object is an application component that implements the application data domain logic. Typically, Model Objects retrieve model statuses and store them in databases. For example, a Product object may retrieve information from the database, operate on the information, and write the updated information back to the Products table in the SQL Server database. In small applications, models are usually separated in terms of concepts, rather than actually. For example, if an application only reads a dataset and sends it to a view, the application does not have a physical model layer and associated classes. In this case, a dataset acts as a model object.
View. A view is a component that displays the Application User Interface (UI. Generally, this UI is created with model data.
Controller. A controller is a component that processes user interaction, uses models, and finally selects a view to display the UI. In MVC applications, the view only displays information. The controller is used to process and respond to user input and interaction. For example, the controller processes the query string values and passes these values to the model. The model may use these values to query the database.
The MVC pattern helps you create applications that separate different aspects of an application (input logic, business logic, and UI logic), while providing loose coupling between these elements. This mode specifies the location of each logic in the application. The UI logic is in the view. The input logic is in the controller. The business logic is in the model. When you generate an application, using this separation method can help you simplify the complexity, because it enables you to focus on one aspect of the application at a time. For example, you can focus on a view independent of business logic.
The loose coupling between the three main components of the MVC application can also promote parallel development. For example, a developer can work on the view, a second developer can work on the Controller logic, and a third developer can focus on the business logic in the model.
When to create an MVC application
You must carefully consider whether to use the ASP. net mvc framework or the ASP. NET Web form model to implement Web applications. The MVC Framework does not replace the Web form model. You can use any framework for Web applications. (If you have existing applications based on Web forms, these applications will continue to work in their consistent manner .)
Weigh the advantages of various methods before deciding to use the MVC framework or Web form model for a specific website.
The ASP. net mvc framework has the following advantages:
By dividing applications into models, views, and controllers, You can simplify your work.
It does not use view status or server-based forms. This makes the MVC framework especially suitable for developers who want to completely control application behavior.
It uses a front-end controller mode that processes Web application requests through a single controller. This allows you to design an application that supports a wide range of Routing infrastructure.
It provides better support for test-driven development (TDD.
It is ideal for Web applications supported by large development teams and Web designers who need to strictly control application behavior.
The Web form-based framework has the following advantages:
It supports the HTTP-retained event model, which facilitates the development of business-line Web applications. Web forms-based applications provide many events that are supported by hundreds of server controls.
It uses the page controller mode to add features to a single page.
It uses view states for server-based forms, making it easier to manage state information.
It is ideal for small teams of Web developers and designers who want to use a large number of components to quickly develop applications.
Generally, it is relatively simple for application development because components (such as Page classes and controls) are tightly integrated and usually require less code than MVC models.
Separation of application tasks (input logic, business logic, and UI logic), testability, and test-driven development (TDD ). All core protocols in the MVC Framework are based on interfaces and can be tested using mock objects. mock objects are simulated objects that mimic the behavior of actual objects in an application. You can perform unit tests on applications without having to run controllers in ASP. NET processes, which makes unit tests fast and flexible. You can use any unit test Framework compatible with the. NET Framework.
A Scalable and pluggable framework. ASP. net mvc framework components are designed to easily replace or customize them. You can insert your own view engine, URL routing policy, operation method parameter serialization, and other components. The ASP. net mvc framework also supports dependency injection (DI) and control inversion (IOC) Container models. DI allows you to inject objects into the class, rather than relying on the class to create the object itself. IOC specifies whether an object requires other objects. The first object should obtain the second object from an external source such as the configuration file. This makes testing easier.
ASP. NET routing is widely supported. ASP. NET routing is a powerful URL ing component that allows you to generate applications with easy-to-understand and searchable URLs. URLs may not contain file extensions, and are designed to support URL naming patterns that are well suited to search engine optimization (SEO) and symbolic State Transfer (REST) addressing.
You can use tags in existing ASP. NET pages (. aspx files), user controls (. ascx files), and master pages (. master files) as view templates. You can use existing ASP APIs such as nested master pages, inline expressions (<% = %>), declarative server controls, templates, data binding, and localization. NET functions and ASP.. net mvc framework.
Supports existing ASP. NET functions. ASP. net mvc allows you to use some functions, such as Forms authentication and Windows authentication, URL Authorization, membership and role, output and data cache, session and Configuration File status management, health monitoring, Configuration System, and provider Architecture.
MVC Framework and application structure URL Routing
The ASP. net mvc framework uses the ASP. NET routing engine to flexibly map URLs to the controller class. You can define the routing rules used by the ASP. net mvc framework to evaluate the input URL and select the corresponding controller. You can also let the routing engine automatically analyze the variables defined in the URL, and let the ASP. net mvc Framework pass the value as the parameter independent variable to the Controller.
MVC Framework and sending back
The ASP. net mvc Framework routes all end user interactions to the controller class instead of using the ASP. NET Web form sending-back model to interact with the server. This separates the UI logic from the business logic and helps improve testability. Therefore, ASP. NET view status and ASP. NET Web forms page lifecycle events are not integrated with MVC-based views.
Web application MVC project structure
By default, the project structure is as follows:
App_Data: The physical storage area of the data. This folder serves the same purpose as ASP. NET websites that use Web forms pages. In most cases, this folder is not actually used for database placement. Generally, the project should separate the database server from the web server and configure the connection node in web. config to connect to the external database.
Apps: We usually put the public classes referenced in web projects here, such as user password encryption, paging control code, saving user login information, etc...
Controllers: this folder mainly stores XML files and XML Information files required by the system.
Content. We recommend that you add Content files, such as Cascading Style Sheet files and images, to this location. Normally, the Content folder is used to store static files. Small projects can store user data files in this folder. More user files should be excluded from the project.
Controllers. We recommend that you store Controllers here. The MVC framework requires that the names of all Controllers end with "Controller". For example, HomeControllers cannot be deleted at the end of the Controllers here, or the route cannot identify the Controller.
Models, which is a folder provided for the class that represents the MVC Web application's application model. This folder usually includes code that defines the object and the logic used to define interaction with the data storage. Generally, the actual model object is located in a separate class library. However, when creating an application, you can place the class here and move it to a separate class library at a certain time in the development cycle. For example, when using the three-tier architecture, the thing in the Models folder is actually the entity in the Domain layer.
Scripts. We recommend that you store script files that support applications in this location. By default, this folder contains basic ASP. net ajax files and jQuery libraries.
Views. We recommend that you store the view here. The view uses the ViewPage (. aspx), ViewUserControl (. ascx), and ViewMasterPage (. master) files, as well as any other files related to the rendered view. In the Views folder, each controller has a folder named with the Controller name prefix. For example, if the Controller is named HomeController, the Views folder contains a folder named Home. By default, when the ASP. net mvc Framework loads a view, it searches for the ViewPage (. aspx) file with the requested view name in the Views \ controller name folder. By default, the Views folder also has a folder named Shared, but this folder does not correspond to any controller. Shared Folders are used to store views Shared between multiple controllers. For example, you can place the master page of a Web application in the Shared folder.
After the Razor view engine is added to MVC3. the suffix of the view is. cshtml is much more flexible than the previous aspx, and there are not many controls that can be dragged, ASP. net MVC framework was designed at the beginning to allow developers to design web applications more deeply, so many aspects need to be compiled by themselves...
Global. asax file: the code in the file to set the default value of Global URL routing. In MVC3, this file can also place some initialization methods during site loading.
Web. config file: this file is an XML file that stores the basic configuration information of the site, such as connecting to database nodes and loading parameters of the site.