search

Edit & Delete actions

hashtag
Implementation of Edit and Delete

Let us see the implementation of Edit and Delete functionalities for the movies list, on the same lines. We need to scaffold these like we did it for other action methods:

hashtag
Contents of Edit.cshtml file

@model MvcMovie.Models.Movie

@{
    ViewData["Title"] = "Edit";
}

<h1>Edit</h1>

<h4>Movie</h4>
<hr />
<div class="row">
    <div class="col-md-4">
        <form asp-action="Edit">
            <div asp-validation-summary="ModelOnly" class="text-danger"></div>
            <div class="form-group">
                <label asp-for="Id" class="control-label"></label>
                <input asp-for="Id" class="form-control" />
                <span asp-validation-for="Id" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="Title" class="control-label"></label>
                <input asp-for="Title" class="form-control" />
                <span asp-validation-for="Title" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="ReleaseDate" class="control-label"></label>
                <input asp-for="ReleaseDate" class="form-control" />
                <span asp-validation-for="ReleaseDate" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="Genre" class="control-label"></label>
                <input asp-for="Genre" class="form-control" />
                <span asp-validation-for="Genre" class="text-danger"></span>
            </div>
            <div class="form-group">
                <label asp-for="Price" class="control-label"></label>
                <input asp-for="Price" class="form-control" />
                <span asp-validation-for="Price" class="text-danger"></span>
            </div>
            <div class="form-group">
                <input type="submit" value="Save" class="btn btn-primary" />
            </div>
        </form>
    </div>
</div>

<div>
    <a asp-action="Index">Back to List</a>
</div>

@section Scripts {
    @{await Html.RenderPartialAsync("_ValidationScriptsPartial");}
}a

hashtag
Contents of Delete.cshtml file

hashtag
Edit action method in the controller (GET)

hashtag
Edit action method in the controller (POST)

hashtag
Delete action method in the controller

circle-info

An important security feature built into the method is that the code verifies that the search method has found a movie before it tries to do anything with it

For example, a hacker could introduce errors into the site by changing the URL created by the links from http://localhost:{PORT}/Movies/Details/1 to something likehttp://localhost:{PORT}/Movies/Details/12345

hashtag
DeleteConfirmed action method in the controller

Note that the HTTP GET Delete method doesn't delete the specified movie, it returns a view of the movie where you can submit (HttpPost) the deletion.

circle-info

Performing a delete operation in response to a GET request (or for that matter, performing any operation that changes data) opens up a security hole!

circle-info

The ActionName("Delete") attribute performs mapping for the routing system so that a URL that includes /Delete/ for a POST request will find the DeleteConfirmed method! Another common work around for methods that have identical names and signatures is to artificially change the signature of the POST method to include an extra (unused) parameter!

hashtag
Add Update method stub in FakeContent

circle-info

The application should compile and run successfully now; however, it will not be fully functional since we do not have a real data store backing our context!

hashtag
Notes

  • We do model validation wherever applicable

  • We redirect to the index page using the RedirectToAction method

  • We can do exception handling where applicable, in order to provide a better user experience

PreviousThe details action methodNextAsynchronous actions

Last updated