Remote Validation of Uniqueness in ASP MVC
Question
Using ASP MVC and SQL Server, I am trying to test the existence of a client before creating him via the uniqueness of his Email's value.
Following a lot of tutorials and solutions, I didn't success to resolve this problem. This is what I've tried :
ClientController :
[HttpPost]
public ActionResult Create(Client cmodel)
{
try
{
if (ModelState.IsValid)
{
ClientManagement cdb = new ClientManagement();
if (cdb.AddClient(cmodel))
{
ViewBag.Message = "Client Details Added Successfully";
ModelState.Clear();
}
}
return RedirectToAction("Index");
}
catch
{
return View();
}
}
public JsonResult IsClientExist(string Email)
{
List<Client> cm = new List<Client>();
return Json(!cm.Any(x => x.Email == Email), JsonRequestBehavior.AllowGet);
}
Class ClientManagement :
public bool AddClient(Client cmodel)
{
connection();
SqlCommand cmd = new SqlCommand("AddNewClients", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Email", cmodel.Email);
cmd.Parameters.AddWithValue("@Password", cmodel.Password);
con.Open();
int i = cmd.ExecuteNonQuery();
con.Close();
if (i >= 1)
return true;
else
return false;
}
Model Client :
public class Client
{
[Display(Name = "Email")]
[Required(ErrorMessage = "Email is required.")]
[EmailAddress(ErrorMessage = "Invalid Email Address")]
[DataType(DataType.EmailAddress)]
[StringLength(30)]
[Remote("IsClientExist", "Client", ErrorMessage = "Email is already exists in Database.")]
public string Email { get; set; }
[Display(Name = "Password")]
[DataType(DataType.Password)]
[Required(ErrorMessage = "Password is required.")]
public string Password { get; set; }
}
View Create :
<div class="form-group">
@Html.LabelFor(model => model.Email, htmlAttributes: new { @class = "control-label col-md-2" })
<div class="col-md-10">
@Html.EditorFor(model => model.Email, new { htmlAttributes = new { @class = "form-control" } })
@Html.ValidationMessageFor(model => model.Email, "", new { @class = "text-danger" })
</div>
</div>
<script src="~/Scripts/jquery-1.10.2.min.js"></script>
<script src="~/Scripts/jquery.validate.min.js"></script>
<script src="~/Scripts/jquery.validate.unobtrusive.min.js"></script>
2 answers
solution1
2 2017-11-02 15:50:49
You need to add a unique constraint or unique index on Email in the database.
Even when you check for existence before the insert, concurrent requests could lead to duplicates. So have the database enforce uniqueness and handle the error it returns when you try to insert a duplicate.
solution2
2 ACCPTED 2017-11-02 16:33:55
Your current code is checking againist an empty list of Client . You should be checking against existing data.
You can write a method to check that
private bool DoesEmailExist(string email)
{
var conStr = @"putYourConnectionStringHere";
var q = "select TOP 1 Email from Client WHERE Email=@email";
using (var c =new SqlConnection(conStr))
{
using (var cmd = new SqlCommand(q, c))
{
c.Open();
cmd.Parameters.AddWithValue("@email", email);
var r = cmd.ExecuteReader();
return r.HasRows;
}
}
}
Now you call this method in your other method. Your IsClientExist should return false when the email exist in the system and should return true when it does not exist in the database . So basically you need to negate the result coming back from the DoesEmailExist method
public JsonResult IsClientExist(string Email)
{
var r = DoesEmailExist(Email);
return Json(!r, JsonRequestBehavior.AllowGet);
}
Keep in mind that this does only Client side validation. Never trust data coming from client.Always validate on server side . You should add database level constraints to prevent duplicate emails getting saved in the table as @David Browne mentioned in his answer
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.