I understand there is a function called "replace strings" that allow information to be substituted in the D2L tools. What strings are available and can I use them in the content tools?
In the Desire2Learn Content tool the replace strings functionality substitutes at save time and not render time. This limits the applicability of the the replace strings in content.
The replace strings that are available include:
email
externalemail
firstname
internalemail
lastname
orgdefinedid
orgid
orgname
orgunitcode
orgunitid
orgunitname
orgunitpath
orgunittypeid
rolecode
roleid
rolename
userid
username
Related
can someone explain me this please? It's about AspNetUser, when we create a table, it generates an id in string, but how good is it? Isn't it bad in terms of security? Because if I want to show something only with one user, I need to compare my id (int) with id (string), I know it's simple and possible but I just need to convert the int to string, but is this method safe?
I was trying this and it worked but i'm comparing a string.
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
var plans = _unitOfWork.Games.GetAll().Where(p => p.UserId.Equals(userId));
return View(plans);
The AspNetUser is a part of ASP.NET Identity, which is a framework that provides authentication and authorization services. The Id column of the AspNetUser table is typically generated as a string (GUID) to ensure that it is unique across all users. Comparing the user ID as a string with another string value (such as the value from ClaimTypes.NameIdentifier) is not a security issue. The string comparison is a simple and efficient way to retrieve the data for a specific user. Converting the user ID to an integer would not provide any additional security benefits, but it may impact performance if the integer comparison involves a large number of operations.
Refrence link:
https://learn.microsoft.com/en-us/dotnet/api/system.identitymodel.claims.claimtypes.nameidentifier?view=netframework-4.8.1
Also :
What are the best practices for using a GUID as a primary key, specifically regarding performance?
Is there a replacement string I can use to target a specific section within a course? I know that I can use {OrgUnitName} as a replacement string for the course name, but is there a replacement string I can use for specific sections within a course?
Thanks!
There doesn't appear to be any course section tokens as of version 10. These are the ones that seem to be available:
orgunitid
orgunittypeid
orgunitpath
orgunitname
orgunitcode
orgid
orgname
userid
username
firstname
lastname
orgdefinedid
email
internalemail
externalemail
roleid
rolecode
rolename
How to validate that user enters string in textbox in asp mvc4?
What to write in required tag?
[required]
Use the [RegularExpression] attribute if you want to limit the user to only typing in alphabetic characters.
More info on MSDN.
Here is a good link to a regular expression that you can use.
This example maybe helps:
public class CustomerMetaData
{
// Require that the Title is not null.
// Use custom validation error.
[Required(ErrorMessage = "Title is required.")]
public object Title;
// Require that the MiddleName is not null.
// Use standard validation error.
[Required()]
public object MiddleName;
}
There are many ways to do it
1) By using plain Javascript or JQuery to check if it has value before submiting the page
2) On controller method check if it has value
3) If you a using EF and your view binded to a model add attribute called [Required]to the property of that model.
What do you actually want to do?
Make sure that the object the server receives has correct data in it? Then you should use data attributes on your C# model. However what do you mean by "enters string"? If the user simply needs to enter any string, then [Required] works - this just means that there has to be some value entered. Do you only want to allow a specific set of characters, like the English alphabet? Then you need to use a RegularExpression attribute.
If you further specify what you actually want to do I am sure we can help you more.
I have a simple web app that has a login page, the front end domain has a simple model with:
string username {get;set;}
string password {get;set;}
However it is encrypted with sha256 before it is sent over to the data domain object, originally the data domain was:
string username {get;set;}
string password {get;set;}
So I would take the password from the ui, encrypt it then using the Encoding.GetString() method, get back a string for persisting. However when I try to persist the data it just seems to give an exception, which I believe to be down to the characters in the string not being valid.
After looking around some people have recommended storing it as a varbinary(32) and using a byte[] password {get;set;} within the data layer, however I couldn't get Nhibernate to map it correctly.
So can anyone tell me the best practise on storing hashed passwords with Nhibernate and SqlServer or MySql. (The app supports both dbs)
You shouldn't use Encoding.GetString() on a SHA value since it will produce text that may not store correctly, or worse, give an exception. Rather use something like Convert.ToBase64String.
I am developing a site that uses the built in account model / controller that comes with the new MVC site template. I want to be able to only allow people to register if they use one of two specific domains in their email address.
So for example they can register if they use #domain1.co.uk or #domain2.co.uk, but no other domains (for example Gmail, Yahoo etc) can be used.
If anyone could point me in the right direction that would be great.
If using the MVC3 default site, you'll have a /Models/AccountModels.cs file. You can add a regular expression there to cause client-side* and server-side validation.
public class RegisterModel
{
...
[Required]
[DataType(DataType.EmailAddress)]
[Display(Name = "Email address")]
[RegularExpression(#"^[a-zA-Z0-9._%+-]+(#domain1\.co\.uk|#domain2\.co\.uk)$", ErrorMessage = "Registration limited to domain1 and domain2.")]
public string Email { get; set; }
...
}
You will need to work out the expression that works out best for your requirements.
*client-side validation assumes your view references the jquery.validate script and has Html.ValidationMessageFor(m => m.Email) and/or Html.ValidationSummary(), which it should by default.
What more do you need than:
if( email.Contains("#domain1.co.uk") || email.Contains("#domain2.co.uk") )
Register(email);
else
throw, return false, whatever()
When it comes time to do your validation, i.e. is the email field populated, use a regex to make sure it is in the domain. As for what the actual regex should be, there is a lot of discussion online about validating email addresses with them. It even comes down to what a valid email address should contain. I found this example online, but it likely by no means the best solution, as I am not a regex expert. I have tried it with a few examples but I'm sure you can come up with some that will pass when they shouldn't:
^\w+([-+.']\w+)*#mail.com$
Where mail.com is the domain you want to check against. If you have multiple domains, you can either extend the regex or do multiple checks replacing mail.com in the regex with whatever else you want to use.
BTW I found that regex on this forums.asp.net post which touches on an issue like yours.
Validate that on both the frontend (the reg form) and the backend.
Here I recommend jquery validation plugin for client side validation.