FEED Validator

for Atom and RSS and KML

Congratulations!

This is a valid Atom 1.0 feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

line 5, column 62: Self reference doesn't match document location [help]

 <link href="http://www.squaredroot.com/atom.xml" rel="self"/>
                                                              ^

line 8, column 31: Identifier "http://www.squaredroot.com" is not in canonical form (the canonical form would be "http://www.squaredroot.com/") [help]

 <id>http://www.squaredroot.com</id>
                               ^

line 23, column 0: content should not contain data-lang attribute (12 occurrences) [help]
```
&lt;div class=&quot;highlight&quot;&gt;&lt;pre&gt;&lt;code class=&quot;langu ...
```

line 196, column 0: content should not contain script tag (84 occurrences) [help]

&lt;script src=&quot;https://gist.github.com/4310301.js?file=index.js&quot;& ...

line 451, column 1002: content contains bad characters [help]

... e selected, will give you three options:Â  ASP.NET, HTML, and My HTML Sn ...
                                             ^

line 611, column 37: Two entries with the same value for atom:updated: 2008-09-24T00:00:00+00:00 (8 occurrences) [help]

   <updated>2008-09-24T00:00:00+00:00</updated>
                                     ^

Source: http://feeds2.feedburner.com/SquaredRoot/

<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Troy Goode</title>
<link href="http://www.squaredroot.com/atom.xml" rel="self"/>
<link href="http://www.squaredroot.com/"/>
<updated>2016-08-15T00:53:49+00:00</updated>
<id>http://www.squaredroot.com</id>
<author>
<name>Troy Goode</name>
<email>troygoode@gmail.com</email>
</author>
<entry>
<title>npm install cors</title>
<link href="http://www.squaredroot.com/2014/05/09/npm-install-cors/"/>
<updated>2014-05-09T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2014/05/09/npm-install-cors</id>
<content type="html">CORS is a popular node.js package I&#39;ve written that provides an <a href="http://expressjs.com/">Express</a> middleware you can use to enable <a href="http://en.wikipedia.org/wiki/Cross-origin_resource_sharing">CORS</a> with various options. The code is open source (<a href="http://www.opensource.org/licenses/mit-license.php">MIT License</a>) and <a href="https://github.com/troygoode/node-cors">available on GitHub</a>.
<h2>Installation (via <a href="https://npmjs.org/package/cors">npm</a>)</h2>
<div class="highlight"><pre><code class="language-bash" data-lang="bash">$ npm install cors
</code></pre></div>
<h2>Usage</h2>
<h3>Simple Usage (Enable All CORS Requests)</h3>
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
app.use(cors());
app.use(app.router);
app.get('/products/:id', function(req, res, next){
res.json({msg: 'This is CORS-enabled for all origins!'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
<h3>Enable CORS for a Single Route</h3>
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
app.get('/products/:id', cors(), function(req, res, next){
res.json({msg: 'This is CORS-enabled for all origins!'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
<h3>Configuring CORS</h3>
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
var corsOptions = {
origin: 'http://example.com'
};
app.get('/products/:id', cors(corsOptions), function(req, res, next){
res.json({msg: 'This is CORS-enabled for only example.com.'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
<h3>Configuring CORS w/ Dynamic Origin</h3>
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
var whitelist = ['http://example1.com', 'http://example2.com'];
var corsOptions = {
origin: function(origin, callback){
var originIsWhitelisted = whitelist.indexOf(origin) !== -1;
callback(null, originIsWhitelisted);
}
};
app.get('/products/:id', cors(corsOptions), function(req, res, next){
res.json({msg: 'This is CORS-enabled for a whitelisted domain.'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
<h3>Enabling CORS Pre-Flight</h3>
Certain CORS requests are considered &#39;complex&#39; and require an initial
<code>OPTIONS</code> request (called the &quot;pre-flight request&quot;). An example of a
&#39;complex&#39; CORS request is one that uses an HTTP verb other than
GET/HEAD/POST (such as DELETE) or that uses custom headers. To enable
pre-flighting, you must add a new OPTIONS handler for the route you want
to support:
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
app.options('/products/:id', cors()); // enable pre-flight request for DELETE request
app.del('/products/:id', cors(), function(req, res, next){
res.json({msg: 'This is CORS-enabled for all origins!'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
You can also enable pre-flight across-the-board like so:
<div class="highlight"><pre><code class="language-" data-lang="">app.options('*', cors()); // include before other routes
</code></pre></div>
<h3>Configuring CORS Asynchronously</h3>
<div class="highlight"><pre><code class="language-javascript" data-lang="javascript">var express = require('express')
, cors = require('cors')
, app = express();
var whitelist = ['http://example1.com', 'http://example2.com'];
var corsOptionsDelegate = function(req, callback){
var corsOptions;
if(whitelist.indexOf(req.header('Origin')) !== -1){
corsOptions = { origin: true }; // reflect (enable) the requested origin in the CORS response
}else{
corsOptions = { origin: false }; // disable CORS for this request
}
callback(null, corsOptions); // callback expects two parameters: error and options
};
app.get('/products/:id', cors(corsOptionsDelegate), function(req, res, next){
res.json({msg: 'This is CORS-enabled for a whitelisted domain.'});
});
app.listen(80, function(){
console.log('CORS-enabled web server listening on port 80');
});
</code></pre></div>
<h2>Configuration Options</h2>
<ul>
<li><code>origin</code>: Configures the Access-Control-Allow-Origin CORS header. Expects a string (ex: &quot;http://example.com&quot;). Set to <code>true</code> to reflect the <a href="http://tools.ietf.org/html/draft-abarth-origin-09">request origin</a>, as defined by <code>req.header(&#39;Origin&#39;)</code>. Set to <code>false</code> to disable CORS. Can also be set to a function, which takes the request origin as the first parameter and a callback (which expects the signature <code>err [object], allow [bool]</code>) as the second.</li>
<li><code>methods</code>: Configures the Access-Control-Allow-Methods CORS header. Expects a comma-delimited string (ex: &#39;GET,PUT,POST&#39;) or an array (ex: <code>[&#39;GET&#39;, &#39;PUT&#39;, &#39;POST&#39;]</code>).</li>
<li><code>allowedHeaders</code>: Configures the Access-Control-Allow-Headers CORS header. Expects a comma-delimited string (ex: &#39;Content-Type,Authorization&#39;) or an array (ex: <code>[&#39;Content-Type&#39;, &#39;Authorization]</code>). If not specified, defaults to reflecting the headers specified in the request&#39;s Access-Control-Request-Headers header.</li>
<li><code>exposedHeaders</code>: Configures the Access-Control-Expose-Headers CORS header. Expects a comma-delimited string (ex: &#39;Content-Range,X-Content-Range&#39;) or an array (ex: <code>[&#39;Content-Range&#39;, &#39;X-Content-Range]</code>). If not specified, no custom headers are exposed.</li>
<li><code>credentials</code>: Configures the Access-Control-Allow-Credentials CORS header. Set to <code>true</code> to pass the header, otherwise it is omitted.</li>
<li><code>maxAge</code>: Configures the Access-Control-Allow-Max-Age CORS header. Set to an integer to pass the header, otherwise it is omitted.</li>
</ul>
For details on the effect of each CORS header, <a href="http://www.html5rocks.com/en/tutorials/cors/">read this article on HTML5 Rocks</a>.
<h2>Demo</h2>
A demo that illustrates CORS working (and not working) using jQuery is available here: <a href="http://node-cors-client.herokuapp.com/">http://node-cors-client.herokuapp.com/</a>
Code for that demo can be found here:
<ul>
<li>Client: <a href="https://github.com/TroyGoode/node-cors-client">https://github.com/TroyGoode/node-cors-client</a></li>
<li>Server: <a href="https://github.com/TroyGoode/node-cors-server">https://github.com/TroyGoode/node-cors-server</a></li>
</ul>
</content>
</entry>
<entry>
<title>npm install require-directory</title>
<link href="http://www.squaredroot.com/2012/12/16/npm-install-require-directory/"/>
<updated>2012-12-16T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2012/12/16/npm-install-require-directory</id>
<content type="html">A common pattern I have found when building node.js applications
revolves around how you refactor a large file into a directory of
smaller files. For example, in an <a href="http://expressjs.com">Express</a> app
you might start out defining routes in your app.js file, but
eventually migrate those routes into a routes.js file that is then
required into app.js. What happens when routes.js grows too large
though? You chunk it up. You often end up with a routes/ directory,
giving you a project structure that looks something like this:
<ul>
<li>app.js</li>
<li>routes/
<ul>
<li>auth.js</li>
<li>home.js</li>
<li>products.js</li>
</ul></li>
</ul>
I also find it common to throw an index.js file into that routes/
directory, which might look like:
<script src="https://gist.github.com/4310301.js?file=index.js"> </script>
Eventually you might find that routes/auth.js has grown too large for
one file as well, and you may refactor your files to look more like so:
<ul>
<li>app.js</li>
<li>routes/
<ul>
<li>auth/</li>
<li>login.js</li>
<li>logout.js</li>
<li>register.js</li>
<li>home.js</li>
<li>products.js</li>
</ul></li>
</ul>
This changes your routes/index.js file into:
<script src="https://gist.github.com/4310301.js?file=index2.js"> </script>
... and so on and so forth. As node.js applications grow larger I see
this pattern repeated over and over, often within the same application.
To that end, I created require-directory - an
<a href="http://npmjs.org">npm</a> package that simplifies that index.js file
down into:
<script src="https://gist.github.com/4310301.js?file=index3.js"> </script>
For more information, <a href="https://github.com/troygoode/node-require-directory">check out the package&#39;s GitHub page.</a>
</content>
</entry>
<entry>
<title>PagedList can haz HtmlHelperz?</title>
<link href="http://www.squaredroot.com/2011/06/28/pagedlist-can-haz-htmlhelperz/"/>
<updated>2011-06-28T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2011/06/28/pagedlist-can-haz-htmlhelperz</id>
<content type="html">Wow, has it already been almost two years since my <a href="/2009/08/15/spearmen-javelin-throwers-and-the-state-pattern-oh-my/">last post</a>?
Back in March I made some modifications to the <a href="http://github.com/troygoode/pagedlist">PagedList library</a> I&#39;ve been working on the last couple of years to (finally) add an HTML Helper that can generate the HTML paging code you frequently will use alongside the PagedList library. Over the last few days I have tweaked everything a bit more and am now quite happy with where the library sits.
<h2>Installation</h2>
You can install via Nuget:
<div class="highlight"><pre><code class="language-bash" data-lang="bash">Install-Package PagedList
Install-Package PagedList.Mvc
</code></pre></div>
Alternatively, <a href="https://github.com/TroyGoode/PagedList">download the source</a> straight from GitHub.
<h2>What does PagedList do again?</h2>
The first package contains the core PagedList library, which allows you to do this:
<script src="https://gist.github.com/1053069.js"> </script>
<h2>Okay, so what is PagedList.Mvc then?</h2>
The second package contains the new HTML Helper which lets you render pagers that look like this:
<img src="/custom/files/old/DefaultPagingControlStyles.png" alt="IMAGE">
Note: All elements rendered by the HTML Helper have CSS classes applied to allow you to easily modify styling.
You call the HTML Helper like so:
<script src="https://gist.github.com/1053136.js"> </script>
<h2>Customizing the Rendering Options</h2>
There are several out-of-the-box render configurations as you can see above, and you can also pass ad-hoc render configurations to the render method (also shown above). Sometimes, though, you want to create a render configuration that will be used repeatedly throughout your application. This is easy to do as well:
<script src="https://gist.github.com/1053159.js"> </script>
For more information on the available rendering option settings, check <a href="https://github.com/TroyGoode/PagedList/blob/master/src/PagedList.Mvc/PagedListRenderOptions.cs">PagedListRenderingOptions.cs</a> on GitHub.
</content>
</entry>
<entry>
<title>Spearmen, Javelin Throwers, and the State Pattern. Oh My!</title>
<link href="http://www.squaredroot.com/2009/08/15/spearmen-javelin-throwers-and-the-state-pattern-oh-my/"/>
<updated>2009-08-15T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2009/08/15/spearmen-javelin-throwers-and-the-state-pattern-oh-my</id>
<content type="html">Last week one of Ayende/Oren&#39;s posts caught my eye: <a href="http://ayende.com/Blog/archive/2009/08/05/let-the-fighting-commence.aspx">Let the fighting commence!</a> In it he discussed <a href="http://www.thecodespring.com/2009/08/interface-overload.html">a blog post seen on Jamie Farser&#39;s blog</a>, where Jamie discusses some design difficulties he has run into while designing a turn-based game similar to Axis &amp; Allies named <a href="http://code.google.com/p/everland/">Everland</a>. Since then I&#39;ve been following Jamie&#39;s progress (<a href="http://www.thecodespring.com/2009/08/state-pattern.html">first try</a>, <a href="http://www.thecodespring.com/2009/08/state-pattern-part-15.html">further exploration</a>, <a href="http://www.thecodespring.com/2009/08/state-pattern-part-2-of.html">second try</a>, <a href="http://www.thecodespring.com/2009/08/state-pattern-part-3.html">third try</a>, <a href="http://www.thecodespring.com/2009/08/state-pattern-transitions.html">even further exploration</a>) as he tries to take some of Ayende&#39;s advice and implement the state pattern. Like Jamie, I am fairly new to the state pattern - sure I&#39;ve read about it plenty (starting in <a href="http://www.amazon.com/First-Design-Patterns-Elisabeth-Freeman/dp/0596007124">Head First Design Patterns</a> - a must have!), but I honestly have just never implemented it &quot;for reals.&quot; In my back &amp; forth with Jamie I realized that it was time to put up or shut up - if I&#39;m going to offer criticism I should also offer up an alternative solution.
<h2>The Problem</h2>
Let&#39;s say we have a game where the board is made up of six-side polygons (&quot;hexes&quot;, if you will) and each hex can contain a unit like a spearman or a javelin thrower. Each unit on the board belongs to a player who can take turns moving his units, telling his units to attack other player&#39;s units, etc. Some units have different capabilities than other units - a spearman must be within 1 hex of another unit to attack that unit, whereas a javelin thrower can be 2 units away. How do we design the application in such a way that:
<ul>
<li>The game engine doesn&#39;t need to know specifics about each unit (such as range of attack).</li>
<li>A unit&#39;s capabilities may change during the course of gameplay (such as a spearman being upgraded to a javelin thrower).</li>
</ul>
<h2>My Solution</h2>
Before we look at the code, lets run through what is going to happen in-game.
<ol>
<li>The user selects one of their units, then selects an opposing unit somewhere else on the gameboard, then clicks an &quot;Attack&quot; button.</li>
<li>The game engine creates a context (deriving from ITurnContext) that describes what the user has asked to do. In our case, an AttackContext is created containing references to the attacking unit and the defending unit.</li>
<li>That context is then passed into the ExecuteTurn method of the attacking Unit, which then passes it along into the Handle method of its CurrentState property (which is an object deriving from UnitState). Our attacker&#39;s CurrentState property is currently Spearman, but could just as easily be JavelinThrower. Changing a unit from melee to ranged is as simple as changing the state of that unit.</li>
<li>Our Spearman state derives from UnitState, and the UnitState base class&#39; Handle method uses <a href="http://en.wikipedia.org/wiki/Double_dispatch">double dispatch</a> to forward the Handle request on to the appropriate method of our subclass. In our case that would be the Handle (AttackContext) method of the Spearman class.</li>
<li>Our Spearman class&#39; Handle method then checks to see if the unit is within range to attack the defending unit - if it is, an AttackCommand is returned denoting who the attacker and the defender are; if it isn&#39;t, a MovementCommand is returned denoting which hex to move to.</li>
<li>The Unit class then calls Execute on the returned command, causing the movement or attack operation to be, well, executed.</li>
</ol>
Let&#39;s go through each of the above steps and take a look at the code involved one by one. Skipping the first step (the UI), we&#39;ll move on to where the game engine is creating an AttackContext and passing it into the attacking Unit:
<script src="https://gist.github.com/3998655.js?file=Example-1.cs"> </script>
Okay, easy enough. Moving on we can see the Unit class&#39; ExecuteTurn method pass the context to its CurrentState property&#39;s Handle method:
<script src="https://gist.github.com/3998655.js?file=Example-2.cs"> </script>
Our attacking unit&#39;s CurrentState property is currently set to an instance of Spearman, but before we take a look at that class we&#39;ll take a look at its base class (UnitState - which is doing double dispatch to the Spearman&#39;s Handle method):
<script src="https://gist.github.com/3998655.js?file=Example-3.cs"> </script>
The Spearman class&#39; Handle method is then invoked:
<script src="https://gist.github.com/3998655.js?file=Example-4.cs"> </script>
Notice that the only concern Spearman currently has when handling an attack context is ensuring that it gets within range and then attacks the target. We&#39;ll see an example of a JavelinThrower later. Finally we&#39;ll peek at what the MovementCommand and AttackCommand actually do:
<script src="https://gist.github.com/3998655.js?file=Example-5.cs"> </script>
Before we move on, here is the promised JavelinThrower class:
<script src="https://gist.github.com/3998655.js?file=Example-6.cs"> </script>
Obviously JavelinThrower &amp; Spearman currently only differ in the range at which they can attack (&lt;=2 and &lt;= 1, respectively), so the code in their Handle methods could be abstracted out using the <a href="http://en.wikipedia.org/wiki/Strategy_pattern">strategy pattern</a>.
<h2>Prove It!</h2>
So now that we&#39;ve had a chance to see the code involved the question comes down to: does it actually work? Here are our unit tests:
<script src="https://gist.github.com/3998655.js?file=Example-7.cs"> </script>
And the results...
<img src="/custom/files/old/Spearman-JavelinThrower-Tests-Passed.PNG" alt="IMAGE">
Yay!
So that is the road I went down, but what I really want to know is how would *you *solve this problem? If you&#39;d like to take a deeper look at my code, download it and give it a try yourself:
<a href="/custom/files/old/EverlandStatePattern.zip">EverlandStatePattern.zip</a>
</content>
</entry>
<entry>
<title>MVC Membership Starter Kit Released</title>
<link href="http://www.squaredroot.com/2009/08/07/mvcmembership-release-1-0/"/>
<updated>2009-08-07T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2009/08/07/mvcmembership-release-1-0</id>
<content type="html">These instructions are out of date, and a newer version of the Membership Starter Kit is now available with support for ASP.NET MVC 4 and installation via NuGet. For more information, <a href="https://github.com/troygoode/membershipstarterkit">look the project up on GitHub</a>.
Almost six months after the <a href="http://haacked.com/archive/2009/03/18/aspnet-mvc-rtw.aspx">official release of Asp.Net MVC 1.0</a> and nearly a year after <a href="/2008/09/06/mvc-membership-preview-5/">the last release of the starter kit</a>, I&#39;ve finally rewritten and released the Asp.Net MVC Membership Starter Kit. If you&#39;re already familiar with what it is and want to grab it, you can find the release on the <a href="https://github.com/troygoode/membershipstarterkit">GitHub project site</a>.
<h2>What is the Asp.Net MVC Membership Starter Kit?</h2>
The starter kit currently consists of two things:
<ul>
<li>A sample website containing the controllers, models, and views needed to administer users &amp; roles.</li>
<li>A library that provides testable interfaces for administering users &amp; roles and concrete implementations of those interfaces that wrap the built-in Asp.Net Membership &amp; Roles providers.</li>
</ul>
<h2>How do I use it?</h2>
In Asp.Net MVC 1 there isn&#39;t a great story for packaging &amp; sharing controllers, views, and other resources so we&#39;ll need to follow a few manual steps:
<ul>
<li>After getting the source code build it using your preferred IDE or using the included Build.Debug.bat or Build.Release.bat batch files.</li>
<li>Grab the MvcMembership.dll assembly and place it wherever you&#39;re including external libraries in your project. Add a reference to the assembly to your Asp.Net MVC application.</li>
<li>Copy the UserAdministrationController.cs file from the SampleWebsite&#39;s Controllers directory to your app&#39;s Controllers directory.</li>
<li>Copy the ISmtpClient.cs file, SmtpClientProxy.cs file, and UserAdministration folder from the SampleWebsite&#39;s Models *folder to your app&#39;s *Models folder.</li>
<li>Copy the UserAdministration folder from the SampleWebsite&#39;s Views folder to your app&#39;s Views folder.</li>
<li>Make sure you&#39;ve configured your web.config properly for Membership and Roles. If you aren&#39;t sure of how to do this, take a look at the first two articles in <a href="http://www.4guysfromrolla.com/articles/120705-1.aspx">this series by Scott Mitchell at 4GuysFromRolla</a>.</li>
<li>Finally, add the following code to your global.asax to keep the membership system updated with each user&#39;s last activity date:</li>
</ul>
<script src="https://gist.github.com/3998701.js"> </script>
<h2>What is new since the last release?</h2>
Well, the last release was for <a href="http://mvcmembership.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=16809">Preview 5</a>, so at the very least the project has been updated for Beta and finally Release. Moreover, the project has been completely rewritten from scratch - a major undertaking that was the primary cause of the long delay between releases. Why the rewrite? Two reasons:
<ul>
<li>The <a href="http://mvcmembership.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=12215">first release of the Starter Kit</a> was for Preview 2 of the MVC framework. A lot changed between Preview 2 and Release - A LOT. A lot of the features of the first starter kit were rolled into the OTOB experience (such as login and registration), so I shifted the scope of the project more squarely into the realm of user &amp; role administration. Unfortunately all of these major changes took a toll on the source - I was no longer happy working in the source as it was written for many reasons and thus wanted a rewrite. One of those reasons was...</li>
<li>Previous releases had no (as in zero, less than one, nada) unit tests. This became increasingly unacceptable to me and trying to add unit tests after-the-fact was a nightmare. Instead I rewrote the project using TDD.</li>
</ul>
Alright, so that was basically the long-winded spiel to prepare you for the bad news: the project regressed from a functionality perspective. During the course of the rewrite things some things didn&#39;t make it in - chief among them is the OpenID integration. I encourage everyone to take a look at the Maarten Balliauw (an MvcMembership contributor) blog post on <a href="http://blog.maartenballiauw.be/post/2009/07/27/Authenticating-users-with-RPXNow-%28in-ASPNET-MVC%29.aspx">authenticating via RPX in MVC</a>.
<h2>What comes next?</h2>
The primary motivator for me getting off my but after nearly a year and finishing up this release is my desire to convert it to an <a href="http://weblogs.asp.net/scottgu/archive/2009/07/31/asp-net-mvc-v2-preview-1-released.aspx">&quot;area&quot; for use in MVC 2</a>. Packaging reusable components like this has been a sore spot for the current MVC framework and I&#39;m glad to see the blue badges are going to provide a common solution. Along with that I&#39;ll likely try to add RPX authentication ala Maarten&#39;s post.
</content>
</entry>
<entry>
<title>Return of the PagedList</title>
<link href="http://www.squaredroot.com/2009/06/15/return-of-the-pagedlist/"/>
<updated>2009-06-15T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2009/06/15/return-of-the-pagedlist</id>
<content type="html">I recommend grabbing the latest code from NuGet or directly from <a href="https://github.com/troygoode/pagedlist">the project's site on GitHub</a>. The CodePlex project is no longer maintained.
It has been nearly a year since I <a href="/2008/07/08/PagedList-Strikes-Back/">posted</a> an updated version of the PagedList&lt;T&gt; functionality originally <a href="http://blog.wekeroad.com/blog/aspnet-mvc-pagedlistt">created by Scott Guthrie and posted by Rob Conery</a>. Since then I have used the class in a number of projects and find it indispensable.
A few days ago, Craig Stuntz reported an interesting observation: when the first page is returned, the class performs a Skip(0). Suprisingly, <a href="http://blogs.teamb.com/craigstuntz/2009/06/10/38313/">this is not free</a>. With that in mind, I set out to correct that issue as well as incorporate a few changes I&#39;ve made over the past year. The result is nearly identical to the last posted version, just a bit more readable. Additionally...
<ul>
<li>The source is now available on CodePlex: <a href="http://pagedlist.codeplex.com">http://pagedlist.codeplex.com</a>. This should make finding and downloading the code easier than finding the correct blog entry on some dude&#39;s blog.</li>
<li>I have posted a release-compiled, XML commented, signed assembly on CodePlex. I got tired of having to copy the source into multiple projects and finding a place to put it in that project&#39;s taxonomy.</li>
<li>Further incremental changes can be found in the Change Log on the CodePlex project site.</li>
</ul>
</content>
</entry>
<entry>
<title>Creating an MVC Project in Visual Studio 2010</title>
<link href="http://www.squaredroot.com/2009/06/09/creating-an-mvc-project-in-visual-studio-2010/"/>
<updated>2009-06-09T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2009/06/09/creating-an-mvc-project-in-visual-studio-2010</id>
<content type="html">These instructions are not necessary with the RTM version of Visual Studio 2010 or later releases of Visual Studio.
Earlier today <a href="http://www.haacked.com/archive/2009/06/09/aspnetmvc-vs10beta1-roadmap.aspx">Phil Haack announced</a> that the Asp.Net MVC installer for Visual Studio 2010 Beta 1 is <a href="http://aspnet.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=28527">now available on CodePlex</a> along with the bonus of some basic snippets for use with MVC projects. This is exactly what I have been waiting for before installing Visual Studio 2010, so I decided to give it a shot and report back on my experience. I&#39;m happy to say that the basic experience went flawlessly for me, though it appears <a href="http://weblogs.asp.net/jacqueseloff/archive/2009/06/09/troubleshooting-the-mvc-installer-for-visual-studio-2010-beta-1.aspx">that may not hold true for everyone</a>.
The first (and by far the longest) step in getting everything up and running is to download and install the Visual Studio 2010 beta. There are multiple flavors available, but I settled for the plain old Professional edition. You can also choose between the <a href="http://www.microsoft.com/downloadS/details.aspx?familyid=3296BB4F-D8BA-4CFD-AA95-A424C5913F6B&amp;displaylang=en">full install 2 ISO download (1.1 GB)</a> or a <a href="http://www.microsoft.com/downloadS/details.aspx?familyid=75CBCBCD-B0E8-40EA-ADAE-85714E8984E3&amp;displaylang=en">lightweight (5 MB) &quot;web install&quot; package</a>. I chose to try out the smaller package and it worked fine for me, though MSDN subscribers with slower connections may prefer to use the Microsoft download tool and download the bigger install so that they can pause and restart the download as needed. Either way, once you&#39;ve downloaded everything grab a drink and kick off the install. On my relatively fast machine running Windows 7 it took close to half an hour to install and two (!) required restarts.
Once Visual Studio has finished installing, download and install the <a href="http://aspnet.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=28527">ASP.NET MVC 1.1 Installer for Visual Studio 2010 from CodePlex</a>. While you&#39;re there, go ahead and download and unzip ASP.NET MVC Snippets for VS2010 Beta 1. While Asp.Net MVC 1.1 is being installed, go ahead and install the snippets as well: unzip &quot;ASP.NET MVC Snippets.zip&quot; into &quot;C:\Users&amp;lt;username&gt;\Documents\Visual Studio 10\Code Snippets\Visual Web Developer\My HTML Snippets&quot;, where &quot;C:\&quot; is your OS drive.
If you encounter any difficulties with the installer, check out this <a href="http://weblogs.asp.net/jacqueseloff/archive/2009/06/09/troubleshooting-the-mvc-installer-for-visual-studio-2010-beta-1.aspx">blog post by Jacques Eloff</a>. He developed the installer and hopefully his post can help you out. Luckily for me everything proceeded with no problems. Booting up Visual Studio 2010 Beta 1 for the first time, I was presented with the new start screen:
<img src="/custom/files/old/1-vs2010-first-boot-1024x736.jpg" alt="IMAGE">
<img src="/custom/files/old/2-creating-mvc-project-150x150.jpg" alt="IMAGE">
From here, you can launch the new New Project dialog either via the File menu or by clicking &quot;Projects&quot; on the left side of the startup screen and then clicking the &quot;New Project&quot; icon. If the Asp.Net MVC 1.1 installer has been correctly installed, you will find a &quot;ASP.NET MVC Web Application&quot; entry under the &quot;Web&quot; category in the New Project dialog. Fiddle with the Name, Location, and Solution Name as always and then click OK to create your application.
<img src="/custom/files/old/3-create-test-project-150x150.jpg" alt="IMAGE">
After clicking OK, we would expect to be presented with the dialog that asks us if we want to create a test project for our new MVC application and indeed it does appear. MSTest is listed by default as always and was the only option available to me even though I do have MBUnit and xUnit.net showing up in this dialog in VS2008. If anyone knows an easy way to get the other test frameworks working with this dialog, please leave a comment or drop me an email. To me this isn&#39;t a big deal, as I prefer to setup my test projects manually and don&#39;t see a lot of value in the dialog, but I&#39;m sure some people prefer to use it. For the sake of expediency I went and ahead and let Visual Studio create an MSTest project (better than nothing, right? maybe?) and proceeded into the project and opened up a view only to hit my next stumbling block...
<img src="/custom/files/old/4-project-created-1024x736.jpg" alt="IMAGE">
The culprit here is that in Visual Studio 2008 I use a dark theme based off the Vibrant Ink-ish theme <a href="http://blog.wekeroad.com/blog/textmate-theme-for-visual-studio-take-2/">Rob Conery posted a long time ago</a>. Evidently the upgrade process was able to transfer over most of my foreground preferences but none of my background preferences. This left me with light text on a white background. A quick hop skip &amp; a jump through &quot;Tools&quot; &gt; &quot;Import and Export Settings...&quot; allowed me to import the defaults, thus making my color scheme readable, if a bit too vanilla.
Now that my application is loaded up and legible, I decided I would make a couple small changes to the application and take some of the old (and new) features for a test drive to see how they did. First I tried out controller scaffolding: right-click on the MVC application&#39;s Controllers folder and select &quot;Add &gt; Controller...&quot;. That worked fine and was able to generate the CRUD scaffolding I requested. Next I tried automatic view generation: right-click anywhere inside of an action and select &quot;Add View...&quot;. I was pleased to find that neither of these features had been lost and were working as expected.
<img src="/custom/files/old/9-choosing-actionlink-snippet-300x206.jpg" alt="IMAGE">
So now I&#39;ve created a ProductController with various actions as well as a basic view for the controller&#39;s Index action, but I don&#39;t have any way to navigate to that action except typing the URL in by hand. Thinking this might be a good time to try out the new snippets, I opened up the Site.Master view and added a new &lt;li&gt;&lt;/li&gt; to the navigation element. Having not really used snippets much before, I was temporarily lost as I expected to find them in the Toolbox (were they not in there at one point?). Luckily they were even easier to find than that, all I had to do was right-click. (On a side note, this makes it much more likely that I&#39;ll use them - the quickest way to get me to not use a Visual Studio feature is to make me deal with the horribly slow loading toolbar). The context-menu inside of views has an &quot;Insert Snippet...&quot; entry that, once selected, will give you three options:Â ASP.NET, HTML, and My HTML Snippets. The snippets we installed earlier were placed in our user folder, which means Visual Studio will automatically detect them and load them in to the &quot;My HTML Snippets&quot; folder. Selecting that folder presents you with a list of many basic HTML helper snippets.
In this case I wanted to use the first one, actionlink, to create a new call to Html.ActionLink(...). Selecting it then inserted the Html helper text as I would expect, and highlighted the arguments for the link&#39;s text and action also as I would expect. I did notice that the snippet doesn&#39;t automatically insert a placeholder for specifying which controller the actionlink refers to and adding a comma after the last argument did not bring up the list of overloads for Html.ActionLink that I expected to see.
With that done I hit F5 and was able to browse to my Product controller&#39;s Index action, confirming that Asp.Net MVC is indeed working fine with Visual Studio 2010. It looks like there are still some kinks to work out, but it is already close enough that I feel confident that Beta 2&#39;s integration should be quite good. 
</content>
</entry>
<entry>
<title>DevPocalypse : A *Basic* Asp.Net MVC + jQuery Game</title>
<link href="http://www.squaredroot.com/2008/12/12/devpocalypse-basic-multiplayer-mvc-jquery-ajax-sample/"/>
<updated>2008-12-12T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/12/12/devpocalypse-basic-multiplayer-mvc-jquery-ajax-sample</id>
<content type="html">Last weekend I had the privilege of speaking at the second <a href="http://www.novacodecamp.org/">Northern Virginia CodeCamp</a> of the year, thanks to an invitation from <a href="http://thequeue.net/blog/">Jeff Schoolcraft</a>. For those of you who were able to make it to the event, thanks for attending, and make sure to <a href="http://codecampevals.com/">fill out an eval</a>! For those of you who didn&#39;t make it (or those who did and want a deeper peek at the code I presented), feel free to check out the code to my sample app &amp; posted below.
<h2>DevPocalypse (ASP.NET MVC + jQuery = Simple Multiplayer Action)</h2>
The basic idea of the game is that multiple players can exist on a grid (a &quot;screen&quot;) and move around to unoccupied spaces (&quot;blocks&quot;) adjacent to their current location. I had grand hopes of being able to click another player to attack them and include some basic chat, but alas, it was not meant to be. At least not for this presentation. My hope is to continue working on this as a single sample app I can use to illustrate various MVC techniques for future speaking engagements.
Let&#39;s take a gander at what the app looks like when it is running:
<img src="/custom/files/old/DevPocalypse-Screenshot_2.jpg" alt="IMAGE">
Yup, like I said: basic. So those two little guys are players. You can&#39;t see it in a screenshot, but when you click a square next to where your player is standing, jQuery will smoothly animate the transition of your character from the current block to the new block. What is even neater is that when a player on a different computer moves their player, you also see the same jQuery animation execute. How are we doing this? Well first we use a simple polling script (from Game.js):
<script src="https://gist.github.com/4001183.js?file=Example-1.js"> </script>
Ultimately, this code calls an action named GetCurrentScreen on the GameController. Currently this executes twice a second so as to be nice and responsive, but of course I have no idea how that would handle under load. Here is the entire GameController class:
<script src="https://gist.github.com/4001183.js?file=Example-2.cs"> </script>
Pretty simple, huh? Note how nice and easy it was to return an anonymous type as a JSON (JavaScript Object Notation) object via the Json(obj) method. Finally, here is the bit of Game.js that performs the actual animation (this is done in a loop updating all characters â€“ hence the id and c variables):
<script src="https://gist.github.com/4001183.js?file=Example-3.js"> </script>
Gotta love jQuery. :-) There is plenty more to look at in the source, so feel free to download it, check it out, play around with it - use it for whatever you want.
Thanks, and I hope to see you at the next CodeCamp!
<a href="/custom/files/old/DevPocalypse.zip">DevPocalypse.zip</a>
</content>
</entry>
<entry>
<title>MVC/jQuery Presentation at NoVa CodeCamp - Dec. 6</title>
<link href="http://www.squaredroot.com/2008/11/24/mvc-jquery-presentation-at-nova-codecamp-december-6-2008/"/>
<updated>2008-11-24T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/11/24/mvc-jquery-presentation-at-nova-codecamp-december-6-2008</id>
<content type="html"><img src="/custom/files/old/NoVaCodeCamp.gif" alt="IMAGE">
<a href="http://thequeue.net/blog/">Jeff Schoolcraft</a> was kind enough to ask me to speak at this year&#39;s second <a href="http://novacodecamp.org/">NoVa CodeCamp</a>. It is being held in two weeks on Saturday, December 6th at the Microsoft Technology Center in Reston, VA [<a href="http://maps.google.com/maps?f=q&amp;hl=en&amp;geocode=&amp;q=12012+Sunset+Hills+Rd.++Reston,+VA+20190&amp;sll=37.0625,-95.677068&amp;sspn=51.089971,79.101563&amp;ie=UTF8&amp;z=16&amp;g=12012+Sunset+Hills+Rd.++Reston,+VA+20190&amp;iwloc=addr">map</a>]. If you&#39;re interested in attending, please make sure you <a href="https://www.clicktoattend.com/invitation.aspx?code=131469">register</a> soon!
I don&#39;t yet have word on the final presentation schedule, but here is the abstract for the presentation I will be giving:
<blockquote>
**Creating an AJAX MMORPG With jQuery & Asp.Net MVC**
C'mon, it's Saturday, let's take a break from those enterprise class systems and make something that we can enjoy ourselves! Over the past several years users have become increasingly conditioned to expect a fast, responsive UI that communicates changes in a clear manner - even in the apps we build at our day jobs. We'll see how jQuery allows us to build such a UI using AJAX and animations in a quick, cross-platform manner. We'll also see how ASP.Net MVC makes it easier than ever to integrate with AJAX frameworks like jQuery. By the end of our session, we'll even have a fun little game to play!
</blockquote>
In the following two weeks I&#39;ll be posting the code I&#39;m currently creating as the basis of this presentation to my blog so that everyone can download it and check it out. I hope to see some of you at the CodeCamp!
</content>
</entry>
<entry>
<title>My PDC 2008 Agenda</title>
<link href="http://www.squaredroot.com/2008/10/23/pdc-2008-agenda/"/>
<updated>2008-10-23T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/10/23/pdc-2008-agenda</id>
<content type="html">This Saturday I&#39;ll be headed off to sunny Los Angeles for Microsoft&#39;s <a href="http://microsoftpdc.com">Professional Developer Conference 2008</a>. This is the first time I&#39;ve gone and I&#39;m really looking forward to it. I&#39;m staying at <a href="http://www.figueroahotel.com">Hotel Figeuroa</a>, only a couple blocks from the <a href="http://www.lacclink.com">Los Angeles Convention Center</a>, and I&#39;ve posted my tentative session agenda (more for my own reference than anything else) below. If anyone else would like to meet up for drinks after the sessions, <a href="mailto:troygoode@gmail.com">drop me an email</a>.
<h2>Pre-Conference / Sunday Oct 26 2008</h2>
<ul>
<li>10:00 AM - 5:45 PM: <a href="http://microsoftpdc.com/Agenda/Preconference.aspx#creating-rich-internet-applications-with-silverlight">Creating Rich Internet Applications with Silverlight</a></li>
</ul>
<h2>Day One / Monday Oct 27 2008</h2>
<ul>
<li>8:30 AM - 11:00 AM: Keynote</li>
<li>11:00 AM - 12:45 AM: <a href="http://channel9.msdn.com/pdc2008/ES16/">A Lap Around Cloud Services (Part 1)</a></li>
<li>12:45 PM - 1:45 PM: <a href="http://channel9.msdn.com/pdc2008/PC47/">Microsoft Expression Blend: Tips &amp; Tricks</a></li>
<li>1:45 PM - 3:30 PM: <a href="http://channel9.msdn.com/pdc2008/PC20/">ASP.Net 4.0 Roadmap</a></li>
<li>3:30 PM - 5:15 PM: <a href="http://channel9.msdn.com/pdc2008/BB01/">A Lap Around Cloud Services (Part 2)</a> or <a href="http://channel9.msdn.com/pdc2008/PC21/">ASP.NET MVC: A New Framework for Building Web Applications</a></li>
<li>5:15 PM - 6:30 PM: <a href="http://channel9.msdn.com/pdc2008/ES01/">Developing and Deploying Your First Cloud Service</a> or <a href="http://channel9.msdn.com/pdc2008/TL49/">Microsoft .NET Framework: Overview and Applications for Babies</a> or <a href="http://channel9.msdn.com/pdc2008/TL17/">Windows Workflow Foundation 4.0: A First Look</a></li>
</ul>
<h2>Day Two / Tuesday Oct 28 2008</h2>
<ul>
<li>3:30 AM - 12:45 PM: Keynote</li>
<li>12:45 PM - 1:45 PM: <a href="http://channel9.msdn.com/pdc2008/PC24/">Windows 7: Welcome to the Windows 7 Desktop</a></li>
<li>1:45 PM - 3:30 PM: <a href="http://channel9.msdn.com/pdc2008/ES04/">Essential Cloud Storage Services</a></li>
<li>3:30 PM - 5:15 PM: <a href="http://channel9.msdn.com/pdc2008/PC33/">Microsoft Visual Studio: Easing ASP.NET Web Deployment</a></li>
<li>5:15 PM - 6:30 PM: <a href="http://channel9.msdn.com/pdc2008/TL20/">Entity Framework Futures</a> or <a href="http://channel9.msdn.com/pdc2008/PC31/">ASP.NET and JQuery</a> or <a href="http://channel9.msdn.com/pdc2008/ES02/">Architecting Services for the Cloud</a></li>
</ul>
<h2>Day Three / Wednesday Oct 29 2008</h2>
<ul>
<li>8:30 AM - 10:30 AM: Keynote</li>
<li>10:30 AM - 12:00 PM: <a href="http://channel9.msdn.com/pdc2008/TL06/">WCF 4.0: Building WCF Services with WF in Microsoft .NET 4.0</a></li>
<li>12:00 PM - 1:15 PM: <a href="http://channel9.msdn.com/pdc2008/TL43/">Microsoft XNA Game Studio: An Overview</a></li>
<li>1:15 PM - 3:00 PM: <a href="http://channel9.msdn.com/pdc2008/TL18/">&quot;Oslo&quot;: Customizing and Extending the Visual Design Experience</a></li>
<li>3:00 PM - 4:45 PM: <a href="http://channel9.msdn.com/pdc2008/ES03/">A Day in the Life of a Cloud Service Developer</a> or <a href="http://channel9.msdn.com/pdc2008/PC55/">Oomph: A Microformat Toolkit</a> or <a href="http://channel9.msdn.com/pdc2008/TL28/">&quot;Oslo&quot;: Repository and Models</a></li>
<li>4:45 PM - 6:00 PM: <a href="http://channel9.msdn.com/pdc2008/TL23-R/">A Lap around &quot;Oslo&quot;</a></li>
</ul>
<h2>Day Four / Thursday Oct 30 2008</h2>
<ul>
<li>8:30 AM - 10:15 AM: <a href="http://channel9.msdn.com/pdc2008/TL04/">WCF: Developing RESTful Services</a></li>
<li>10:15 AM - 12:00 PM: <a href="http://channel9.msdn.com/pdc2008/SYMP05/">Services Symposium: Enterprise Grade Cloud Applications</a></li>
<li>12:00 PM - 1:45 PM: <a href="http://channel9.msdn.com/pdc2008/ES17/">Cloud Computing: Programming in the Cloud</a></li>
<li>1:45 PM - 3:00 PM: <a href="http://channel9.msdn.com/pdc2008/PC32/">ASP.NET AJAX Futures</a> or <a href="http://channel9.msdn.com/pdc2008/BB27/">Workflow Services: Orchestrating Services and Business Processes Using Cloud-Based Workflow</a></li>
</ul>
</content>
</entry>
<entry>
<title>ASP.Net MVC Goes Beta!</title>
<link href="http://www.squaredroot.com/2008/10/16/aspnet-mvc-beta-release/"/>
<updated>2008-10-16T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/10/16/aspnet-mvc-beta-release</id>
<content type="html">I discovered via <a href="http://www.dotnetkicks.com/aspnet/ASP_net_MVC_goes_Beta">DotNetKicks</a> this afternoon that the ASP.Net MVC framework&#39;s beta release is now <a href="http://www.microsoft.com/downloads/details.aspx?familyid=a24d1e00-cd35-4f66-baa0-2362bdde0766&amp;displaylang=en&amp;tm">available for download from Microsoft.com</a>. No release or source code is yet available from the <a href="http://www.codeplex.com/aspnet">CodePlex project</a>, but I expect we&#39;ll see it there soon enough. Congratulations to the team at Microsoft, RTM is knocking at the door!
<a href="http://www.microsoft.com/downloads/details.aspx?familyid=a24d1e00-cd35-4f66-baa0-2362bdde0766&amp;displaylang=en&amp;tm">Download ASP.NET MVC Beta.</a>
</content>
</entry>
<entry>
<title>Introduction to ASP.Net MVC for Alt.Net DC Tonight</title>
<link href="http://www.squaredroot.com/2008/09/24/altdotnet-presentation-20080924/"/>
<updated>2008-09-24T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/09/24/altdotnet-presentation-20080924</id>
<content type="html">Anyone in the Washington, DC area who is interested in an introductory peek at Microsoft&#39;s new ASP.Net MVC platform is invited to come out to tonight&#39;s Alt.Net meeting. I will be presenting the front-to-back basics you need to know to get started in developing with the MVC framework, using a MVC blog engine as our use case. Details about the when/where below. Many thanks to Matthew Podwysocki for asking me to speak tonight; it is a great privilege.
When:
September 24, 2008 - 7PM to 9PM
Where:
<a href="http://www.cynergysystems.com/">Cynergy Systems Inc.</a> 
1600 K St NW 
Suite 300 
Washington, DC 20006
<a href="http://maps.google.com/maps?f=q&amp;hl=en&amp;geocode=&amp;q=1600+K+St+NW,+Washington,+DC+20006&amp;sll=38.880459,-77.109452&amp;sspn=0.012444,0.027895&amp;ie=UTF8&amp;z=16">Show in Google Maps.</a>
More Info:
<a href="http://codebetter.com/blogs/matthew.podwysocki/archive/2008/09/08/dc-alt-net-9-24-2008-building-asp-net-mvc-applications-with-troy-goode.aspx">Matthew Podwysocki&#39;s blog post</a>
</content>
</entry>
<entry>
<title>Introduction to ASP.Net MVC for Alt.Net DC - Presentation Materials</title>
<link href="http://www.squaredroot.com/2008/09/24/altdotnet-presentation-20080924-materials/"/>
<updated>2008-09-24T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/09/24/altdotnet-presentation-20080924-materials</id>
<content type="html">I just got back from my ASP.Net MVC Presentation for tonight&#39;s DC Alt.Net meeting and I had a great time. I hope everyone got a good feel for what it takes to develop an application using the MVC framework. Please don&#39;t hesitate to <a href="mailto:troygoode@gmail.com">email me</a> if you have any questions. Also I owe a big thanks to <a href="http://codebetter.com/blogs/matthew.podwysocki/default.aspx">Matthew Podwysocki</a> for inviting me to speak. Thanks Matt, I really enjoyed the opportunity.
I promised that I would post the project that we created tonight (a basic blog engine), which you can now find linked below. There are three projects in the solution:
<ul>
<li>MvcTutorials.Blog.Domain: This project has the Comment &amp; Post entities, as well as the repositories used to populate them.</li>
<li>MvcTutorials.Blog.Domain.Bootstrap: This project adds random data to the blog database for testing.</li>
<li>MvcTutorials.Blog.ReferenceWebsite: This is the MVC website I created prior to the meeting to decide what I was going to present and how long it would take to do it. This is where you&#39;ll find the code we wrote tonight.</li>
</ul>
If you want to run the project, make sure you have SQL Server Express installed and create a database named &quot;MvcTutorial-Blog&quot;. Afterward you can run the &quot;MvcTutorials.Blog.Domain.Bootstrap&quot; project to insert test data and run the website project.
Be sure to let me know if there are any questions or comments about tonight&#39;s presentation or this post&#39;s code!
<a href="/custom/files/old/MvcTutorial-Blog.zip">MvcTutorial-Blog.zip</a>
</content>
</entry>
<entry>
<title>MVC Membership - Preview 5</title>
<link href="http://www.squaredroot.com/2008/09/06/mvc-membership-preview-5/"/>
<updated>2008-09-06T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/09/06/mvc-membership-preview-5</id>
<content type="html">This post is out of date. Please reference this project's <a href="https://github.com/troygoode/membershipstarterkit">GitHub page</a> for the latest code.
Last weekend I posted a release of the MVC Membership Starter Kit that targets <a href="http://haacked.com/archive/2008/08/29/asp.net-mvc-codeplex-preview-5-released.aspx">Preview 5 of the ASP.Net MVC framework</a>. There was no packaged release targeting <a href="http://weblogs.asp.net/scottgu/archive/2008/07/14/asp-net-mvc-preview-4-release-part-1.aspx">Preview 4</a> (though if you <a href="http://www.codeplex.com/MvcMembership/SourceControl/ListDownloadableCommits.aspx">downloaded the latest source</a>, it worked), so this release essentially packages the changes from both previews.
<h2>Why does the MVC Membership Starter Kit still exist?</h2>
The biggest change affecting the MVC Membership Starter Kit is that the default ASP.Net MVC Web Application project includes <a href="http://weblogs.asp.net/scottgu/archive/2008/07/14/asp-net-mvc-preview-4-release-part-1.aspx">login/logout, register, and change password functionality as of Preview 4</a>. This is great and I&#39;m glad to see them do it. It is my hope they will eventually include membership administration functionality as well. For now, however, they haven&#39;t included it. This leaves three main features that are now driving the existence of this project:
<ul>
<li>Membership Administration: What good is registration, login, and logout if a site&#39;s owner cannot change a user&#39;s roles or manage their user base? While Visual Studio&#39;s <a href="http://msdn.microsoft.com/en-us/library/yy40ytx0.aspx">Web Site Administration Tool</a> covers most of your bases during development, it isn&#39;t a real option for use by web site administrators in a production application.</li>
<li>OpenID Integration: Preview 4&#39;s built-in login functionality only covers the use of standard username/password authentication. It seems likely that this will continue, as I am not aware of any plans for official <a href="http://openid.net/">OpenID</a> support within the .Net framework. We are using <a href="http://code.google.com/p/dotnetopenid/">Andrew Arnott &amp; co&#39;s DotNetOpenId</a> project to help you let your users log in using OpenID.</li>
<li>WindowsLive LiveID Integration: <a href="http://blog.maartenballiauw.be/">Maarten</a>&#39;s <a href="http://dev.live.com/liveid/">LiveID</a> integration has unfortunately not made this release. I anticipate that it will be available again for the next release, which will target <a href="http://haacked.com/archive/2008/09/05/mvcfutures-and-asp.net-mvc-beta.aspx">the first beta release of ASP.Net MVC</a>.</li>
</ul>
<h2>What has changed?</h2>
<ul>
<li>No more login/logout/password retrieval. Because the AccountController and its views are now included by default in new projects, the need for this functionality has gone away.</li>
<li>Less assemblies to reference. Rather than the MembershipAdministrationController and other code being compiled into a separate assembly that you must include, you now drop the controllers directly into your web app. This allows you to easily change the code as your project evolves. The starter kit&#39;s implementation is really just a starting point that you can build off of.</li>
<li>Controllers are split. In previous releases the OpenID and WindowsLive login functionality was included in the MembershipAuthenticationController. The OpenID functionality has since been moved into a separate controller with separate views. This was done because (a) the MembershipAuthenticationController no longer exists and (b) moving forward more of the pieces of this kit will be separated from each other so that you can include them a la carte.</li>
</ul>
<h2>Download</h2>
You can download the Preview 5 release of the MVC Membership Starter Kit from CodePlex:
<a href="http://www.codeplex.com/MvcMembership/Release/ProjectReleases.aspx?ReleaseId=16809#ReleaseFiles">http://www.codeplex.com/MvcMembership/Release/ProjectReleases.aspx?ReleaseId=16809#ReleaseFiles</a>
</content>
</entry>
<entry>
<title>PagedList Strikes Back</title>
<link href="http://www.squaredroot.com/2008/07/08/pagedlist-strikes-back/"/>
<updated>2008-07-08T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/07/08/pagedlist-strikes-back</id>
<content type="html">There is an updated version of the PagedList&lt;T&gt; code available <a href="https://github.com/troygoode/pagedlist">on GitHub</a>.
A few months ago I posted about <a href="/2008/04/08/updated-pagedlist-class/">my changes</a> to <a href="http://blog.wekeroad.com/2007/12/10/aspnet-mvc-pagedlistt/">Rob Conery&#39;s PagedList</a> class. Since writing that article many comments have been left about how to further improve the design, which I have since incorporated into a new, further improved PagedList class. For those who aren&#39;t familiar, the PagedList class allows scenarios such as the following:
<script src="https://gist.github.com/4001462.js?file=Example-1.cs"> </script>
So in the above scenario (an example MVC action), if you had a list of 30 products with IDs 1-30 and passed in a pageIndex of 2 you would pass the products with IDs 21-30 into your view. Best of all it uses IQueryable, so if you pass a LINQ expression or IQueryable result into ToPagedList(...) it will do the filtering on the database side! Take a look at the new improved PagedList <a href="https://github.com/troygoode/pagedlist">on GitHub</a>.
Changes Since Previous Version:
<ul>
<li>Changed &quot;TotalPages&quot; property to &quot;PageCount&quot;. This was done to more clearly illustrate the purpose of this property (more in line with the standard List&lt;T&gt; .Count property).</li>
<li>Changed &quot;TotalCount&quot; property to &quot;TotalItemCount&quot;. This was done to differentiate between Pages and Items more clearly.</li>
<li>Switched &quot;PageIndex&quot; back to being a zero-based index, rather than one-based. The PageIndex was set to be one-based because the most common use-case that I could think of, outputting a pager (i.e.: Previous - 1 - 2 - 3 - Next), was one-based and it would be nice to not have to do &quot;obj.PageIndex + 1&quot; everywhere. This was probably a poor decision. Some people found it confusing and <a href="/2008/04/08/updated-pagedlist-class/#comment-152106122">others found that it didn&#39;t work with the standard .Net DataPager</a>.</li>
<li>Added &quot;PageNumber&quot; property. As suggested <a href="/2008/04/08/updated-pagedlist-class/#comment-152106104">via comment</a> on my previous post, PageNumber is just PageIndex + 1.</li>
<li>Treat all data as IQueryable for the duration of class initialization. Tgmdbm, a frequent contributer on the <a href="http://forums.asp.net/1146.aspx">ASP.Net MVC forums</a>, pointed out <a href="/2008/04/08/updated-pagedlist-class/#comment-152106101">some good reasons</a> why everything should be treated as IQueryable before the .Skip(x).Take(y). I&#39;m not 100% sold that treating it as IEnumerable would also work for IQueryable objects (since IQueryable supports IEnumerable), but to be safe I have defaulted everything to using IQueryable. You can still pass in a strict IEnumerable, but it will be converted to IQueryable for the duration of the PagedList class initialization process.</li>
<li>Tested with <a href="http://www.codeplex.com/xunit">xUnit.net</a>. While the PagedList class isn&#39;t exactly rocket science, I want to strive to improve the quality of the code that I&#39;m presenting to the community. I also enjoyed having an excuse to try out xUnit&#39;s data-driven testing using the [Theory] attribute (similar to MbUnit&#39;s [RowTest]) for the first time. Not much has been written about it, but I was able to find <a href="http://blog.benhall.me.uk/2008/01/introduction-to-xunitnet-extensions.html">some examples from Ben Hall</a> which got me up and testing quickly.</li>
</ul>
A big thanks to everyone who has thrown their two cents in to help improve this small but useful class!
</content>
</entry>
<entry>
<title>MVC Controller Action Security Hole</title>
<link href="http://www.squaredroot.com/2008/07/08/mvc-controller-action-security-hole/"/>
<updated>2008-07-08T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/07/08/mvc-controller-action-security-hole</id>
<content type="html">The latest of <a href="http://weblogs.asp.net/stephenwalther/">Stephen Walther</a>&#39;s invaluable <a href="http://weblogs.asp.net/stephenwalther/archive/tags/Tips/default.aspx">ASP.Net MVC Tip series</a> points out a MVC scenario that was previously unknown to me: <a href="http://weblogs.asp.net/stephenwalther/archive/2008/07/08/asp-net-mvc-tip-15-pass-browser-cookies-and-server-variables-as-action-parameters.aspx">passing cookies and server variables into controllers as action parameters</a>. While the idea is neat, <a href="http://weblogs.asp.net/stephenwalther/archive/2008/07/08/asp-net-mvc-tip-15-pass-browser-cookies-and-server-variables-as-action-parameters.aspx#6377484">a comment left by Francois Ward</a> echoed my immediate skepticism over whether this could be safe. After playing around I believe I have confirmed my suspicions that making use of this capability is a Very Bad Idea.
I&#39;ll let Francois&#39; comment explain the problem (emphasis mine):
<blockquote>
Tuesday, July 08, 2008 4:16 PM by Francois Ward
Hmm, I didn't look into it much, but is that -safe-? I mean, if the variables in the index function are filled up automatically... it would be ok if it was only one type (all cookies, or all server variables), but since you can mix and match, **whats to present me from forging a request with a cookie with the same name as the server variables**?
I mean, it is already possible to forge anything client-related, for obvious reason... but **forging info that potentially come from the server**? That seems...awkward...
(again, keep in mind this is just my first reaction, maybe if I think it through I'll realize what I just said is totally stupid :) )
</blockquote>
Like Francois said, cookies are easily forged client-side anyway, but most developers tend to rely on the <a href="http://en.wikipedia.org/wiki/Truthiness">truthiness</a> of our server variables, specifically those that don&#39;t come over in the HTTP request. Let me demonstrate how the issue plays out.
For our example I have created a method on the HomeController named Test that takes four parameters that match server variable names. Below are the descriptions of each from MSDN&#39;s <a href="http://msdn.microsoft.com/en-us/library/ms524602.aspx">IIS Server Variables</a> article:
<ul>
<li>REMOTE_ADDR MSDN Says, &quot;The IP address of the remote host that is making the request.&quot;</li>
<li>LOGON_USER MSDN Says, &quot;The Windows account that the user is impersonating while connected to your Web server. Use REMOTEUSER, UNMAPPEDREMOTEUSER, or AUTHUSER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.&quot;</li>
<li>REQUEST_METHOD MSDN Says, &quot;The method used to make the request. For HTTP, this can be GET, HEAD, POST, and so on.&quot;</li>
<li>SERVER_NAME The server&#39;s host name, DNS alias, or IP address as it would appear in self-referencing URLs.</li>
</ul>
My biggest concern is LOGON_USER. As described by MSDN this variable normally stores whatever the value of REMOTEUSER, UNMAPPEDREMOTEUSER, or AUTHUSER is, except when you have a third party authentication filter installed. The purpose of these authentication filters is to map the value of one of the above three request variables to a different local name. For example, you may be using a filter to map &quot;DOMAINTroyGoode&quot; to &quot;DOMAIN-DMZStandardUser&quot; and to map &quot;DOMAINScottGuthrie&quot; to &quot;DOMAIN-DMZAdministrator&quot;. If you are using such a filter and then add LOGON_USER as a parameter to one of your actions, you are suddenly opening up the ability for anyone to circumvent that authentication filter.
Here is the action I have created:
<script src="https://gist.github.com/4001511.js?file=Example-1.cs"> </script>
And here is what this action will output without any fiddling:
<img src="/custom/files/old/Unhacked_2.jpg" alt="IMAGE">
Now I&#39;ll tweak the Url a bit:
<blockquote>
First Url:
http://localhost:63260/Home/Test
Second Url:
http://localhost:63260/Home/Test?REMOTE_ADDR=Any.IP.I.Want&LOGON_USER=YourDomainAdministrator&REQUEST_METHOD=POST&SERVER_NAME=microsoft.com
</blockquote>
And voil&agrave;, mischief achieved:
<img src="/custom/files/old/TotallyHaxxored_2.jpg" alt="IMAGE">
Now I&#39;m no Kevin Mitnick, but I can assure you that if I can come up with something like this in an hour or so, a dedicated hacker that is probably far smarter than I will likely give you a lot of heartache if you make use of this feature. Have any &quot;developer mode checks&quot; that check for 127.0.0.1 or localhost? Have any filters to try and prevent GETs on certain actions? Relying on server variables passed in to your actions would make those scenarios (and many others) unwise. Just say no.
In my opinion this feature (the server variable portion) should just be removed from the MVC framework entirely or something should be put in place to prevent overwriting parameters named the same as a server variable. 
</content>
</entry>
<entry>
<title>MVC Membership - Preview 3</title>
<link href="http://www.squaredroot.com/2008/07/02/mvc-membership-preview-3/"/>
<updated>2008-07-02T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/07/02/mvc-membership-preview-3</id>
<content type="html">Tonight we posted a <a href="http://www.codeplex.com/MvcMembership/Release/ProjectReleases.aspx?ReleaseId=14919">new release of the MVC Membership Starter Kit</a>. This release is an update to migrate the starter kit to <a href="http://weblogs.asp.net/scottgu/archive/2008/05/27/asp-net-mvc-preview-3-release.aspx">the new Preview 3 release of the MVC framework</a>. While several bugs have been squashed, no major new functionality has been added.
If you couldn&#39;t wait and downloaded the source prior to the official Preview 3 release, you&#39;ll still want to download tonight&#39;s official release as several important issues have been addressed.
<h2>Bug Fixes in 1.3:</h2>
<ul>
<li>The System.Web.Abstraction, System.Web.Mvc, and System.Web.Routing DLLs being used prior to tonight were from an earlier Preview 3 release and were not signed by Microsoft.</li>
<li>Routing ambiguities caused a 404 error to occur when a user enters an incorrect username/password combination on the login page.</li>
<li>Several errors were occurring on various password recovery screens which created a bad user experience.</li>
<li>Errors on the administration section&#39;s Create User and Display User pages were preventing that functionality from working at all.</li>
</ul>
Thanks for all of the interest everyone has shown in this project and thanks to <a href="http://blog.maartenballiauw.be/">Maarten</a> and <a href="http://gregorybeamer.spaces.live.com/blog/">Greg</a> for their contributions; especially to Maarten as he did most of the grunt work in upgrading our code base to Preview 3. Please send any feedback you have our way, we&#39;d love to hear it!
</content>
</entry>
<entry>
<title>SSL Links/URLs in MVC</title>
<link href="http://www.squaredroot.com/2008/06/11/mvc-and-ssl/"/>
<updated>2008-06-11T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/06/11/mvc-and-ssl</id>
<content type="html">A couple days ago a reader sent me a question regarding how to use SSL with the MVC framework. Specifically the reader wanted to know the easiest way to make an Ajax call to a HTTPS page from a non HTTPS page. The tricky part here is to do so without hard-coding any URLs (as one of the best practices of the MVC framework is that views and controllers should be divorced from the routes that access them).
Currently an ActionLink like:
<script src="https://gist.github.com/4005985.js?file=Example-1.aspx"> </script>
... outputs the following hyperlink:
<script src="https://gist.github.com/4005985.js?file=Example-2.html"> </script>
I&#39;ve created a few extension methods that enable you to fully-qualify these URLs and change the protocol to HTTPS at run-time. Using the extension method &quot;ToSslLink&quot; like so:
<script src="https://gist.github.com/4005985.js?file=Example-3.aspx"> </script>
... now outputs a hyperlink with protocol, server, port, etc:
<script src="https://gist.github.com/4005985.js?file=Example-4.html"> </script>
If you&#39;re using Ajax, however, you&#39;ll be more interested in getting to the URL directly rather than building an entire hyperlink. In that case you can use &quot;ToSslUrl&quot;:
<script src="https://gist.github.com/4005985.js?file=Example-5.aspx"> </script>
... to output this:
<script src="https://gist.github.com/4005985.js?file=Example-6.txt"> </script>
Here is the code for the extension methods I&#39;ve created, hopefully some of you will find this useful:
<script src="https://gist.github.com/4005985.js?file=Example-7.cs"> </script>
One important missing element from all is this posting to a form via HTTPS from a non-HTTPS page. You can certainly create your form tags manually and populate the action attribute using Url.Action(...).ToSslUrl(), but you cannot try and combine these extension methods with the Html.Form(...) helper that is most commonly used inside a using statement.
Note: The above code was updated on July 7th, 2008 to fix a bug reported by <a href="http://mikehadlow.blogspot.com">Mike Hadlow</a>. Thanks Mike!
</content>
</entry>
<entry>
<title>Help Decide Sandcastle's Fate</title>
<link href="http://www.squaredroot.com/2008/06/10/sandcastle-removed-from-codeplex/"/>
<updated>2008-06-10T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/06/10/sandcastle-removed-from-codeplex</id>
<content type="html"><a href="http://articles.techrepublic.com.com/5100-10878_11-6174811.html">Sandcastle</a> - the .Net community equivalent of <a href="http://rdoc.sourceforge.net/">RDoc</a>/<a href="http://java.sun.com/j2se/javadoc/">JavaDoc</a> and the spiritual successor of the now defunct <a href="http://ndoc.sourceforge.net/">NDoc</a> &ndash; <a href="http://blogs.msdn.com/sandcastle/archive/2008/06/06/sandcastle-project-removed-from-codeplex.aspx">has been removed from CodePlex</a>. It&#39;s fate is currently up in the air and Microsoft is asking you for input on what should happen next. It was pulled down after the community at-large expressed reservations about Sandcastle being hosted on <a href="http://www.codeplex.com">CodePlex</a> while not being published under an Open Source license or even being posted in source form at all. According to the announcement on MSDN, the possible future for Sandcastle involves two scenarios:
<ul>
<li>Publish the source code for Sandcastle and revive this project in Codeplex</li>
<li>Migrate sandcastle to MSDN Code gallery at <a href="http://code.msdn.microsoft.com/">http://code.msdn.microsoft.com</a></li>
</ul>
I for one would love to see Sandcastle released as an open source project on CodePlex. It seems to me that Microsoft has had a great deal of success lately with releasing the MVC Framework as an open source project and I hope that they continue the trend. If you have used Sandcastle or foresee the need to have automatic code documentation generation on a project in the future, please do not hesitate to <a href="http://blogs.msdn.com/sandcastle/archive/2008/06/06/sandcastle-project-removed-from-codeplex.aspx">leave a comment</a> letting the powers that be know how you feel.
</content>
</entry>
<entry>
<title>We're Back</title>
<link href="http://www.squaredroot.com/2008/06/08/back-from-honeymoon/"/>
<updated>2008-06-08T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/06/08/back-from-honeymoon</id>
<content type="html">After two weeks in gorgeous St. Lucia on honeymoon at the <a href="http://www.sandals.com/main/grande/gl-home.cfm">Sandals Grande St. Lucian</a>, my new bride and I have returned to DC. Take a look at a few of the pictures we snapped along the way.
<h2>A Few Pictures</h2>
<img src="/custom/files/old/HeadedToStLucia_2.jpg" alt="IMAGE"> 
After a hectic weekend, we got our first chance to relax at National Airport, waiting to depart for Miami and then on to St. Lucia.
<img src="/custom/files/old/OurHomeInStLucia_2.jpg" alt="IMAGE"> 
The backyard of our home away from home. To the right you can see our private pool (with the waterfall in the background). Not pictured: our outdoor shower &amp; hot tub, plus a hammock that proved perfect for reading and relaxing. All this and only a stone&#39;s throw from the beach!
<img src="/custom/files/old/AtDinner_2.jpg" alt="IMAGE"> 
Our butler scheduled an intimate dinner for the two of us at Gordon&#39;s, a restaurant at the end of a pier only a few minutes walk from home. If you&#39;ve never stayed at an all-inclusive, I highly recommend it. It was nice to eat at fine restaurants every night and just get up and leave without worrying about any bill.
<img src="/custom/files/old/Hobie_2.jpg" alt="IMAGE"> 
First order of business the first morning in St. Lucia? Sailing. Lots of sailing. My hopes of sailing every day were not to be (so much else to do!), but I did manage to go out every other day or so.
<img src="/custom/files/old/SwimUpBar_2.jpg" alt="IMAGE"> 
We heart swim-up bars.
<img src="/custom/files/old/ThePitons_2.jpg" alt="IMAGE"> 
St. Lucia&#39;s most famous landmarks, the Pitons, in the background. Also the namesake of St. Lucia&#39;s most popular beer (which tastes remarkably like Corona).
<img src="/custom/files/old/ForestBridge_2.jpg" alt="IMAGE"> 
A tour guide led us into the outer fringes of the rainforest, where we wanted to swim in a waterfall.
<img src="/custom/files/old/Waterfall_2.jpg" alt="IMAGE"> 
Which we did.
<img src="/custom/files/old/BackOfBoat_2.jpg" alt="IMAGE"> 
There was a lot of boating in St. Lucia. This was taken on a wild, wet ride back from the Pitons.
<img src="/custom/files/old/PoolRaft_2.jpg" alt="IMAGE"> 
We spent considerably more time in the humongous beach-side pool than on the beach proper. Lesson learned? The ocean needs more swim-up bars.
<img src="/custom/files/old/Windsurfing_2.jpg" alt="IMAGE"> 
Windsurfing is hard. Hard, hard.
<img src="/custom/files/old/Horseback_2.jpg" alt="IMAGE"> 
Riding horses bare-back in the surf is fun, but it also gave me a very healthy respect for the invention of saddles.
<img src="/custom/files/old/FrontOfCatamaran_2.jpg" alt="IMAGE"> 
Taken on the bow of a 50+ foot catamaran, which I&#39;m trying to figure out how to add to my Amazon wish-list.
<img src="/custom/files/old/ByTheFountain_2.jpg" alt="IMAGE"> 
Uh oh, the trip is almost over, hurry up and take some nice photos!
<img src="/custom/files/old/AgainstATree_2.jpg" alt="IMAGE"> 
Who are these tan people, and what have they done with the folks from the first picture?
<img src="/custom/files/old/InTheBungalow_2.jpg" alt="IMAGE"> 
With picture time over, it&#39;s time to relax in a beach-front bungalow until the sun goes down. Afterward it is off to pack and bid St. Lucia farewell in the morning.
This is only a small selection of our wonderful two weeks. If anyone else is considering a trip with their significant other to the Caribbean, we cannot recommend St. Lucia highly enough and <a href="http://www.sandals.com/main/grande/gl-home.cfm">Sandals Grande St. Lucian</a> was a wonderful place to stay.
</content>
</entry>
<entry>
<title>Honeymoon Bound!</title>
<link href="http://www.squaredroot.com/2008/05/20/honeymoon-bound/"/>
<updated>2008-05-20T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/05/20/honeymoon-bound</id>
<content type="html">I know, I know... I haven&#39;t been blogging much recently, but don&#39;t think that you&#39;ve gotten rid of me yet. My fianc&egrave; and I have been very busy preparing for our wedding, which after nearly a year of planning is now only days away [obligatory Office paraphrase: Mr. Troy Goode... Has a nice ring to it, don&#39;t you think?]. On Monday Alexandra and I will be leaving for the <a href="http://www.sandals.com/main/grande/gl-home.cfm">Sandals Grande St. Lucian</a> for two weeks of sun, sailing, and relaxing. There are still a couple things in the cooker that I&#39;ll be working on after I get back, so hopefully you&#39;ll be hearing more about that toward the end of June. Wish me luck!
<h2>Visual Studio / ReSharper Settings</h2>
I&#39;ve been meaning to post my Visual Studio &amp; ReSharper settings for a while, primarily so I have one central place to download the settings from when I set up a new machine at home or work. Feel free to ignore the files I&#39;ve posted below, or try them out to see my modified dark color scheme! 
<a href="/custom/files/old/VS2008.vssettings">VS2008.vssettings</a>
<a href="/custom/files/old/Resharper4Settings.xml">Resharper4Settings.xml</a>
</content>
</entry>
<entry>
<title>MVC Membership Starter Kit - 1.2</title>
<link href="http://www.squaredroot.com/2008/04/28/mvc-membership-starter-kit-1-2/"/>
<updated>2008-04-28T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/28/mvc-membership-starter-kit-1-2</id>
<content type="html">This weekend I posted a <a href="https://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=MvcMembership&amp;ReleaseId=12667">new release of the MVC Membership Starter Kit</a>. This release is an update to migrate the starter kit to <a href="http://weblogs.asp.net/scottgu/archive/2008/04/16/asp-net-mvc-source-refresh-preview.aspx">the new interim release of the MVC framework</a>. If you do not feel comfortable using the interim release, please continue using the 1.1 release and wait for Microsoft to release Preview 3; we will update the Starter Kit soon thereafter.
<h2>Changes in 1.2:</h2>
<ul>
<li>WindowsLive is now a supported authentication scenario (<a href="http://blog.maartenballiauw.be/post/2008/04/ASPNet-MVC-Membership-Starter-Kit-alternative-authentication.aspx">read Maarten&#39;s blog post on this</a>).</li>
<li>Per <a href="http://blog.nerdbank.net/">Andrew Arnott&#39;s</a> suggestion, the starter kit now uses the <a href="http://code.google.com/p/dotnetopenid/">DotNetOpenId</a> library rather than the code previously used (which was created by Mads Kristensen). This gives us a more robust and secure implementation that will develop and improve independently of this project.</li>
<li>All actions that previously expected a username in the route now expect the user&#39;s ProviderUserKey (a Guid) instead. This was done because users with OpenID urls as their username could not previously be accessed.</li>
<li>&quot;Whitelist support&quot; has been added to the OpenID implementation, allowing you to setup regular expressions that dictate which OpenID providers are allowed to be used when logging into your site. By default there is no whitelist, so all providers are allowed.</li>
<li>The starter kit now offers greater control over which authentication scenarios your site supports and which is the default. Out-of-the-box only FormsAuthentication is enabled and is obviously the default.</li>
</ul>
</content>
</entry>
<entry>
<title>Massive BlogEngine.net Security Hole</title>
<link href="http://www.squaredroot.com/2008/04/13/massive-blogenginedotnet-security-hole/"/>
<updated>2008-04-13T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/13/massive-blogenginedotnet-security-hole</id>
<content type="html">A massive security hole in BlogEngine.net was just revealed that allows anyone to see your passwords... Danny Douglass just added a post to his blog where he explains the issue and provides a patched BlogEngine.Core assembly to resolve the issue until the next release of BlogEngine is available.
I would advise anyone running BlogEngine.net to immediately <a href="http://dannydouglass.com/post/2008/04/BlogEngine-and-the-JavaScript-HttpHandler-Serious-Security-Issue.aspx">go to Danny&#39;s blog and download &amp; install the fix</a>.
The faster we can get word out about this, the faster we can shut down this particular attack vector, so please try and get the word out to any BlogEngine.net users you are aware of and please <a href="http://www.dotnetkicks.com/security/Massive_BlogEngine_Net_Security_Hole_Fix_Provided">kick Danny&#39;s post at DotNetKicks</a>.
Thanks Danny!
</content>
</entry>
<entry>
<title>OpenID Check_Authentication In C#</title>
<link href="http://www.squaredroot.com/2008/04/11/openid-check_authentication/"/>
<updated>2008-04-11T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/11/openid-check_authentication</id>
<content type="html">Earlier this year Mads Krisensen (of <a href="http://www.dotnetblogengine.net/">BlogEngine.net</a> fame) posted a <a href="http://blog.madskristensen.dk/post/OpenID-implementation-in-Csharp-and-ASPNET.aspx">lightweight implementation of OpenID</a> using C#. In the comments on Mads&#39; post, <a href="http://blog.nerdbank.net/">Andrew Arnott</a> (<a href="http://blog.nerdbank.net/2008/04/dotnetopenid-2.html">a developer of the DotNetOpenId library</a>) mentioned that the example Mads had posted could &quot;be hacked with a single change of a word in the URL.&quot; This is what is technically referred to as a Very Bad Thing. Andrew and another poster named &quot;neil&quot; went on to elaborate that implementing OpenID&#39;s &quot;checkauthentication&quot; algorithm would close this security hole. Unfortunately as of the writing of this article neither Mads nor any of the commentors have provided an implementation of checkauthentication that works with the class Mads posted (bear in mind that Andrew only brought up this issue less than a week ago, so Mads may very well be working on it).
Fast forward to yesterday when I was researching my options for implementing OpenID for the next release of the <a href="http://www.codeplex.com/MvcMembership">ASP.Net MVC Membership Starter Kit</a>. I liked Mads solution more than the other OpenID libraries that are current available because of its brevity and how easy it is to include it in a project without introducing an extra assembly dependency, so I decided to go ahead and add the check_authentication functionality. A quick read of <a href="http://openid.net/specs/openid-authentication-1_1.html#mode_check_authentication">that portion of the OpenID spec</a> and a couple hours of coding/testing and I think I&#39;m about finished.
Here is the method you need to add to Mads&#39; class:
<script src="https://gist.github.com/4006111.js?file=Example-1.cs"> </script>
Now you need to make sure that method is called from somewhere. I chose to make the method private and just call it from inside the Authenticate method. Within the Authenticate method replace:
<script src="https://gist.github.com/4006111.js?file=Example-2.cs"> </script>
... with...
<script src="https://gist.github.com/4006111.js?file=Example-3.cs"> </script>
And that&#39;s it!
If anyone with more experience than I in OpenID waters sees a problem with my implementation, let me know and I will try to get it fixed quickly.
NOTE: I am aware that Mads&#39; implementation and the use of &#39;check_authentication&#39; is considered an overly chatty use of OpenID. It seems to me that the extra complexity required to implement OpenID 2.0 protocol is just not worthwhile for most OpenID consumers. Feel free to let me know why this is a stupid position to take.
</content>
</entry>
<entry>
<title>MVC: New Membership Starter Kit Release</title>
<link href="http://www.squaredroot.com/2008/04/11/mvc-membership-starter-kit-11/"/>
<updated>2008-04-11T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/11/mvc-membership-starter-kit-11</id>
<content type="html"><h2>The Starter Kit</h2>
If you haven&#39;t had a chance to read about the MVC Membership Starter Kit I&#39;ve created, <a href="/2008/04/02/mvc-membership-starter-kit/">read this post first</a>.
<h2>New Release</h2>
Since we first created the starter kit a week and a half ago, <a href="http://blog.maartenballiauw.be/">Maarten Balliauw</a> and I have been hard at work fleshing out the implementation to provide as much functionality as possible. Last night we finished the last stretch of things we had identified for this release and have posted the code as a new release on CodePlex. Keep in mind you can also always download our latest builds from CodePlex as well without waiting for a new release.
<h2>New Features</h2>
<h3>OpenID</h3>
Mads Kristensen <a href="http://blog.madskristensen.dk/post/OpenID-implementation-in-Csharp-and-ASPNET.aspx">released a lightweight OpenID consumer</a> earlier this year that I then proceeded to flesh out with <a href="/2008/04/11/openid-check_authentication/">a security patch</a>. The reason I did so was so that I could include OpenID in this release of the Starter Kit.
Out of the box you can create a route to the OpenIDLogin action, which displays the following view:
<img src="/custom/files/old/OpenID_2.jpg" alt="IMAGE">
Once the user has entered their OpenID url, the starter kit will take care of the rest for you, with one critical exception: you have to map the url to a user in your membership database. To do so, you simple override a virtual method and return a MembershipUser, like so:
<script src="https://gist.github.com/4006125.js?file=Example-1.cs"> </script>
Note that the above implementation maps the OpenID url to a user&#39;s UserName, which may or may not be what you want for your application. Adjust accordingly.
<h3>Password Recovery Tools</h3>
Maarten did a great job providing users with a way to manage their passwords. While logged in they can change their password:
<img src="/custom/files/old/ChangePassword_2.jpg" alt="IMAGE">
Or if they are having trouble logging in, they can submit their username...
<img src="/custom/files/old/ForgotPassword_2.jpg" alt="IMAGE">
...and then answer their password question (if the system is configured to require it)...
<img src="/custom/files/old/PasswordQuestion_2.jpg" alt="IMAGE">
...and they will then receive their password via email (or a newly generated password -- depending on system configuration).
<h3>Client-Side Validation</h3>
All non-administrative forms now include basic client-side validation. The validations even change based upon your Membership settings.
For instance, by default the ASP.Net Membership provider requires passwords to contain at least 1 non-alphanumeric character. If a user entered a password of &quot;password&quot; they would see the following alert:
<img src="/custom/files/old/ClientSideValidation_2.jpg" alt="IMAGE">
<h3>Components: Login &amp; LoginStatus</h3>
Maarten created components that emulate the functionality of the old Login and LoginStatus controls. Now it is easy to have a Login box on every page.
<h3>Major Refactoring</h3>
Most of the controller and filter code has been broken out into a separate assembly.
Your FormsAuthentication and FormsAuthenticationAdministration controllers should now inherit from a base version of each. Maarten has created a boat load of virtual method hooks for each action (OnBeforeBlah, OnAfterBlah, OnErrorBlah) that provides you with easy extensibility points without needing to directly modify the starter kit base code.
Hopefully this refactoring will make it easy for you to upgrade to future versions of the starter kit&#39;s code as they become available.
<h2>The Future</h2>
Currently we&#39;ve cleared our plate and have no more planned features to attend to. Does this mean that we are done? No. This is what you can expect to see us working on next:
<ul>
<li>Preview3 updates, whenever it becomes available.</li>
<li>Validations on the administrative side.</li>
<li>Bug fixes, of course. :-)</li>
<li>If you have suggestions for what you would like to see in the next release, please <a href="mailto:troygoode@gmail.com">drop me an email</a> and let me know!</li>
</ul>
You can <a href="https://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=MvcMembership&amp;ReleaseId=12261">download the new release</a> from CodePlex. 
</content>
</entry>
<entry>
<title>Rob Conery's PagedList Class (Updated)</title>
<link href="http://www.squaredroot.com/2008/04/08/updated-pagedlist-class/"/>
<updated>2008-04-08T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/08/updated-pagedlist-class</id>
<content type="html">A new, improved version of this class is now available <a href="/2011/06/28/pagedlist-can-haz-htmlhelperz/">here</a>.
Robert Muehsig has posted a great user control for the MVC framework that <a href="http://code-inside.de/blog-in/2008/04/08/aspnet-mvc-pagination-view-user-control/">adds pagination links to the bottom of a paged list</a>. In it he used a slightly customized version of <a href="http://blog.wekeroad.com/2007/12/10/aspnet-mvc-pagedlistt/">Rob Conery&#39;s PagedList</a> class that Rob was kind enough to post way back when the first CTP was released. This reminded me that I should probably post the version I have customized, as I think it makes it a bit easier to use and maintain. Check out the code <a href="https://github.com/troygoode/pagedlist">on GitHub.</a>
<h2>Changes from Rob&#39;s version:</h2>
<ul>
<li>Added a &quot;TotalPages&quot; property. If you&#39;re going to loop through each of the pages to display page navigation, you&#39;ll obviously need this.</li>
<li>Changed &quot;IsPreviousPage&quot; to &quot;HasPreviousPage&quot;. It just sounds better.</li>
<li>Changed &quot;IsNextPage&quot; to &quot;HasNextPage&quot;. See above.</li>
<li>Added a &quot;IsFirstPage&quot; property. The opposite way of using the above two properties. I prefer this way, but kept the original way for backwards compatibility (except the naming).</li>
<li>Added a &quot;IsLastPage&quot; property. See above.</li>
<li>Changed the first constructor to accept IEnumerable&lt;T&gt; rather than IQueryable&lt;T&gt;. I&#39;m not exactly sure why Rob originally made it IQueryable. I&#39;m aware that by passing an IQueryable (LINQ) object to this constructor you&#39;ll avoid retrieving the entire set (only taking the results needed), but since IQueryable inherits from IEnumerable everything should be hunky-dory. He probably had a reason and I&#39;m going to wind up breaking all of my stuff, but IEnumerable is just so much handier. =)</li>
<li>Removed the second constructor. The second constructor took List&lt;T&gt;, which is unnecessary after changing the first constructor to accept IEnumerable.</li>
<li>Cleaned up property declarations a bit. Mainly to make the page a bit shorter, but also to prevent the multiple calculations that could happen in the original. Also the original allowed the changing of certain properties after an instance was created, which would put the instance into an inconsistent state.</li>
<li>Added argument checking and handled a few exception scenarios more gracefully. Trying to make debugging a bit friendlier. </li></li>
<li>Removed the second extension method that didn&#39;t specify a pageSize. I don&#39;t really think that baking in an extension method that sets pageSize to 10 is a good idea, I&#39;d prefer pageSize to be explicitly set elsewhere by the calling code.</li>
<li>Moved the code to the &quot;System.Collections.Generic&quot; namespace. I&#39;m sure a lot of you are breaking out in a cold sweat to see me putting something into a System.* namespace, but I kind of feel like this is something that the .Net team just &quot;forgot&quot;. =) Move it wherever makes you comfortable.</li>
</ul>
Please note that I took many of these ideas from the commentary below Rob&#39;s original post. I&#39;m sure many of you are using something similar, but I thought it would be useful to get something posted online that is a bit more fleshed out than the original example.
Thanks for the great work Rob &amp; Robert!
</content>
</entry>
<entry>
<title>Review: Training With Stephen Walther</title>
<link href="http://www.squaredroot.com/2008/04/04/training-with-stephen-walther/"/>
<updated>2008-04-04T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/04/training-with-stephen-walther</id>
<content type="html">I just finished a four day course on AJAX, LINQ, &amp; MVC taught by <a href="http://www.superexpert.com/">Stephen Walther</a> and wanted to let all of you know that if you are interested in training on any of these topics, I HIGHLY recommend Stephen.
You can learn more about the training options he offers by visiting his training website:
<a href="http://www.superexperttraining.com/">http://www.superexperttraining.com/</a>
He also keeps a blog filled with incredibly information -- and long ;-) -- posts on various aspects of ASP.Net at:
<a href="http://weblogs.asp.net/StephenWalther/">http://weblogs.asp.net/StephenWalther/</a>
Read on for more details about my experiences this week.
<h2>The Instructor</h2>
Stephen is a successful author, having literally &quot;written the book&quot; on ASP.Net (and even ASP Classic!). His book &quot;ASP.NET 3.5 Unleashed&quot; has received excellent reviews from Amazon and I look forward to reading it soon.
You can buy Stephen&#39;s book from Amazon here:
<a href="http://www.amazon.com/gp/product/0672330113"><img src="/custom/files/old/AspNet35UnleashedCover.jpeg" alt="IMAGE"></a>
We all found Stephen to be very personable and he obviously has an excellent command on the language and tools available in the .Net ecosystem. Also, anyone that can put up with my constant interruptions and derails for four days in a windowless classroom is clearly a pro. =)
<h2>The Course</h2>
<a href="http://www.dannydouglass.com/">Danny Douglass</a> originally contacted Stephen to request that he teach a class for seven of our developers at <a href="http://www.nreca.coop/">the organization we work for</a>. Stephen was kind enough to then customize a course around the technologies we had requested, and that is how we ended up with a one day primer on LINQ &amp; MVC followed by an in-depth training session on AJAX technologies and Microsoft&#39;s ASP.Net AJAX implementation specifically.
As anyone that reads my blog regularly knows, I am heavily invested in learning the MVC framework and was highly impressed by Stephens grasp on such a new technology. We may very well have been the first ASP.Net MVC class that anyone has taught anywhere and Stephen managed to teach it quickly and confidently. I was also impressed that he was teaching us things based upon the Preview 2 release of the MVC framework which has only been available publicly for 3 weeks rather than the older December CTP release.
As someone that considers himself a strong JavaScript developer, I came into the class a little worried that the JavaScript explanation portions of the program would be more remedial than I wanted. I was wrong. Stephen led a thorough review over the advanced JavaScript features developers need to know to develop world-class AJAX libraries and did so while keeping the pace brisk and managing not to leave anyone in the room behind.
As I said above, I recommend Stephen&#39;s training courses to anyone organization interested in learning AJAX, JavaScript, MVC, LINQ, or ASP.Net in general. Thanks for the excellent class Stephen!
Disclaimer: I was not paid or compensated in any way for this endorsement.
</content>
</entry>
<entry>
<title>MVC: Membership Starter Kit</title>
<link href="http://www.squaredroot.com/2008/04/02/mvc-membership-starter-kit/"/>
<updated>2008-04-02T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/02/mvc-membership-starter-kit</id>
<content type="html">A newer version of the Membership Starter Kit is now available. <a href="/2008/04/11/mvc-membership-starter-kit-11/">Click here</a> to see what has changed.
<h2>Introduction</h2>
One of my very first blog posts (and most definitely my most popular so far) revolved around <a href="/2007/12/10/aspnet-mvc-membership-basics/">how to integrate ASP.Net membership and forms authentication into the ASP.Net MVC framework</a> which had just been released in it&#39;s December CTP flavor. It has remained popular to this day, but unfortunately the Preview 2 release of the MVC framework has caused much of the code I released in that article to no longer function correctly.
Even before the release of Preview 2, I had been planning to extend the samples I was providing to offer more useful features. I don&#39;t know about you, but nearly every website I ever create with ASP.Net requires some kind of security/membership system. My preference is to use the built-in system when possible (except for the horrible Profiles sub-system). This means creating login, logout, &amp; registration functionality every time, as well as creating administrative screens for managing the users that enter your system.
WebForms provides some controls to help with the login and registration process, but user administration has always been delegated to either (a) the built-in tool that runs separately and doesn&#39;t work remotely or (b) rolling your own solution. The development of the MVC framework seems to me like a good time to resolve this scenario and provide the community with an array of pre-built tools to help boot-strap projects so that we can stop working on infrastructure and start working on the heart of the individual application.
With that in mind I have created a CodePlex project: the <a href="http://www.codeplex.com/MvcMembership">ASP.Net MVC Membership Starter Kit</a>. It currently provides controllers and views for all of the common authentication and user administration needs, including:
<ul>
<li>Login/Logout</li>
<li>Registration</li>
<li>List of Registered Users</li>
<li>User Details / Administration</li>
<li>Role Management</li>
</ul>
A big thanks goes out to Rob Conery, as I borrowed his recent <a href="http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/">Authentication Filters</a> and included those, along with my recently released <a href="/2008/04/02/mvc-error-handler-filter/">Error Handling Filters</a>.
Okay, enough wall o&#39;text. Let&#39;s take a look at some screenshots:
<h2>Screenshot Tour</h2>
Here is the menu when you first log in:
<img src="/custom/files/old/Menu-LoggedOut_2.jpg" alt="IMAGE">
The registration page:
<img src="/custom/files/old/Registration_4.jpg" alt="IMAGE">
The login page (note that the Administrator&#39;s credentials are displayed to make it easy to get started, you&#39;ll obviously want to change them and remove that note):
<img src="/custom/files/old/Login_2.jpg" alt="IMAGE">
Having logged in, here is what the menu looks like now:
<img src="/custom/files/old/Menu-LoggedIn_2.jpg" alt="IMAGE">
The current options upon clicking the Security tab:
<img src="/custom/files/old/Security_2.jpg" alt="IMAGE">
Clicking &quot;Manage Users&quot; brings you to a list of all users currently registered:
<img src="/custom/files/old/ManageUsers_2.jpg" alt="IMAGE">
Clicking on the user takes you to a form that allows you to view their details and edit a few aspects of their profile...
<img src="/custom/files/old/User-Top_2.jpg" alt="IMAGE">
as well as view/change the roles they are in and help with password issues:
<img src="/custom/files/old/User-Bottom_2.jpg" alt="IMAGE">
From the Security tab you can also go to a list of all the system&#39;s roles, from which you can add/delete roles as you need:
<img src="/custom/files/old/Roles_2.jpg" alt="IMAGE">
Clicking on a role from the roles list or the user profile allows you to view/modify the users in that role:
<img src="/custom/files/old/UsersInRole_2.jpg" alt="IMAGE">
And finally, the Security tab offers a link to another registration form, geared toward Administrators:
<img src="/custom/files/old/CreateUser_2.jpg" alt="IMAGE">
<h2>NSFAQ (Not-So Frequently Asked Questions)</h2>
Q: Does this compete with MvcContrib? 
A: No. <a href="http://www.codeplex.com/MVCContrib">MvcContrib</a> is a great project that aims to features like alternate routing and view engines, and IoC integration. This project is simply a starter kit to help get membership-based applications off the ground a little quicker. There is no reason you could not use both projects together.
Q: What dependencies does using this starter kit saddle me with? 
A: Ideally, none, other than the ASP.Net Membership API. Every measure will be taken to avoid using third party libraries, be it JavaScript or .Net. We will strive to separate the code and rely on default settings as much as possible to make it easy for you to customize your installation without anything in the starter kit getting in the way.
Q: Who is responsible for this? 
A: Currently, only <a href="https://github.com/troygoode">me</a>, but I&#39;d like that to change! I&#39;m keenly interested in finding a few other developers that would like to contribute to enhancing the starter kit. Please <a href="mailto:troygoode@gmail.com">email me</a> if you&#39;d like to help!
<h2>What&#39;s Next?</h2>
There are a few features missing that I would like to include in the very short term. Primarily these are features for end-users, like Change Password and Forgot My Password (both of which are currently available on the administration side). Beyond that, visual cleanup of the forms (and separation of the style sheets) as well as a bit of AJAX-ification of the forms would be nice. If you use the starter kit and have suggestions or criticisms, please post to the <a href="http://www.codeplex.com/MvcMembership/Thread/List.aspx">Discussions forum</a> or <a href="http://www.codeplex.com/MvcMembership/WorkItem/List.aspx">Issue Tracker</a>!
You can download the latest release from <a href="http://www.codeplex.com/MvcMembership">the CodePlex project</a>. I hope you all find it useful!
</content>
</entry>
<entry>
<title>MVC: Action Filter for Handling Errors</title>
<link href="http://www.squaredroot.com/2008/04/02/mvc-error-handler-filter/"/>
<updated>2008-04-02T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/02/mvc-error-handler-filter</id>
<content type="html">A few months ago I posted <a href="/2008/01/04/mvc-authentication-and-errors/">an article and some code</a> that contained filters for forms authentication and error handling for the Preview 1 (CTP) release of the MVC framework. Unfortunately <a href="http://blogs.msdn.com/brada/archive/2008/03/05/asp-net-mvc-preview-2.aspx">the Preview 2 release</a> that was made available a few weeks ago changed enough that the code I posted no longer works.
What the Preview 2 release did provide, however, was a new built-in filter framework. Rob Conery has already gone through the trouble of <a href="http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/">creating authentication filters</a> that cover most of the functionality I had before, but I have yet to see an implementation of a filter for error handling that I like. I&#39;ve gone ahead and started from scratch, throwing away my old filters, and created a new filter that I think covers most of the same scenarios as my old ErrorHandler filters while being much simpler to implement and use. Hopefully you&#39;ll find it useful.
First let&#39;s take a look at a simple use case scenario: 
<script src="https://gist.github.com/4006173.js?file=Example-1.cs"> </script>
In the code above, we have a simple action that displays a product based upon the ID specified. What do we do when no ID is specified though? The &quot;correct&quot; thing to do seems to be to throw an exception, as we&#39;ve done, but now the user will see either (a) an ugly 500 error screen [worst case] or (b) be redirected to the generic error page [best case]. Sometimes we&#39;d like a bit more control than that though... 
Let&#39;s go ahead and add our error handling filter to this action and tell it that whenever ArgumentNullException is thrown, redirect to the &quot;Products&quot; page, where the user can select a product with a valid ID. 
<script src="https://gist.github.com/4006173.js?file=Example-2.cs"> </script>
So we&#39;ve added a [RedirectToUrlOnError] attribute and supplied it with a Type property - detailing the exception to catch - and a Url property - specifying the Url to navigate to upon a matched exception. You&#39;ll notice we are making a call to the GetProduct(int) method to retrieve the product&#39;s model so that we can pass it into the view&#39;s ViewData. What if this method were to fail? What if we weren&#39;t entirely certain what exception it would throw, or maybe we didn&#39;t care, we just want to handle any exception except for ArgumentNullException (which is already being handled). In this case we&#39;ll add another filter, but this time we will not specify the Type of exception that it should catch and just tell it that if anything isn&#39;t caught by another error handler redirect to the homepage.
<script src="https://gist.github.com/4006173.js?file=Example-3.cs"> </script>
You can have as many error handler filters attached to an action as you need, but only one may have no Type specified. 
Now let&#39;s take a look at the code for the filter itself:
<script src="https://gist.github.com/4006173.js?file=Example-4.cs"> </script>
So the [RedirectToUrlOnError] attribute inherits from the [RedirectOnError] attribute, which is where most of the hard work is done. We&#39;ll take a look at that base class in a bit, but first let&#39;s look at the other attribute you can use to trap and respond to errors - the [RedirectToActionOnError] attribute. We&#39;ll continue with the Product(id) sample from above, but this time redirect to an action rather than a hardcoded Url:
<script src="https://gist.github.com/4006173.js?file=Example-5.cs"> </script>
You can see that this time instead of providing the Url property we are using providing the type of the controller that contains our target action, and the name of the action as a string. (Unfortunately lambda expressions are not allowed as parameters to an attribute, so I was limited in my options here. If you have a better idea, please let me know!) Also note that the catch-all is still there as a [RedirectToUrlOnError] attribute. You may use the [RedirectToActionOnError] attribute as a catch-all and you can mix and match the two attribute types, but still only one catch-all attribute total is allowed per action (in other words, you cannot have one of each).
Now let&#39;s see the code for this filter:
<script src="https://gist.github.com/4006173.js?file=Example-6.cs"> </script>
Other than some complexity with determining the Url, everything is very similar to the other filter. Again it appears the base class is doing the heavy lifting. Let&#39;s finally take a look at that base class:
<script src="https://gist.github.com/4006173.js?file=Example-7.cs"> </script>
That&#39;s all there is. Feel free to take it, use it, change it, whatever. I tried my best to document it thoroughly with comments, but if you have any questions just drop a comment below and I&#39;ll try to respond quickly. I do ask that if you make any improvements, please leave a comment here letting everyone know what you&#39;ve changed so that we can all benefit. 
<h2>Here are the filters in a downloadable format:</h2>
<a href="/custom/files/old/RedirectOnErrorAttributes.zip">RedirectOnErrorAttributes.zip</a>
</content>
</entry>
<entry>
<title>MVC: How Do I RedirectToAction While Passing a Parameter?</title>
<link href="http://www.squaredroot.com/2008/04/01/redirecttoaction-with-parameter/"/>
<updated>2008-04-01T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/04/01/redirecttoaction-with-parameter</id>
<content type="html">A common scenario that seems under-documented to me in the latest MVC release, is how does one use RedirectToAction while passing a value to that action?
In the December CTP, you would do this:
<script src="https://gist.github.com/4006179.js?file=Example-1.cs"> </script>
The new syntax is close, but not easily discoverable. Instead of the above, from now on you should use:
<script src="https://gist.github.com/4006179.js?file=Example-2.cs"> </script>
</content>
</entry>
<entry>
<title>MVC: How Do I Prevent Exposing a Public Method on a Controller?</title>
<link href="http://www.squaredroot.com/2008/03/31/nonaction-on-controller/"/>
<updated>2008-03-31T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/03/31/nonaction-on-controller</id>
<content type="html">The purists will say that you shouldn&#39;t have any public methods on a controller that aren&#39;t meant to be exposed via a view or redirect to another action. Assuming that you, like I, have encountered a situation where you need/want to do this, however, here is what you do:
<script src="https://gist.github.com/4006183.js"> </script>
The System.Web.Mvc.NonAction attribute will prevent your public method from being accessed via any routes.
</content>
</entry>
<entry>
<title>Lambdas Using Funcs and Actions</title>
<link href="http://www.squaredroot.com/2008/02/12/lambdas-using-funcs-and-actions/"/>
<updated>2008-02-12T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/02/12/lambdas-using-funcs-and-actions</id>
<content type="html">Many of you are probably familiar with <a href="http://weblogs.asp.net/scottgu/archive/2007/04/08/new-orcas-language-feature-lambda-expressions.aspx">lambda expressions</a> by now, as they have been extensively covered since the release of .Net 3.5. Most articles tend to focus on how to pass a lambda expression into a method, but how do you create a method that accepts a lambda expression? Enter the <a href="http://msdn2.microsoft.com/en-us/library/bb549151.aspx">Func</a> and <a href="http://msdn2.microsoft.com/en-us/library/system.action.aspx">Action</a> types...
<h2>Funcs vs. Actions</h2>
Funcs and Actions are extremely similar; both give you first class support for passing an anonymous method into another method. The difference is in the return value: Funcs have one, Actions do not.
<h2>A Simple Action Consumer</h2>
There are several variants of the Action type, each taking a varying number of generic parameters. The simplest generic Action takes one generic parameters: the type of the object to be passed into the Action.
Suppose you had a list of articles and wanted to iterate through them and modify each of them in some way, but only the ones that were created before 2008. In this case you should probably use a foreach loop, but instead I&#39;ll show you how to do it by encapsulating that foreach loop in another method that then calls your lambda:
<script src="https://gist.github.com/4006198.js?file=Example-1.cs"> </script>
I&#39;ll be the first to admit it isn&#39;t the finest example of coding practices, but I believe it illustrates how you can use an Action to pass processing in as a parameter.
<h2>A Simple Func Consumer</h2>
What if you want to pass in your processing and retrieve a return value? Use the Func type. Let&#39;s keep the same example as above, but this time we&#39;ll place variable processing in the lambda to manipulate the article&#39;s title differently based upon the year the article was published:
<script src="https://gist.github.com/4006198.js?file=Example-2.cs"> </script>
In the above example you&#39;ll see that we have changed Action to Func in the IterateArticles method signature and that we have added a string to the list of types in the Func definition. When using a *Func*, the last generic parameter is always the return type. You should also note that we can now return a value from our anonymous method.
<h2>A Two-Parameter Func</h2>
Finally let&#39;s take a look at an example of a multi-parameter Func. Once again we&#39;ll use the same example, except this time rather than passing the Article object to the anonymous method we&#39;ll pass only the data it needs: the date created and the title:
<script src="https://gist.github.com/4006198.js?file=Example-3.cs"> </script>
Here we have specified three generic parameters for the Func; two to be passed in, one to return. In our lambda expression we have also had to wrap the &quot;x,y&quot; in parentheses to prevent the compiler from throwing an error because it thinks the comma is intended to separate parameters to the IterateArticles method rather than the Func.
<h2>A Zero-Parameter Func</h2>
Occasionally you may need to use a Func that will not require any parameters. Trying to pass this into the lambda consumer using only the &quot;{...}&quot; notation of anonymous methods will not work, you will need to use &quot;()=&gt;{...}&quot; as seen below:
<script src="https://gist.github.com/4006198.js?file=Example-4.cs"> </script>
I hope this helps get you started creating your own lambda consuming methods. Keep in mind that Funcs and Actions are not limited to just one or two parameters as shown in this article; both can accept up to four input parameters (not including the Func&#39;s extra return parameter). As you become more comfortable creating lambda expressions and lambda consumers I am certain you will find many places in our your code that can be simplified and/or made more flexible by using them.
</content>
</entry>
<entry>
<title>Storing LINQ Objects in SQL-Based Session State</title>
<link href="http://www.squaredroot.com/2008/01/30/storing-linq-objects-in-sql-based-session-state/"/>
<updated>2008-01-30T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/01/30/storing-linq-objects-in-sql-based-session-state</id>
<content type="html">Scott Hanselman <a href="http://www.hanselman.com/blog/TroubleshootingExpiredASPNETSessionStateAndYourOptions.aspx">recently posted about various options you have for session storage</a> while using ASP.Net. In the comments of his post I brought up an issue I recently encountered at work (where we use SQL Server session state):
LINQ-To-Sql generated objects are not marked [Serializable] and cannot be stored in out-of-process session storage.
To get around this I have whipped up the following helper class which will serialize LINQ-To-Sql objects if you set the DataContext&#39;s Serializable property to &quot;Unidirectional&quot;.
Note: The following class does not current work for storing List&lt;X&gt; where X is a LINQ-To-Sql object. I&#39;ll be working to resolve that sometime later this week.
<script src="https://gist.github.com/4006217.js"> </script>
</content>
</entry>
<entry>
<title>MVC: Strongly Typed ViewData Without A Code-Behind</title>
<link href="http://www.squaredroot.com/2008/01/07/mvc-strongly-type-viewpages-without-a-code-behind/"/>
<updated>2008-01-07T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/01/07/mvc-strongly-type-viewpages-without-a-code-behind</id>
<content type="html">If you&#39;ve tried to use strongly-typed ViewData with a ViewPage or ViewContentPage without using a code-behind file you may have run into the curious scenario of how to specify a generic in the &lt;%@ Page %&gt; element&#39;s Inherits attribute.
<h2>The Problem</h2>
Let&#39;s say you wanted to specify that the ViewData for this view would be an integer. Normally you would specify this in the code-behind like so:
<script src="https://gist.github.com/4007445.js?file=Example-1.cs"> </script>
Since we don&#39;t have a code-behind file though, we have to change the .aspx file&#39;s &lt;%@ Page %&gt; element. Trying to set it to the following will not work:
<script src="https://gist.github.com/4007445.js?file=Example-2.aspx"> </script>
<h2>The Basic Answer</h2>
The value of the Inherits attribute appears to be delivered straight to the CLR without any language specific parsing, which means we have to specify it the way the CLR wants to interpret it. I browsed around and found (<a href="http://forums.asp.net/t/1193721.aspx">here</a> and <a href="https://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=104071&amp;wa=wsignin1.0">here</a>) some information that points out the proper way to do this:
<script src="https://gist.github.com/4007445.js?file=Example-3.aspx"> </script>
<h2>WTF?</h2>
Eww, huh? The syntax is gnarly, but it gets the job done. Let&#39;s break the syntax down to make sure you understand what is going on:
<div class="highlight"><pre><code class="language-" data-lang="">ParentType`1[ [ChildType,ChildTypeAssembly] ]
</code></pre></div>
<ul>
<li>&quot;ParentType&quot; is fairly obvious. This is the generic object that you want to create a reference to.</li>
<li>&quot;&#x60;1[ [&quot; is a bit more obscure. The &quot;&#x60;1&quot; specifies the number of generics in this argument, which we&#39;ll come back to in a second. The double square brackets are required. A single square bracket will NOT work.</li>
<li>&quot;ChildType&quot; is the type of object you wish to have the generic consume (what is the proper terminology here? anyone know?).</li>
<li>&quot;ChildTypeAssembly&quot; is the name of the assembly (NOT the namespace) that contains the ChildType. All of your common value types will be located in &quot;mscorlib&quot;.</li>
</ul>
<h2>Multiple Generic Types</h2>
Let&#39;s say ViewPage took two arguments as part of its generic declaration area (ie: ViewPage&lt;X,Y&gt;). It doesn&#39;t, by the way, but we&#39;ll pretend it does for the sake of argument; you may find this information useful someday.
To have two type parameters, you&#39;ll have to change the &quot;&#x60;1&quot; to a &quot;&#x60;2&quot; and add an extra &quot;[ChildType, ChildTypeAssembly]&quot; reference, separated by a space. More parameters would continue to follow the same logic.
If you wanted to achieve the equivalent of ViewPage&lt;int,string&gt; it would look like this:
<div class="highlight"><pre><code class="language-" data-lang="">System.Web.Mvc.ViewPage`2[ [System.Int32,mscorlib], [System.String,mscorlib] ]
</code></pre></div>
<h2>A Generic of Generics</h2>
A more likely scenario is that you may want to have your ViewData be a generic List&lt;T&gt;. In this case you&#39;ll just nest the declarations. If you wanted to pass ViewData of the type List&lt;string&gt; to the ViewPage it would look like:
<div class="highlight"><pre><code class="language-" data-lang="">System.Web.Mvc.ViewPage`1[[System.Collections.Generic.List`1[[System.String,mscorlib]], mscorlib]]
</code></pre></div></content>
</entry>
<entry>
<title>BlogEngine Extension: Copy Code to Clipboard</title>
<link href="http://www.squaredroot.com/2008/01/07/copy-code-to-clipboard-extension-for-blogengine/"/>
<updated>2008-01-07T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/01/07/copy-code-to-clipboard-extension-for-blogengine</id>
<content type="html">Since I first started this blog I&#39;ve been using Colin Coller&#39;s <a href="http://www.jtleigh.com/people/colin/software/CopySourceAsHtml/">CopySourceAsHtml plugin</a> for Visual Studio (which <a href="http://blogs.microsoft.co.il/blogs/bursteg/archive/2007/11/21/copy-source-as-html-copysourceashtml-for-visual-studio-2008-rtm.aspx">Guy Burstein updated</a> for Visual Studio 2008&#39;s RTM). It was a nice little tool but as I started posting more and more code snippets to the blog I found myself wanting some additional features, specifically:
<ul>
<li>Easy to use. While it was perfectly simple to copy the source as html, it was a bit more cumbersome to paste it properly into <a href="http://get.live.com/writer/overview">Windows Live Writer</a>. I wound up in HTML mode in WLW everytime I needed to paste some code.</li>
<li>CSS support. The Html generated by the VS plugin inlines all of the styles and makes it difficult to change the presentation of your code without tweaking the settings of the plugin at posting time.</li>
<li>Scrollable. This is mostly handled by the above feature, but I wanted to be able to limit the amount of screen real estate taken up by the code while still allowing my readers to view more of the code without having to download any files.</li>
<li>Copyable. Sometimes you see a piece of code that fits your situation perfectly, but when you copy it you wind up with a bunch of extra Html guck and line numbers at the front of every line you have to manually remove. I want to allow my readers to copy the code without any of that mess.</li>
</ul>
I found <a href="http://code.google.com/p/syntaxhighlighter/">syntaxhighlighter</a> on Google Code pretty quickly and was impressed. I&#39;d seen it around on other people&#39;s blogs and loved the &quot;copy to clipboard&quot; feature, but I really wanted a server-side (or pre-posting) highlighter that would take some of the strain off the browser and wanted something with richer WLW integration. 
After looking at a few more options I finally found <a href="http://lvildosola.blogspot.com/2007/02/code-snippet-plugin-for-windows-live.html">Leo Vildosola&#39;s Code Snippet</a> plugin, which matched up with all of my requirements except for the lack of a built-in &quot;copy to clipboard&quot; feature. With some help from <a href="http://webchicanery.com/2006/11/14/clipboard-copy-javascript/">clipboard copying javascript posted at WebChicanery</a> I set out to build an extension for <a href="http://www.dotnetblogengine.net/">BlogEngine.net</a> that would automatically tack on the copy feature to any code I posted via the Code Snippet plugin.
A few hours later, I present the CopyCodeToClipboard extension for BlogEngine.net! Below you will find an example of the extension displaying it&#39;s own code (mmm... dogfood) and the css I&#39;ve used to style the code on my site. I&#39;ve tried to make the extension css friendly so you can change it&#39;s presentation a great deal without modifying the code. 
<a href="/custom/files/old/CopyCodeToClipboard.zip">CopyCodeToClipboard.zip</a>
Contains all of the below files in one convenient package. 
<hr>
<a href="/custom/files/old/CopyCodeToClipboard.cs">CopyCodeToClipboard.cs</a>
This is the actual extension and should be placed into your root/App_Code/Extensions/ folder.
<script src="https://gist.github.com/4007483.js?file=CopyCodeToClipboard.cs"> </script>
<hr>
<a href="/custom/files/old/WLWSyntaxHighlighter.css">WLWSyntaxHighlighter.css</a>
The Css generated by the Windows Live Writer Code Snippet plugin, modified to fit into my blog&#39;s colors. 
<script src="https://gist.github.com/4007483.js?file=WLWSyntaxHighlighter.css"> </script>
<hr>
<a href="/custom/files/old/CopyCodeToClipboard.css">CopyCodeToClipboard.css</a>
The Css I use to style the little red tab below each code area. This is what you would change to match your blog. 
<script src="https://gist.github.com/4007483.js?file=CopyToClipboard.css"> </script>
<hr>
<a href="/custom/files/old/clipboard.swf">clipboard.swf</a>
A Macromedia Flash file used to circumvent Firefox &amp; Safari&#39;s nasty habit of blocking javascript from interacting with the clipboard. Created (as best I can tell) by Mark O&#39;Sullivan of <a href="http://lussumo.com/%22%20title=%22http://lussumo.com/">http://lussumo.com/</a>. 
<hr>
Update (July 11, 2008):
A release of the Code Snippet plug hasn&#39;t been made since the last changes to its source was checked in (in late 2007), so I went ahead and downloaded &amp; built the source. To install the plug place the two DLLs in the zip file from below into Windows Live Writer&#39;s /Plugins/ directory.
<a href="/custom/files/old/CodeSnippetPlugin.zip">CodeSnippetPlugin.zip</a>
</content>
</entry>
<entry>
<title>MVC Authentication and Errors</title>
<link href="http://www.squaredroot.com/2008/01/04/mvc-authentication-and-errors/"/>
<updated>2008-01-04T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/01/04/mvc-authentication-and-errors</id>
<content type="html">This article was written for the December CTP release of the MVC framework. Unfortunately, it does not entirely apply to the Preview 2 release or subsequent releases.
I love working with the <a href="http://weblogs.asp.net/scottgu/archive/2007/12/09/asp-net-3-5-extensions-ctp-preview-released.aspx">recent CTP release</a> of the ASP.Net MVC framework, but it is definitely an early release and is lacking many of the developer friendly features that we have grown to rely upon in WebForms. One such feature is WebForm&#39;s easy to understand authentication model.
In the WebForms world URLs can be referenced in a web.config file and then have authentication rules applied to them. A rule that says that you must be logged in to view a secure page may look something like:
<script src="https://gist.github.com/4007528.js?file=Example-1.xml"> </script>
A rule that says only users in the Administrators group may view it might look like this:
<script src="https://gist.github.com/4007528.js?file=Example-2.xml"> </script>
It didn&#39;t take long for me to run into the lack of any central authentication scheme in the new MVC framework. I searched around and found some <a href="http://weblogs.asp.net/fredriknormen/archive/2007/11/25/asp-net-mvc-framework-security.aspx">older information from prior to the CTP release posted by Fredrik Normen</a> that seemed to address my issues, but unfortunately one of the features his solution requires did not make its way into the CTP release: attribute based exception handling.
Looking through the code samples on the page you see how he uses the .Net frameworks built in <a href="http://msdn2.microsoft.com/en-us/library/system.security.permissions.principalpermission.aspx">PrincipalPermission</a> attribute (from System.Security.Permissions) to classify an action as demanding the user be in a specific role. If the user is not in that role the .Net framework will throw a SecurityException. What good does that do? Well take a look at line 3 in the below code:
<script src="https://gist.github.com/4007528.js?file=Example-3.cs"> </script>
The ExceptionHandler attribute appears to take two values:
<ul>
<li>The view to render in the event of an error.</li>
<li>The type of error to match against.</li>
</ul>
So based upon this code the PrincipalPermission will interrogate the user&#39;s roles when the action is requested and if the user is not in the &quot;Admin&quot; role it will throw a SecurityException. At that point the ExceptionHandler will wake up and say &quot;hey I can handle that&quot; and render the view named &quot;Error&quot;. Neat huh? Too bad ExceptionHandler doesn&#39;t exist...
Personally I liked most of the concepts that were introduced in Frederik&#39;s post, so I went ahead and began to implement the ExceptionHandler attribute. Along the way I realized that what was really needed was a way to apply filters to a controller. I&#39;ve seen <a href="http://flanders.co.nz/blog/archive/2007/12/17/implementing-filters-in-asp.net-mvc.aspx">Ivan Carrero&#39;s controller filter implementation</a>, but I wanted filters that hooked straight into the MVC Controller&#39;s three major lifecycle events: OnPreAction, OnPostAction, and OnError. By doing so I felt I would minimize the difference between code in a filter and code in a controller. Thus was born the FilterController.
<h2>Filter Controller</h2>
The FilterController is an abstract class deriving from the System.Web.Mvc.Controller. It&#39;s primary purpose is to interrogate itself via reflection when it is created and to then load any attributes that implement the IControllerFilter interface:
<script src="https://gist.github.com/4007528.js?file=Example-4.cs"> </script>
The filters are then called for each of the three integration events: OnPreAction, OnPostAction, and OnError. Here is what the OnError event does:
<script src="https://gist.github.com/4007528.js?file=Example-5.cs"> </script>
The OnPreAction and OnPostAction events look almost exactly like the OnError event.
To fulfill my initial goal of obtaining functionality similar to that described in Frederik&#39;s post, I have created two filters:
<ul>
<li>SecurityFilter</li>
<li>ErrorHandlerFilter</li>
</ul>
<h2>Security Filter</h2>
While the PrincipalPermission attribute used in Frederik&#39;s post handles many security scenarios well, it wasn&#39;t as flexible or keyboard friendly as I would prefer. I created the SecurityFilter and an arrangement of sub-filters to create what I think is an easier solution.
To use the security filter in your controller you must first inherit from FilterController and apply the [SecurityFilter] attribute.
<script src="https://gist.github.com/4007528.js?file=Example-6.cs"> </script>
This alone does nothing, but you are now able to add one or more of the SecurityFilter&#39;s sub-filters to this controller or it&#39;s actions. The sub-filters I have created are:
<ul>
<li>RequireLogin Validates that the user is logged in.</li>
<li>RequireAnonymous Validates that the user is NOT logged in.</li>
<li>RequireRole Validates that the user is in the specified role.</li>
<li>RequireAnyRole Validates that the user is in at least one of the specified roles.</li>
<li>RequireEachRole Validates that the user is in every one of the specified roles.</li>
</ul>
Let&#39;s imagine a controller for a simple bulletin board system. In order to post to this forum you must be logged in, if you want to delete a post you must be in either the &quot;Administrators&quot; role or the &quot;Moderators&quot; role, and if you want to undelete a post you must be in the &quot;Administrators&quot; group. That controller would look something like:
<script src="https://gist.github.com/4007528.js?file=Example-7.cs"> </script>
By applying the [RequireLogin] attribute to the class you have applied that filter to all of the actions as well, which means you must be logged in to call the Post method. The other two methods use the appropriate version of the role requirement filters to achieve their goal.
What happens if the filter validations fail? In the case of an anonymous user attempting to access a restricted resource an AnonymousAccessException (which derives from SecurityException) is thrown while all other scenarios throw a SecurityException. What you do with those exceptions leads us to...
<h2>Error Handler Filter</h2>
Using the above ForumController, let&#39;s add the ErrorHandler filter:
<script src="https://gist.github.com/4007528.js?file=Example-8.cs"> </script>
Like with the last filter, this filter by itself does nothing but allow us to use the ErrorHandler sub-filter. Let&#39;s go ahead and add two sub-filters: one to handle security exceptions and one to handle all other exceptions.
In the event of a security exception we&#39;ll render the &quot;AccessDenied&quot; view while all other exceptions will render the &quot;SystemError&quot; view:
<script src="https://gist.github.com/4007528.js?file=Example-9.cs"> </script>
First notice that we are now providing the ErrorHandlerFilter attribute with an option that says ErrorHandlerMode.Render. This is because in the event of an error we want the controller to render the view with the name passed in. Later on we&#39;ll look at the other mode: ErrorHandlerMode.Redirect.
Next notice that we are providing three values to each of the two ErrorHandler sub-filters:
<ul>
<li>The order in which the sub-filter should be processed. This is important because the order the attribute is returned by reflection is unknown.</li>
<li>The name of the view to render. Just like calling RenderView() from an action, this view name must be accessible to the controller (either in the controller&#39;s view directory or in the Shared directory).</li>
<li>The type of the exception to match against.</li>
</ul>
Keep in mind that these sub-filters could be applied at either the class level or the method level and that method-level sub-filters are processed before class-level sub-filters. We&#39;ll stick with class-level throughout this article.
An &quot;Access Denied&quot; page popping up whenever we try to go somewhere we aren&#39;t allowed to without logging in isn&#39;t the best user experience. Let&#39;s improve it by sending anonymous users to the login page instead. This time however, we don&#39;t want just render the login view, we want to actually redirect to the SecurityController&#39;s Login action. While we&#39;re at it, I&#39;ll show you an example of handling multiple exceptions with one sub-filter:
<script src="https://gist.github.com/4007528.js?file=Example-10.cs"> </script>
Here in line 1 we specify not the name of the view to render, but the name of the action and controller to redirect to (in the format &quot;action,controller&quot;). The handler knows to process this as a redirect because we&#39;ve changed the mode for this one sub-filter to ErrorHandlerMode.Redirect. Lines 7, 8, &amp; 9 illustrate the capability for one sub-filter to match against many exceptions.
<h2>Download The Code</h2>
I hope you find these filters useful. If they don&#39;t happen to match your particular problem, then feel free to write your own filters. To do so you only have to implement the IControllerFilter interface. I&#39;ve attempted to make it even easier to do so by providing a base class named ControllerFilter that already implements the interface and has several hooks for you to take advantage of.
You are free to use or modify this code for anything including commercial purposes. The only restriction I ask is that you do not take credit for this work yourself, but I do not require any specific attribution.
I have packaged the code into four different releases:
These projects were built on Vista x64. If you are running a 32-bit version of Windows you may initially have trouble building the source versions below. To fix this you'll need to re-add the System.Web.Extensions reference. <a href="#comment-152106318">See my comment below for more details.</a>
*Full Source Release
*The entire solution zipped up.
<a href="/custom/files/old/MVC+Controller+Filters+(Source+and+Example+Website).zip">MVC+Controller+Filters+(Source+and+Example+Website).zip</a>
Example Site &amp; Binaries Release
(Recommended) Just the binaries zipped up with an example site.
<a href="/custom/files/old/MVC+Controller+Filters+(Example+Website).zip">MVC+Controller+Filters+(Example+Website).zip</a>
Filter Source Release
The source code for the FilterController and filters. No example site.
<a href="/custom/files/old/MVC+Controller+Filters+(Source).zip">MVC+Controller+Filters+(Source).zip</a>
Filter Binaries Release
The binaries for the FilterController and filters only. No source.
<a href="/custom/files/old/MVC+Controller+Filters+(Binaries).zip">MVC+Controller+Filters+(Binaries).zip</a>
</content>
</entry>
<entry>
<title>MVC Template Fix</title>
<link href="http://www.squaredroot.com/2008/01/02/mvc-template-fix/"/>
<updated>2008-01-02T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2008/01/02/mvc-template-fix</id>
<content type="html">Several weeks ago <a href="/2007/12/11/mvc-bug-broken-codebehind/">I blogged about a bug</a> I found in the <a href="http://weblogs.asp.net/scottgu/archive/2007/12/09/asp-net-3-5-extensions-ctp-preview-released.aspx">CTP release of the MVC framework</a>. The gist of the bug is that controls declared in the html portion of a page or user control could not be referenced from the code-behind of that page or user control. ScottGu posted a comment clarifying that <a href="/2007/12/11/mvc-bug-broken-codebehind/#comment-152106388">this was due to a bug in the templates</a> released in the CTP.
After nearly a month of following Scott&#39;s advice on how to fix the bug, I finally grew tired of such a repetitive task and have fixed the templates. You&#39;ll find a zip file containing the fix and installation instructions at the bottom of this post. Before I get into that though, let me explain the workaround (suggested by ScottGu) that I&#39;ve been using until now: 
<h2>The Easy, Repetitive Workaround</h2>
The problem is that the template for pages, master pages, and user controls only include the declarative HTML file and it&#39;s code-behind. The template is missing the designer file used by Visual Studio to hide the references generated by the server controls declared in your HTML. Here is what a MVC page looks like right after creation: 
<img src="/custom/files/old/SimpleWorkaround-Before_2.jpg" alt="IMAGE"> 
You could manually create a designer class to fix this issue, but that would be a pain. Luckily Visual Studio provides us with the handy &quot;Convert to Web Application&quot; feature to generate the designer class for us. Simply right-click on the .ASPX (or .Master or .ASCX) and click the &quot;Convert to Web Application&quot; option on the context menu. 
<img src="/custom/files/old/SimpleWorkaround-During_2.jpg" alt="IMAGE"> 
After doing so, you should see this: 
<img src="/custom/files/old/SimpleWorkaround-After_2.jpg" alt="IMAGE"> 
Voil&agrave;! Your codebehind file for that page/control (and that page/control only) should now work as expected. Its quick and simple, but I&#39;m sure you can imagine already the annoyance at having to do this for each and every page or control you create. That thought leads us to... 
<h2>The Slightly More Complex Permanent Solution</h2>
First, an admission of guilt: I only fixed the C# templates. I apologize to any VB.Net&#39;ers out there ahead of time. 
There are four templates that must be fixed: 
<ul>
<li>View Master Page - A master page.</li>
<li>View Page - A normal page.</li>
<li>View Content Page - A page that uses a master page.</li>
<li>View User Control - A control.</li>
</ul>
These four templates are found in two different places: the item templates folder and the item templates cache folder. 
Those folders are found at: &quot;Common7IDEItemTemplatesCSharpWeb1033&quot; and &quot;Common7IDEItemTemplatesCacheCSharpWeb1033&quot; respectively (within your VS 9 root folder). 
The item templates folder contains zip files which are at some point unzipped and stored in the item templates cache folder. I suppose you could just update the contents of the item templates cache folder, but I don&#39;t know if those settings would ever be written over by the item templates folder, so it is better to be safe and fix it in both places. 
<img src="/custom/files/old/TemplateFix-ZipLocation_2.jpg" alt="IMAGE"> 
<img src="/custom/files/old/TemplateFix-CacheLocation_2.jpg" alt="IMAGE"> 
The contents of a typical template for pages/user controls are: 
<ul>
<li>a vtemplate file (which serves as the manifest for the rest of the items)</li>
<li>an icon file</li>
<li>an html file (ASPX, ASCX, etc)</li>
<li>a codebehind file</li>
<li>a designer file</li>
</ul>
As you can see from the screenshot below, the templates did not include a designer file. 
<img src="/custom/files/old/TemplateFix-ZipContents_2.jpg" alt="IMAGE"> 
In addition, the vtemplate file does not describe a designer file. 
<img src="/custom/files/old/TemplateFix-TemplateFile_2.jpg" alt="IMAGE"> 
The fix is to add a line to the vtemplate file referencing a designer file and then add the designer file itself to the template folder/zip. The designer file should look something like: 
<img src="/custom/files/old/TemplateFix-DesignerFile_2.jpg" alt="IMAGE"> 
I&#39;ve gone ahead and done all this for you -- well, actually for me, but you get the point. :-) All you need to do is download the zip file from below and follow the instructions included in the readme.txt file.
<a href="/custom/files/old/MVC+Template+Fix.zip">MVC+Template+Fix.zip</a>
</content>
</entry>
<entry>
<title>MVC: ViewData vs. TempData</title>
<link href="http://www.squaredroot.com/2007/12/20/mvc-viewdata-vs-tempdata/"/>
<updated>2007-12-20T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/20/mvc-viewdata-vs-tempdata</id>
<content type="html">This article was written for the December CTP release of the MVC framework. Unfortunately, it does not entirely apply to the Preview 2 release or subsequent releases.
A commenter (<a href="http://www.superwasp.net/weblog/">oVan</a>) recently <a href="/2007/12/10/aspnet-mvc-membership-basics/#comment-152106519">left a comment</a> on one of my posts with a suggestion to redirect to a different URL rather than display a different view. He cautioned that if I do so to make certain I use store data in the TempData dictionary rather than ViewData. I had not yet heard of the TempData dictionary, so I set off into <a href="http://www.aisto.com/roeder/dotnet/">Reflector</a> to find out what exactly it is.
Initially it appeared that TempData was simply a Dictionary&lt;string,object&gt; stored in session. This is close to the truth, but not the whole truth. In fact the internal declaration of TempData&#39;s storage device is:
<script src="https://gist.github.com/3998629.js?file=Example-1.cs"> </script>
Why such a complicated declaration? Further digging revealed that the second element of the pair (the HashSet) is used as a kind of key synchronization device. When an item is added to the internal storage, the key is placed in the HashSet. At some point that I have been unable to determine, the key is removed from the HashSet. Then when the TempData object is built again, the discrepancy is noticed and the Dictionary entry that has a key not contained in the HashSet is removed from the Dictionary.
The end result is that any data stored in TempData will be around for the life the current request and the next request only, or until the item is removed explicitly. This is useful when you want to pass data to another view that you will be redirecting to, rather than rendering to. 
<script src="https://gist.github.com/3998629.js?file=Example-2.cs"> </script>
In the code above if you navigate to the Index page, you are automatically redirected to the Test1 action&#39;s URL. The Test1 action then executes and is able to access the data stored for it in TempData. If you then navigate to the Test2 action, that action is unable to retrieve the data previously stored in TempData.
To retrieve data from TempData inside of a view, do the following:
<script src="https://gist.github.com/3998629.js?file=Example-3.aspx"> </script>
One suggestion for an improvement in the next CTP would be to have all data available in TempData copied over to ViewData at the beginning of a request (after the old TempData has been cleared). This would allow us to simply say:
<script src="https://gist.github.com/3998629.js?file=Example-4.aspx"> </script>
Otherwise the view has to be very aware of the controller and how it plans to pass data into the view. Currently I cannot have a view that supports being passed data both ways without doing the following: 
<script src="https://gist.github.com/3998629.js?file=Example-5.aspx"> </script>
</content>
</entry>
<entry>
<title>MVC Complaint: Checkboxes</title>
<link href="http://www.squaredroot.com/2007/12/11/mvc-checkboxes-complaint/"/>
<updated>2007-12-11T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/11/mvc-checkboxes-complaint</id>
<content type="html">This article was written for the December CTP release of the MVC framework. Unfortunately, it does not entirely apply to the Preview 2 release or subsequent releases.
I mentioned in my previous post on <a href="/2007/12/10/aspnet-mvc-membership-basics/">building login &amp; registration forms</a> in the <a href="http://weblogs.asp.net/scottgu/archive/2007/12/09/asp-net-3-5-extensions-ctp-preview-released.aspx">ASP.NET MVC framework</a> that I was not a fan of the way checkboxes are handled in the first CTP release&#39;s <a href="http://blog.wekeroad.com/2007/12/05/aspnet-mvc-preview-using-the-mvc-ui-helpers/">toolkit</a>. To help explain why I don&#39;t care for it, consider the following... what would you expect the following helper function to output?
<script src="https://gist.github.com/3998609.js?file=Example-1.aspx"> </script>
I would imagine a single checkbox and a label with the text value, which is incorrect. Instead, this is what is generated:
<script src="https://gist.github.com/3998609.js?file=Example-2.html"> </script>
It looks fairly reasonable to most and really isn&#39;t the end of the world, but is rather unusable in my eyes. The text is just output inline directly following the checkbox element with no element wrapping it. This small omission makes it incredibly difficult to style the output effectively using CSS. Simply wrap the text in a &lt;label&gt; element and everything is gravy. What I would prefer to see output is:
<script src="https://gist.github.com/3998609.js?file=Example-3.html"> </script>
I realize this seems like a nitpick; I&#39;m perfectly capable of writing my own HTML checkbox and label (usually). My frustrations do not end there, though; let&#39;s look at how you retrieve data from a checkbox within a controller action that you have posted to. Taking the example of a simple login form with two text fields (&quot;userName&quot; and &quot;password&quot;) and one checkbox (&quot;rememberMe&quot;) you might expect to have the following controller action:
<script src="https://gist.github.com/3998609.js?file=Example-4.cs"> </script>
Given the context of this article, you can probably guess that the above doesn&#39;t work. Unfortunately the automagic code that maps fields found in the HTTP request to parameters in a controller action does not support mapping to a boolean. This is partly the fault of the HTTP spec (submitting a checked checkbox causes the form to post with $NAME=$VALUE where $NAME is the name of the checkbox element and $VALUE is the value of the &quot;value&quot; attribute; submitting an unchecked checkbox causes the form to post without any reference to the checkbox -- i.e.: a null value), but could easily be resolved with the following rule:
When a boolean is declared in a method marked with [ControllerAction], pass false into the parameter unless a text value is found with a field name that correlates to the name of the parameter (in which case pass true).
In other words, if you can&#39;t find a mention of &quot;rememberMe&quot; in the form&#39;s POST data, pass false to the parameter. If the form&#39;s POST data contains *any *value for a field named &quot;rememberMe,&quot; pass true to the parameter. For the time being you should declare the checkbox parameter as a string and test it against null, like so:
<script src="https://gist.github.com/3998609.js?file=Example-5.cs"> </script>
Sure, it isn&#39;t rocket science the way it is setup right now, but a little extra work could make for a much more fluid learning curve for new MVC developers. Obviously this is just a CTP release and not the full deal; I fully expect a lot of these quirks to be worked out over the next several months. This does make me wonder, will the toolkit be posted to <a href="http://www.codeplex.com">CodePlex</a> so that it can benefit from community involvement?
</content>
</entry>
<entry>
<title>MVC Bug: Broken Codebehind</title>
<link href="http://www.squaredroot.com/2007/12/11/mvc-bug-broken-codebehind/"/>
<updated>2007-12-11T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/11/mvc-bug-broken-codebehind</id>
<content type="html">This post is no longer relevant with recent releases of ASP.NET MVC.
Update (Jan 2): I have posted <a href="/2008/01/02/mvc-template-fix/">a permanent fix in the form of modified Visual Studio templates in another blog post</a>.
Update (Dec 11): ScottGu was kind enough to <a href="#comment-152106388">post a fix for this particular problem</a>. It is unfortunate that you have to repeat the fix for every view you add to your project, but I guess that&#39;s why it is called a CTP! ScottGu said... 
<blockquote>
There is a bug in the file template when you create a new page - and the .designer.cs file isn't generated.
To fix this, right click on the file and choose the "Convert to Web Application" menu item. This will generate the .designer.cs file that contains your control declarations. From that point on the code-behind will be kept up to date as you make changes.
Hope this helps,
Scott
</blockquote>
Original Post:
It may not be a popular choice, but I&#39;m perfectly okay with in-line code in my views as long as it doesn&#39;t contain business logic. One of the developers on my project prefers tag-based views (&lt;asp:Blah runat=&quot;server&quot; /&gt;) and came to me yesterday with a curious issue. I&#39;ve spent some of the morning investigating the issue and it does appear that there is a bug in the <a href="http://weblogs.asp.net/scottgu/archive/2007/12/09/asp-net-3-5-extensions-ctp-preview-released.aspx">newly released ASP.Net MVC Framework</a>.
The issue? Controls declared in an ASPX are not visible to that page&#39;s codebehind.
To test this hypothesis (and make sure we hadn&#39;t somehow broken our project) I started a new &quot;ASP.Net MVC Web Application&quot; project (note that the bug also exists for the &quot;ASP.Net MVC Web Application and Test&quot; project). I then opened the Views/Home/About.aspx file and added the following line:
<script src="https://gist.github.com/3998555.js?file=About.aspx"> </script>
Then I opened up the page&#39;s codebehind (Views/Home/About.aspx.cs) and added the following:
<script src="https://gist.github.com/3998555.js?file=About.aspx.cs"> </script>
Ctrl+Shift+B to compile and bam, a build error: &quot;The name &#39;myLiteral&#39; does not exist in the current context.&quot;
I began to wonder if this was not supported by the MVC framework, but I took a look back at one of ScottGu&#39;s most recent articles, <a href="http://weblogs.asp.net/scottgu/archive/2007/12/06/asp-net-mvc-framework-part-3-passing-viewdata-from-controllers-to-views.aspx">ASP.Net MVC Framework (Part 3): Passing ViewData from Controllers to Views</a>, and saw that he references controls from the page&#39;s codebehind several times. I also tried using several controls besides the Literal to no avail.
To test what was going on, I commented out the reference in the Page_Load method, added a string declaration and put a breakpoint on it. When I ran the MVC application in debug mode and loaded the page I was able to see the &quot;myLiteral&quot; control reference. It appears that the reference is available at runtime but Visual Studio just is not able to see it at compile time. Odd. 
<img src="/custom/files/old/DebugMyLiteral.jpg" alt="IMAGE">
For now I&#39;ve told the developer to just use in-line code, but I&#39;m well aware that many developers are loathe to do so. Thoughts? Suggestions?
</content>
</entry>
<entry>
<title>ASP.Net MVC Membership Basics</title>
<link href="http://www.squaredroot.com/2007/12/10/aspnet-mvc-membership-basics/"/>
<updated>2007-12-10T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/10/aspnet-mvc-membership-basics</id>
<content type="html">This article was written for the December 2007 CTP release of the MVC framework. It does not entirely apply to the Preview 2 release or subsequent releases.
<a href="http://asp.net/downloads/3.5-extensions/">The MVC bits have finally arrived</a> and I&#39;ve spent a while digesting them. I&#39;ve been waiting for the bits to be released to begin working on a side-project, so the first thing I did after downloading them last night was crank it up and start working on a new ASP.NET MVC Web Application project.
Typically, the first thing I do on a new project is set up the authentication/authorization system. For the project I am working on I want to use the ASP.Net Membership system, but most of the Membership controls do not work with the MVC framework because they require postbacks. I spent some time last night building a Security controller and views for Registration and Login that I thought would be worth sharing.
So far I have implemented basic functionality for Register, Login, and Logout. There are three files we will have to create. We will also have to change the routing table. Let&#39;s start with the SecurityController:
<script src="https://gist.github.com/3998394.js?file=SecurityController.cs"> </script>
So we have two basic actions methods that only display views (Register and Login) and three action-only methods that have no views (CreateUser, Authenticate, Logout).
I have chosen to not have a logout page, but to instead redirect to the homepage. Switch out &#39;Response.Redirect( &quot;/&quot; );&#39; for &#39;RenderView( &quot;Logout&quot; );&#39; and create a Logout.aspx view if you would like to display a logout message.
Now let&#39;s look at the Login view:
<script src="https://gist.github.com/3998394.js?file=LoginView.aspx"> </script>
The toolkit&#39;s Html.Checkbox(...) method annoys me. More on why in another post. For now I&#39;ve instead just written the html out by hand. You&#39;ll note I&#39;ve also linked the label to the checkbox with JavaScript so that clicking the label toggles the checkbox.
Then the Register view:
<script src="https://gist.github.com/3998394.js?file=RegisterView.aspx"> </script>
Another straightforward view. Not much to discuss here.
And finally, let&#39;s add the new routes:
<script src="https://gist.github.com/3998394.js?file=global.asax.cs"> </script>
I personally like login to be &quot;http://website/login&quot; and register to be &quot;http://website/register&quot;, so that is how I have configured it. The other three actions (Logout, Authenticate, and CreateUser) I access via the default route (ex: /Security/Logout).
That&#39;s it! You should now have a working registration/login system. I&#39;ll leave making it pretty with CSS as an exercise for the reader.
I have included all of the code samples above in the below ZIP file. Just unzip it and place the controller into the Controllers directory, the views into the Views/Security directory (which you will have to create), and copy the code from Routes.txt to the appropriate area of your Global.asax.
<a href="/custom/files/old/MVCMembership_v1.2.zip">MVCMembership_v1.2.zip</a>
<a name="update-dec-11"></a>
UPDATE (Dec 11): Johan and <a href="http://stevenharman.net/">Steve Harman</a> were kind enough to <a href="#comment-152106495">point out</a> that I had foolishly set the &quot;remember me&quot; checkbox&#39;s label&#39;s &quot;for&quot; attribute to point to the password field instead of the checkbox itself. I have fixed the code above and provided a new zip file (1.1) for download. Thanks guys!
<a name="update-dec-19"></a>
Update (Dec 19): <a href="http://www.superwasp.net/weblog/">oVan</a> <a href="#comment-152106514">pointed out a bug</a> in the routing rules defined in the routes.txt file. I have updated the zip file with the correct code. Thanks oVan!
<a name="update-jan-3"></a>
Update (Jan 3): <a href="#comment-152106536">James Nail asked a very good question via a comment</a>: what do you set for the loginUrl and defaultUrl in your web.config? Well James, here is how I&#39;ve setup my web.config...
Assuming we&#39;ll be using forms authentication and securing all pages except login and the homepage, place the following inside the &lt;system.web&gt; element:
<script src="https://gist.github.com/3998394.js?file=webconfig-1.xml"> </script>
Then, somewhere outside the &lt;system.web&gt; element add:
<script src="https://gist.github.com/3998394.js?file=webconfig-2.xml"> </script>
Note that this will grant access to all actions within the Security controller. It is also worth pointing out that, dependent on your setup, your CSS and image files may not load unless you also create a location path for their directory and grant all users access like so:
<script src="https://gist.github.com/3998394.js?file=webconfig-3.xml"> </script>
I have not updated the zip file with these web.config settings; let me know if anyone would prefer that I add it. I hope this helps some of you!
</content>
</entry>
<entry>
<title>MVC.net Release TODAY!</title>
<link href="http://www.squaredroot.com/2007/12/09/mvcnet-release-today/"/>
<updated>2007-12-09T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/09/mvcnet-release-today</id>
<content type="html">Scott Guthrie posted a comment to his <a href="http://weblogs.asp.net/scottgu/archive/2007/12/09/asp-net-mvc-framework-part-4-handling-form-edit-and-post-scenarios.aspx#5425465">fourth entry in his ASP.Net MVC tutorial series</a> stating: 
<blockquote>
Sunday, December 09, 2007 8:00 AM by ScottGu
Hi Panjkov,
>>>>>> is this correct link for asp.net extensions preview that will be shipped (today?) go.microsoft.com/fwlink (taken from www.hunterstrat.com/.../microsoft-releases-adonet-entity-framework-aspnet-35-extensions-previews )
No - that is for the ADO.NET entities bits (which is something different). Keep an eye on www.asp.net in a few hours - the ASP.NET 3.5 Extensions Preview (which includes MVC) will be posted there shortly.
Thanks,
Scott
</blockquote>
This is great news and rather unexpected. Time to hit up <a href="http://www.asp.net">www.asp.net</a> and F5 F5 F5...! 
Update: As everyone is aware by now, I&#39;m sure, the MVC Framework has been released. You can <a href="http://asp.net/downloads/3.5-extensions/">get it here</a>.
</content>
</entry>
<entry>
<title>MVC Framework Delayed</title>
<link href="http://www.squaredroot.com/2007/12/07/mvc-framework-delayed/"/>
<updated>2007-12-07T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/07/mvc-framework-delayed</id>
<content type="html"><a href="http://weblogs.asp.net/scottgu/archive/2007/12/06/asp-net-mvc-framework-part-3-passing-viewdata-from-controllers-to-views.aspx#5419863">ScottGu has posted a comment</a> on his latest blog post saying that a last minute bug has delayed the release of the new .Net MVC Framework, which was previously slated for release today in the form of a CTP. From the sound of things we are now looking at a Monday release if further testing does not reveal any further issues.
I&#39;m sure I speak for almost all of us that are awaiting this highly anticipated release when I say that all of their hard work is appreciated and while the delay is disappointing, what is a few more days? The full text of Scott&#39;s comment is below: 
<blockquote>
Quick update to everyone - we found a last minute bug late last night, and had to-do a rebuild of the bits. This unfortunately means we won't go live today as originally planned. The team is working hard, though, to try and get it out ASAP (they will be here this weekend finishing the test pass).
I'll do a blog post announcing it as soon as it is live. As penance I'm also doing a long Part 4 blog post this weekend that covers editing and form posting scenarios, which combined with the first three tutorial posts should provide a pretty good foundation for working with the bits.
Many apologies for the delay - almost there now though,
Scott
</blockquote>
</content>
</entry>
<entry>
<title>BlogEngine.net 1.2.5 Scrapped</title>
<link href="http://www.squaredroot.com/2007/12/07/blogenginenet-125-scrapped/"/>
<updated>2007-12-07T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/07/blogenginenet-125-scrapped</id>
<content type="html">Apparently this just isn&#39;t my day when it comes to project released that I&#39;ve been looking forward to. <a href="http://blog.madskristensen.dk/">Mads Kristensen</a> posted to the <a href="http://dotnetblogengine.net/">BlogEngine.net project&#39;s website</a> stating that <a href="http://dotnetblogengine.net/post/Release-news.aspx">the 1.2.5 release of the project (a service pack, really) will no longer happen</a> and that all of its changes will be rolled into a 1.3 release, due before the end of the year.
Disappointing, yes, but really for the best. The 1.2.5 release fixed quite a few bugs, but none of them show stoppers (well, for me) and 1.3 looks to add some new features to the equation. 
<h2>Coming in 1.3:</h2>
<ul>
<li>Full mono support (right out of the box)</li>
<li>Updated Meta-Weblog API including support for creating/editing pages in WLW</li>
<li>Improved Blog importer/exporter, including support for easily switching between XML and SQL backends </li>
<li>New extension manager to managing extensions and their settings</li>
<li>New events for extension writers</li>
<li>Support for mobile devices</li>
<li>New themes</li>
</ul>
I&#39;m especially looking forward to the mobile device support and further Live Writer integration. 
</content>
</entry>
<entry>
<title>GraffitiCMS Beta Opens</title>
<link href="http://www.squaredroot.com/2007/12/05/graffiticms-beta-opens/"/>
<updated>2007-12-05T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/05/graffiticms-beta-opens</id>
<content type="html">GraffitiCMS appears to be effectively dead now, and has been released to the community. You can still <a href="http://graffiticms.codeplex.com/">find the code on CodePlex.</a>
<a href="http://graffiticms.com/">GraffitiCMS</a> (from <a href="http://telligent.com/">Telligent</a>, makers of <a href="http://communityserver.org">Community Server</a>) has been released in beta. Head on over to their <a href="http://graffiticms.com/">official site</a> to download it. 
</content>
</entry>
<entry>
<title>Add/Update/Delete with LINQPad</title>
<link href="http://www.squaredroot.com/2007/12/05/addupdatedelete-with-linqpad/"/>
<updated>2007-12-05T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/12/05/addupdatedelete-with-linqpad</id>
<content type="html"><a href="http://www.dannydouglass.com">Danny Douglass</a> recently <a href="http://www.dannydouglass.com/post/2007/12/LINQ-Editor-and-Quiz.aspx">posted</a> about <a href="http://www.linqpad.net">LINQPad</a>, a query tool that understands LINQ. I spent some time today using it and am very impressed. It did take a while, however, to look through the numerous sample scripts and figure out exactly how to insert/update/delete data, so I thought I would share what I&#39;ve found. The biggest changes between working in LINQ-To-SQL in a Visual Studio 2008 project and writing a LINQ query in LINQPad are the lack of a DataContext, *the difference between *C# Expressions and C# Statements, and the addition of a Dump command.
No Data Context: When you need to interact with a database via LINQ in a Visual Studio 2008 project, you do so by creating a LINQ-To-SQL DBML file that generates a data context for you. This data context is in charge of maintaining your database connection and is what you use to submit changes to the database. Because there is no data context readily available to you (and no .dbml file) in LINQPad, the way you go about this is slightly different. There is a globally-scoped subroutine, &quot;SubmitChanges(),&quot; that should be called whenever you wish to commit an action to the database.
C# Expressions vs. C# Statements: By default LINQPad opens in &quot;C# Expression&quot; mode. In this mode you can type a simple query like &quot;from r in Regions select r&quot; and run it to see the results. As far as I can tell there is no way to insert/update/delete data in this mode. By switching to &quot;C# Statement(s)&quot; mode you are able to declare variables, control flow statements, and reference objects; this is the mode you need to be in to insert/update/delete data. To enter &quot;C# Statement(s)&quot; mode, select it from the &quot;Type&quot; drop-down box at the top of the window as show below:
<img src="/custom/files/old/LINQPad_2.jpg" alt="IMAGE">
object.Dump(): When you write a query in &quot;C# Expression&quot; mode the result of that query is automatically rendered to the Results frame (shown below). Because &quot;C# Statement(s)&quot; mode gives you the capability to run many queries in one execute, displaying the results of those queries must be manually invoked. To do so simply call the &quot;.Dump()&quot; method on the resultset of the query you want to display. &quot;.Dump()&quot; is implemented as an extension method available on all objects, so whether you are retrieving a single object, a list of objects, or an anonymous type the Dump method will be available to display your data.
<img src="/custom/files/old/LINQPad-Results_2.jpg" alt="IMAGE">
Below I have included examples of several ways to query data, as well as an example each for inserting, updating, and deleting data. 
<script src="https://gist.github.com/3998228.js"> </script>
</content>
</entry>
<entry>
<title>CssHandler: CSS + Variables</title>
<link href="http://www.squaredroot.com/2007/11/16/csshandler-first-release/"/>
<updated>2007-11-16T00:00:00+00:00</updated>
<id>http://www.squaredroot.com/2007/11/16/csshandler-first-release</id>
<content type="html">Please don't consider using this project anymore - it is old and out of date. <a href="http://www.hanselman.com/blog/CoffeeScriptSassAndLESSSupportForVisualStudioAndASPNETWithTheMindscapeWebWorkbench.aspx">Use something like SASS or LESS instead.</a>
It&#39;s been more than three and a half years since <a href="http://www.neopoleon.com">Rory Blyth</a> said <a href="http://www.neopoleon.com/home/blogs/neo/archive/2004/03/06/8705.aspx">&quot;screw standards - let&#39;s add variable support to CSS right this minute.&quot;</a> In retrospect, adding variables to CSS seems obvious; <a href="http://www.google.com/search?q=css+variables">everyone is asking about it</a>. There have even been <a href="http://www.codeproject.com/useritems/CSSVariables.asp">one</a> or <a href="http://aspnetresources.com/articles/variables_in_css.aspx">two</a> other .Net solutions developed, though Rory&#39;s solution has remained my favorite. With CSS2 barely working and <a href="http://www.w3.org/Style/CSS/current-work">CSS3 not addressing the issue</a>, those of us who are tired of repeating ourselves throughout our CSS files have no choice but to take matters into our own hands.
With that in mind I set out to update Rory&#39;s code. Not that there was anything wrong with it in the first place, of course (this is where I try to tactfully avoid being drawn as a jerkasaurus in one of Rory&#39;s comics), but Rory did whip the code up for a <a href="http://www.padnug.org/">PADNUG</a> meeting and that was about 3.5 million years ago (give or take many orders of magnitude). It was time to bring the CssHandler into 2007! Conveniently right before 2008.
Lo and behold, someone else had beat me to it. <a href="http://codingpatterns.blogspot.com/">Gabe Moothart</a> had already <a href="http://www.codeplex.com/CssHandler/">uploaded the CssHandler to CodePlex</a>, and even improved upon it. While Rory&#39;s code originally only allowed variable declarations &amp; references and stripped comments, Gabe&#39;s version also resolved application-relative paths (e.g.: &quot;~/blah/blah.gif&quot;) into browser friendly paths. I had further goals in mind though, and Gabe was kind enough to add me onto the project.
With my updates complete, I am now proud to present...
<h2>CssHandler 1.0</h2>
Features:
<ul>
<li>Define variables for later reference.</li>
<li>Resolve application relative paths.</li>
<li>Only link to one CSS file from your HTML page. Let the CssHandler combine additional CSS files at runtime to limit HTTP connections and share variable definitions across files.</li>
<li>All comments are stripped before render.</li>
<li>Most white-space is stripped before render.</li>
<li>HttpHandler can be mapped to &#39;*.css&#39; or can be referenced as CssHandler.axd and passed a CSS file in the query string.</li>
</ul>
Bugs fixed:
<ul>
<li>The @define{...} block is no longer sent down to the client.</li>
<li>Similarly named variables no longer present a problem.</li>
</ul>
Example:
The HTML references &quot;styles.css&quot;, which looks like:
<script src="https://gist.github.com/3998144.js?file=styles.css"> </script>
As seen above, &quot;styles.css&quot; references &quot;styles2.css&quot; via the @import statement, which looks like:
<script src="https://gist.github.com/3998144.js?file=styles2.css"> </script>
The CssHandler then:
<ol>
<li>Intercepts the browser&#39;s request for &quot;styles.css&quot;.</li>
<li>Resolves the two URLs that are using application relative paths.</li>
<li>Replaces the @import directive with the text from &quot;styles2.css&quot;.</li>
<li>Strips all comments from the CSS.</li></li>
<li>Replaces all referenced variables with their defined values.</li>
<li>Compresses most of the CSS&#39;s white-space.</li>
<li>Renders the following to the browser:</li>
</ol>
<script src="https://gist.github.com/3998144.js?file=styles_rendered.css"> </script>
I hope you find it as useful as I have. Many thanks to Rory Blyth and Gabe Moothart. Hopefully CSS4 will add variables and we&#39;ll never have to use this again!
<a href="http://www.codeplex.com/CssHandler/">Visit the project&#39;s CodePlex site to download</a>.
Update (Dec. 2, 2007): Rory has posted and <a href="http://www.neopoleon.com/home/blogs/neo/archive/2007/11/23/28201.aspx">given his blessing</a>, so to speak. Thanks Rory!
</content>
</entry>
</feed>

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

Download the "valid Atom 1.0" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):

<a href="http://www.feedvalidator.org/check.cgi?url=http%3A//feeds2.feedburner.com/SquaredRoot/"><img src="valid-atom.png" alt="[Valid Atom 1.0]" title="Validate my Atom 1.0 feed" /></a>

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//feeds2.feedburner.com/SquaredRoot/

Home · About · News · Docs · Terms