Asp Net Mvc 5 A Beginner S Guide

Asp-Net-mvc-5-a-beginner-s-guide

User Manual:

Open the PDF directly: View PDF PDF.
Page Count: 106

DownloadAsp-Net-mvc-5-a-beginner-s-guide
Open PDF In BrowserView PDF
ASP.NET MVC 5: Building Your First
Web Application (A Beginner’s Guide)
This free book is provided by courtesy of C# Corner and Mindcracker Network and
its authors. Feel free to share this book with your friends and co-workers. Please do
not reproduce, republish, edit or copy this book.

Vincent Maverick
(C# Corner MVP)

About Author
Vincent Maverick is a Microsoft ASP.NET MVP since 2009, C# Corner MVP and DZone MVB.
He works as a Technical Lead Developer in a research and development company. He works on
ASP.NET, C#, MS SQL, Entity Framework, LINQ, AJAX, JavaScript, JQuery, HTML5, CSS, and
other technologies.

Vincent Maverick

INDEX

Page no



Introduction

1



Prerequisites

1



Environment Settings and Tools Used

2



Getting Started

2



Brief Overview of ASP.NET MVC

2-5

o What is ASP.NET MVC?
o What are Models?
o What are Controllers?
o What are Views?


Creating a Database

5



Creating Database Tables

6-7



Adding a New ASP.NET MVC 5 Project

8-10



Setting Up the Data Access using Entity

10-16

Framework Database-First approach
o Creating the Entity Models


Creating a Signup Page

16-29

o Adding ViewModels
o Adding the Controllers
o Adding the Views
o Running the Application


Creating the Login Page
o Forms Authentication Overview
o Enabling Forms Authentication
o Adding the UserLoginView Model
o Adding the GetUserPassword() Method
o Adding the Login Action Method
o Adding the Login View
o Implementing the Logout Functionality
o Running the Application

29-38



Implementing a Simple Role-Based Page Authorization

39-43

o Creating the IsUserInRole() Method
o Creating a Custom Authorization Attribute Filter
o Adding the AdminOnly and UnAuthorized page
o Adding Test Roles Data
o Running the Application


Implementing Fetch, Edit, Update and Delete Operations

44-64

o Fetching and Displaying Data


Adding the View Models



Adding the ManageUserPartial Action Method



Adding the ManageUserPartial PartialView



Running the Application

o Editing and Updating the Data


Installing jQuery and jQueryUI



Adding the UpdateUserAccount() Method



Adding the UpdateUserData() Action Method



Modifying the UserManagePartial View



Integrating jQuery and jQuery AJAX



Modifying the UserManagePartial Action Method



Displaying the Status Result



Running the Application

o Deleting Data





Adding the DeleteUser() Method



Adding the DeleteUser() Action Method



Integrating jQuery and jQuery AJAX



Running the Application

Creating a User Profile Page
o Adding the GetUserProfile() Method
o Adding the EditProfile() Action Method
o Adding the View
o Running the Application

64-70



Implementing a ShoutBox Feature

71-78

o Creating the Message Table
o Updating the Entity Data Model
o Updating the UserModel
o Updating the UserManager Class
o Updating the HomeController Class
o Creating the ShoutBoxPartial Partial View
o Down to the JavaScript Functions
o Wrapping Up
o Running the Application


Deploying Your ASP.NET MVC 5 App to IIS8

79-100

o Overview of IIS Express and IIS Web Server
o Installing IIS8 on Windows 8.1
o Publishing from Visual Studio
o Converting Your App to Web Application
o Enable File Sharing in IIS
o Configuring SQL Server Logins
o Configuring Application Pool’s Identity
o Running the Application


Summary

101

1

ASP.NET MVC 5: Building Your First
Web Application (A Beginner’s Guide)
Introduction
Technologies are constantly evolving and as developer we need to cope up with what’s the latest
or at least popular nowadays. As a starter you might find yourself having a hard-time catching up
with latest technologies because it will give you more confusion as to what sets of technologies
to use and where to start. We know that there are tons of resources out there that you can use as a
reference to learn but you still find it hard to connect the dots in the picture. Sometimes you
might thought of losing the interest to learn and gave up. If you are confused and no idea how to
start building a web app from scratch then this book is for you.
ASP.NET MVC 5: Building Your First Web Application is targeted to beginners who want to
jump on ASP.NET MVC 5 and get their hands dirty with practical example. I've written this
book in such a way that it’s easy to follow and understand by providing step-by-step process on
creating a simple web application from scratch and deploying it to IIS Web Server. As you go
along and until such time you finished following the book, you will learn how to create a
database using SQL Server, learn the concept of ASP.NET MVC and what it is all about, learn
Entity Framework using Database-First approach, learn basic jQuery and AJAX, learn to create
pages such as Registration, Login, Profile and Admin page where user can modify, add and
delete information. You will also learn how to install and deploy your application in IIS Web
Server.
Prerequisites
Before you go any further make sure that you have basic knowledge on the following
technologies:








SQL Server
Visual Studio
ASP.NET in general
Basic understanding of ASP.NET MVC
Entity Framework
C#
Basics on HTML, CSS and JavaScript/jQuery
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

2

Environment and Development Tools
The following are the tools and environment settings that I am using upon building the web app.





Windows 8.1
IIS8
Visual Studio 2015
SQL Express 2014

Getting Started
This book will guide you through the basic steps on creating a simple web application using
ASP.NET MVC 5 with real-world example using Entity Framework Database-First approach.
I’ll try to keep this demo as simple as possible so starters can easily follow. By “simple” I mean
limit the talking about theories and concepts, but instead jumping directly into the mud and get
your hands dirty with code examples.
ASP.NET MVC Overview
Before we start building an MVC application let’s talk about a bit of MVC first because it is very
important to know how the MVC framework works.

What is ASP.NET MVC?
ASP.NET MVC is part of ASP.NET framework. The figure below will give you a high level
look to where ASP.NET MVC resides within the ASP.NET framework.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

3
Figure 1: The ASP.NET technologies

You will see that ASP.NET MVC sits on top of ASP.NET. ASP.NET MVC gives you a
powerful, pattern-based way to build dynamic websites that enables a clean separation of
concerns and that gives you full control over mark-up for enjoyable and agile development.
To make it more clear, here’s how I view the high-level process of MVC:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

4
Figure 2: MVC architecture flow

Unlike in ASP.NET WebForms that a request is going directly to a page file (.ASPX), in MVC
when a user request a page it will first talk to the Controller , process data when necessary and
returns a Model to the View for the user to see.
What are Models?
Model objects are the parts of the application that implement the logic for the application domain
data. Often, model objects retrieved and store model state in database.
What are Controllers?
Controllers are the components that handle user interaction, work with the model, and ultimately
select a view to render in the browser.
What are Views?
Views are the components that display the application’s user interface (UI), typically this UI is
created from the model data.
To put them up together, the M is for Model, which is typically where the BO (Business
Objects), BL (Business Layer) and DAL (Data Access) will live. Note that in typical layered
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

5

architecture, your BL and DAL should be in separate project. The V is for View, which is what
the user sees. This could simply mean that any UI and client-side related development will live
in the View including HTML, CSS and JavaScript. The C is the Controller, which orchestrates
the flow of logic. For example if a user clicks a button that points to a specific URL, that request
is mapped to a Controller Action method that is responsible for handling any logic required to
service the request, and returning a response- typically a new View, or an update to the existing
View.
If you are still confused about Models, Views and Controllers then don’t worry because I will be
covering how each of them relates to each other by providing code examples. So keep reading 

Creating a Database
Open SQL Server or SQL Server Express Management Studio and then create a database by
doing the following:




Right click on the Databases folder
Select New Database
Enter a database name and then click OK. Note that in this demo I used “DemoDB” as
my database name.

The “DemoDB” database should be created as shown in the figure below:

Figure 3: New database created

Alternatively, you can also write a SQL script to create a database. For example:
CREATE DATABASE DemoDB;
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

6

Creating Database Tables
Now open a New Query window or just press CTRL + N to launch the query window and then
run the following scripts:
LOOKUPRole table
USE [DemoDB]
GO
CREATE TABLE [dbo].[LOOKUPRole](
[LOOKUPRoleID] [int] IDENTITY(1,1) NOT NULL,
[RoleName] [varchar](100) DEFAULT '',
[RoleDescription] [varchar](500) DEFAULT '',
[RowCreatedSYSUserID] [int] NOT NULL,
[RowCreatedDateTime] [datetime] DEFAULT GETDATE(),
[RowModifiedSYSUserID] [int] NOT NULL,
[RowModifiedDateTime] [datetime] DEFAULT GETDATE(),
PRIMARY KEY (LOOKUPRoleID)
)
GO

Adding test data to LOOKUPRole table
INSERT INTO LOOKUPRole
(RoleName,RoleDescription,RowCreatedSYSUserID,RowModifiedSYSUserID)
VALUES ('Admin','Can Edit, Update, Delete',1,1)
INSERT INTO LOOKUPRole
(RoleName,RoleDescription,RowCreatedSYSUserID,RowModifiedSYSUserID)
VALUES ('Member','Read only',1,1)

SYSUser table
USE [DemoDB]
GO
CREATE TABLE [dbo].[SYSUser](
[SYSUserID] [int] IDENTITY(1,1) NOT NULL,
[LoginName] [varchar](50) NOT NULL,
[PasswordEncryptedText] [varchar](200) NOT NULL,
[RowCreatedSYSUserID] [int] NOT NULL,
[RowCreatedDateTime] [datetime] DEFAULT GETDATE(),
[RowModifiedSYSUserID] [int] NOT NULL,
[RowModifiedDateTime] [datetime] DEFAULT GETDATE(),
PRIMARY KEY (SYSUserID)
)
GO

SYSUserProfile table
USE [DemoDB]
GO
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

7
CREATE TABLE [dbo].[SYSUserProfile](
[SYSUserProfileID] [int] IDENTITY(1,1) NOT NULL,
[SYSUserID] [int] NOT NULL,
[FirstName] [varchar](50) NOT NULL,
[LastName] [varchar](50) NOT NULL,
[Gender] [char](1) NOT NULL,
[RowCreatedSYSUserID] [int] NOT NULL,
[RowCreatedDateTime] [datetime] DEFAULT GETDATE(),
[RowModifiedSYSUserID] [int] NOT NULL,
[RowModifiedDateTime] [datetime] DEFAULT GETDATE(),
PRIMARY KEY (SYSUserProfileID)
)
GO
ALTER TABLE [dbo].[SYSUserProfile] WITH CHECK ADD FOREIGN KEY([SYSUserID])
REFERENCES [dbo].[SYSUser] ([SYSUserID])
GO

And finally, the SYSUserRole table
USE [DemoDB]
GO
CREATE TABLE [dbo].[SYSUserRole](
[SYSUserRoleID] [int] IDENTITY(1,1) NOT NULL,
[SYSUserID] [int] NOT NULL,
[LOOKUPRoleID] [int] NOT NULL,
[IsActive] [bit] DEFAULT (1),
[RowCreatedSYSUserID] [int] NOT NULL,
[RowCreatedDateTime] [datetime] DEFAULT GETDATE(),
[RowModifiedSYSUserID] [int] NOT NULL,
[RowModifiedDateTime] [datetime] DEFAULT GETDATE(),
PRIMARY KEY (SYSUserRoleID)
)
GO
ALTER TABLE [dbo].[SYSUserRole] WITH CHECK ADD FOREIGN KEY([LOOKUPRoleID])
REFERENCES [dbo].[LOOKUPRole] ([LOOKUPRoleID])
GO
ALTER TABLE [dbo].[SYSUserRole] WITH CHECK ADD FOREIGN KEY([SYSUserID])
REFERENCES [dbo].[SYSUser] ([SYSUserID])
GO

That’s it. We have just created four (4) database tables. The next step is to create the web
application.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

8

Adding a New ASP.NET MVC 5 Project
Go ahead and fire up Visual Studio 2015 and select File > New > Project. Under “New Project”
dialog, select Templates > Visual C# > ASP.NET Web Application. See the figure below for
your reference.

Figure 4: ASP.NET Web Application template

Name your project to whatever you like and then click OK. Note that for this demo I have named
the project as “MVC5RealWorld”. Now after that you should be able to see the “New
ASP.NET Project” dialog as shown in the figure below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

9
Figure 5: New ASP.NET Project dialog

The New ASP.NET Project dialog for ASP.NET 4.6 templates allows you to select what type of
project you want to create, configure any combination of ASP.NET technologies such as
WebForms, MVC or Web API, configure unit test project, configure authentication option and
also offers a new option to host your website in Azure cloud. Adding to that it also provide
templates for ASP.NET 5.
In this book I will only be covering on creating an ASP.NET MVC 5 application. So the details
of each configuration like unit testing, authentication, hosting in cloud, etc. will not be covered.
Now select “Empty” under ASP.NET 4.6 templates and then check the “MVC” option under
folders and core reference as shown in Figure 5. The reason for this is that we will create an
empty MVC application from scratch. Click OK to let Visual Studio generate the necessary files
and templates needed for you to run an MVC application.
You should now be seeing something like below:
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

10
Figure 6: The MVC5RealWorld project

Setting Up the Data Access
For this example, I’m going to use Database-First with Entity Framework 6 (EF) as our data
access mechanism so that we can just program against the conceptual application model instead
of programming directly against our database.
Umm Huh? What do you mean?
This could simply mean that using EF you will be working with entities (class/object
representation of your data structure) and letting the framework handle the basic select, update,
insert & delete. In traditional ADO.NET you will write the SQL queries directly against
tables/columns/procedures and you don't have entities so it’s much less objecting oriented.
I prefer using EF because it provides the following benefits:


Applications can work in terms of a more application-centric conceptual model, including
types with inheritance, complex members, and relationships.
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

11








Applications are freed from hard-coded dependencies on a particular data engine or
storage schema.
Mappings between the conceptual model and the storage-specific schema can change
without changing the application code.
Developers can work with a consistent application object model that can be mapped to
various storage schemas, possibly implemented in different database management
systems.
Multiple conceptual models can be mapped to a single storage schema.
Language-integrated query (LINQ) support provides compile-time syntax validation for
queries against a conceptual model.

Creating the Entity Models
As a quick recap, a Model is just a class. Yes it’s a class that implements the logic for your
application’s domain data. Often, model objects retrieved and store model state in database.
Now let’s setup our Model folder structure by adding the following sub-folders under the
“Models” folder:




DB
EntityManager
ViewModel

Our model structure should look something like below:

Figure 7: Creating the Models folder
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

12

The DB folder is where we store our entity data model (.EDMX). You can think of it as a
conceptual database that contains some tables. To add an entity, right click on the DB folder and
select Add > New Item > Data > ADO.NET Entity Data Mode as shown in the figure below.

Figure 8: Adding Entity Data Model

You can name your entity model as you would like but for this example I just named it as
“DemoModel” for simplicity. Now click “Add” to continue and on the next step select “EF
Designer from Database” as we are going to use database first approach to work with existing
database. Click “Next” to proceed. In the next step click on “New Connection” button and then
select “Microsoft SQL Server (SqlClient)” as the data source, then click “Next”. You should see
this dialog below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

13
Figure 9: Connection Properties dialog

Enter the SQL server name and select the database that we have just created in previous steps. If
you have an existing database, then use that instead. Also note that I am using windows
authentication for logging in to my SQL Server. Once you’ve done supplying the necessary
fields, you can then click on “Test Connection” to verify the connectivity. If it is successful then
just click “OK”.
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

14

You should now see the following dialog below:

Figure 10: Choose Your Data Connection dialog

Notice that the connection string was automatically generated for you. Click “Next” and then
select “Entity Framework 6.x” to bring up the following dialog below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

15
Figure 11: Entity Data Model Wizard dialog

Now select the table(s) that you want to use in your application. For this example I selected all
tables because we are going to use those in our application. Clicking the “Finish” button will
generate the entity model for you as shown in the figure below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

16
Figure 12: The Entity Data Model

What happened there is that EF automatically generates the business objects for you and let you
query against it. The EDMX or the entity data model will serve as the main gateway by which
you retrieve objects from database and resubmit changes.

Creating a Signup Page
Adding ViewModels
Again, Entity Framework will generate the business model objects and manage Data Access
within the application. As a result, the class LOOKUPRole, SYSUserRole, SYSUser and
SYSUserProfile are automatically created by EF and it features all the fields from the database
table as properties of each class.
I don't want to use these classes directly in the View so I’ve decided to create a separate class
that just holds the properties I needed in the View. Now let's add the “UserModel” class by
right-clicking on the "ViewModel" folder and then selecting Add > Class. The "UserModel.cs"

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

17

file is where we put all user related model views. For the Signup page we are going to add the
“UserSignUpView” class. In the “UserModel.cs” file add the following code below:
using System.ComponentModel.DataAnnotations;
namespace MVC5RealWorld.Models.ViewModel
{
public class UserSignUpView
{
[Key]
public int SYSUserID { get; set; }
public int LOOKUPRoleID { get; set; }
public string RoleName { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Login ID")]
public string LoginName { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Password")]
public string Password { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "First Name")]
public string FirstName { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Last Name")]
public string LastName { get; set; }
public string Gender { get; set; }
}
}

Notice that I have added the “Required” and “DisplayName” attributes for each property in the
UserSignUpView class. This attributes is called Data Annotations. Data annotations are attribute
classes that lives under System.ComponentModel.DataAnnotations namespace that you can use
to decorate classes or properties to enforce pre-defined validation rules.

I'll use this validation technique because I want to keep a clear separation of concerns by using
the MVC pattern and couple that with data annotations in the model, then your validation code
becomes much simpler to write, maintain, and test.

For more information about Data Annotations then you can refer this article from MSDN: Data
Annotations . And of course you can find more examples about it by doing a simple search at
google

.

Adding the UserManager Class
The next step that we are going to do is to create the “UserManger” class that would handle the
CRUD operations (Create, Read, Update and Delete operations) of a certain table. The purpose
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

18

of this class is to separate the actual data operations from our controller and to have a central
class for handling insert, update, fetch and delete operations.
Notes:
Please keep in mind that in this section I'm only be doing the insert part in which a user can add
new data from the View to the database. I'll talk about how to do update, fetch and delete with
MVC in the next section. So this time we'll just focus on the insertion part first.
Since this demo is intended to make web application as simple as possible then I will not be
using TransactionScope and Repository pattern. In real complex web app you may want to
consider
using
TransactionScope
and
Repository
for
your
Data
Access.
Now right click on the "EntityManager" folder and then add a new class by selecting Add >
Class and name the class as "UserManager". Here's the code block for the "UserManager" class:
using
using
using
using

System;
System.Linq;
MVC5RealWorld.Models.DB;
MVC5RealWorld.Models.ViewModel;

namespace MVC5RealWorld.Models.EntityManager
{
public class UserManager
{
public void AddUserAccount(UserSignUpView user) {
using (DemoDBEntities db = new DemoDBEntities()) {
SYSUser SU = new SYSUser();
SU.LoginName = user.LoginName;
SU.PasswordEncryptedText = user.Password;
SU.RowCreatedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1;
SU.RowModifiedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1; ;
SU.RowCreatedDateTime = DateTime.Now;
SU.RowMOdifiedDateTime = DateTime.Now;
db.SYSUsers.Add(SU);
db.SaveChanges();
SYSUserProfile SUP = new SYSUserProfile();
SUP.SYSUserID = SU.SYSUserID;
SUP.FirstName = user.FirstName;
SUP.LastName = user.LastName;
SUP.Gender = user.Gender;
SUP.RowCreatedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1;
SUP.RowModifiedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1;
SUP.RowCreatedDateTime = DateTime.Now;
SUP.RowModifiedDateTime = DateTime.Now;
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

19
db.SYSUserProfiles.Add(SUP);
db.SaveChanges();

if (user.LOOKUPRoleID > 0) {
SYSUserRole SUR = new SYSUserRole();
SUR.LOOKUPRoleID = user.LOOKUPRoleID;
SUR.SYSUserID = user.SYSUserID;
SUR.IsActive = true;
SUR.RowCreatedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1;
SUR.RowModifiedSYSUserID = user.SYSUserID > 0 ? user.SYSUserID : 1;
SUR.RowCreatedDateTime = DateTime.Now;
SUR.RowModifiedDateTime = DateTime.Now;
db.SYSUserRoles.Add(SUR);
db.SaveChanges();
}
}
}
public bool IsLoginNameExist(string loginName) {
using (DemoDBEntities db = new DemoDBEntities()) {
return db.SYSUsers.Where(o => o.LoginName.Equals(loginName)).Any();
}
}
}
}

The AddUserAccount() is a method that inserts data to the database using Entity Framework.
The IsLoginNameExist() is a method that returns boolean. It basically checks the database for
an existing data using LINQ syntax.
Adding the Controllers
Since our model was already set then let's go ahead and add the "AccountController" class. To
do this, just right click on the "Controllers" folder and select Add > Controller > MVC 5
Controller -Empty and then click “Add”. In the next dialog name the controller as
"AccountController" and then click “Add” to generate class for you.
Here’s the code block for the "AccountController" class:
using
using
using
using

System.Web.Mvc;
System.Web.Security;
MVC5RealWorld.Models.ViewModel;
MVC5RealWorld.Models.EntityManager;

namespace MVC5RealWorld.Controllers
{
public class AccountController : Controller
{
public ActionResult SignUp() {
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

20
return View();
}
[HttpPost]
public ActionResult SignUp(UserSignUpView USV) {
if (ModelState.IsValid) {
UserManager UM = new UserManager();
if (!UM.IsLoginNameExist(USV.LoginName)) {
UM.AddUserAccount(USV);
FormsAuthentication.SetAuthCookie(USV.FirstName, false);
return RedirectToAction("Welcome", "Home");
}
else
ModelState.AddModelError("", "Login Name already taken.");
}
return View();
}
}
}

The “AccountController” class has two main methods. The first one is the "SignUp" which
returns the "SignUp.cshtml" View when that action is requested. The second one also named as
"SignUp" but it is decorated with the "[HttpPost]" attribute. This attribute specifies that the
overload of the "SignUp" method can be invoked only for POST requests.
The second method is responsible for inserting new entry to the database and automatically
authenticate the users using FormsAuthentication.SetAuthCookie() method. This method
creates an authentication ticket for the supplied user name and adds it to the cookies collection of
the response or to the URL if you are using cookieless authentication. After authenticating, we
then redirect the users to the “Welcome.cshtml” page.

Now add another Controller and name it as "HomeController". This controller would be our
controller for our default page. We will create the "Index" and the "Welcome" View for this
controller in the next step. Here's the code for the "HomeController" class:
using System.Web.Mvc;
namespace MVC5RealWorld.Controllers
{
public class HomeController : Controller
{
public ActionResult Index() {
return View();
}
[Authorize]
public ActionResult Welcome() {
return View();
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

21
}
}
}

The HomeController class consists of two ActionResult methods such as Index and Welcome.
The "Index" method serves as our default redirect page and the "Welcome" method will be the
page where we redirect users after they have authenticated successfully. We also decorated it
with the "[Authorize]" attribute so that this method will only be available for the logged-in or
authenticated users.
To configure a default page route, you can go to App_Start > RouteConfig. From there you
should be able to see something like this:
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
name: "Default",
url: "{controller}/{action}/{id}",
defaults: new { controller = "Home", action = "Index", id =
UrlParameter.Optional }
);
}

The code above signifies that the URL path /Home/Index is the default page for our application.
For more information about Routing, visit: ASP.NET MVC Routing Overview
Adding the Views
There are two possible ways to add Views. Either you can manually create the Views folder by
yourself and add the corresponding .CSHTML files or by right clicking on the Controller’s
action method just like in the figure shown below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

22
Figure 13: Adding new View

Clicking “Add” View will show this dialog below:

Figure 14: Add View dialog

Just click “Add” since we don’t need to do anything with the Index page at this point. Now
modify the Index page and replace it with the following HTML markup:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

23
@{
ViewBag.Title = "Index";
Layout = "~/Views/Shared/_Layout.cshtml";
}

Index



No Account yet? @Html.ActionLink("Signup Now!", "SignUp", "Account")

The ActionLink in the markup above allows you to navigate to the SignUp page which lives
under AccountController. Now add a View to the Welcome action by doing the same as what we
did by adding the Index page. Here’s the Welcome page HTML markup:
@{
ViewBag.Title = "Welcome";
Layout = "~/Views/Shared/_Layout.cshtml";
}

Hi @Context.User.Identity.Name! Welcome to my first MVC 5 Web App!


Now switch back to “AccountController” class and add a new View for the “SignUp” page. In
the Add View dialog select “Create” as the scaffold template, select the “UserSignUpView” as
the model and the “DemoDBEntities” as the data context as shown in the figure below:

Figure 15: Add View dialog
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

24

Click “Add” to let Visual Studio scaffolds the UI for you. The term “Scaffolding” allow you to
quickly generate the UI that you can edit and customize.
Now we need to trim down the generated fields because there are some fields that we don’t
actually need users to see like the RoleName and ID’s. Adding to that I also modified the
Password to use the PasswordFor HTML helper and use DropDownListFor for displaying the
Gender. Here’s the modified and trimmed down HTML markup for the SignUp page:
@model MVC5RealWorld.Models.ViewModel.UserSignUpView
@{
ViewBag.Title = "SignUp";
Layout = "~/Views/Shared/_Layout.cshtml";
}

SignUp

@using (Html.BeginForm())
{
@Html.AntiForgeryToken()




@Html.ValidationSummary(true, "", new { @class = "text-danger" })


@Html.LabelFor(model => model.LoginName, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.EditorFor(model => model.LoginName, new { htmlAttributes = new {
@class = "form-control" } })
@Html.ValidationMessageFor(model => model.LoginName, "", new { @class =
"text-danger" })






@Html.LabelFor(model => model.Password, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.PasswordFor(model => model.Password, new { @class = "form-control"
} )
@Html.ValidationMessageFor(model => model.Password, "", new { @class =
"text-danger" })






@Html.LabelFor(model => model.FirstName, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.EditorFor(model => model.FirstName, new { htmlAttributes = new {
@class = "form-control" } })
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

25
@Html.ValidationMessageFor(model => model.FirstName, "", new { @class = "text-danger"
})






@Html.LabelFor(model => model.LastName, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.EditorFor(model => model.LastName, new { htmlAttributes = new {
@class = "form-control" } })
@Html.ValidationMessageFor(model => model.LastName, "", new { @class =
"text-danger" })






@Html.LabelFor(model => model.Gender, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.DropDownListFor(model => model.Gender, new List {
new SelectListItem { Text="Male", Value="M" },
new SelectListItem { Text="Female", Value="F" }
}, new { @class = "form-control" })















}


@Html.ActionLink("Back to Main", "Index","Home")



The markup above is a strongly-type view. This strongly typed approach enables better compiletime checking of your code and richer IntelliSense in the Visual Studio editor. By including a
@model statement at the top of the view template file, you can specify the type of object that the
view expects. In this case it uses the MVC5RealWorld.Models.ViewModel.UserSignUpView.
If you also noticed, after adding the views, Visual Studio automatically structures the folders for
your Views. See the figure below for your reference:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

26
Figure 16: The newly added Views

Running the Application
Here are the following outputs when you run the page in the browser:
On initial load

Figure 17: Initial request

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

27

Page validation triggers

Figure 18: Page Validation

Supplying the required fields

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

28
Figure 19: Supplying the Required fields

And after successful registration

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

29
Figure 20: Successful registration

Creating the Login Page
In this section you will learn the following:



Creating a Login page that would validate and authenticate user using Forms
Authentication
Creating a custom role-based page authorization using custom Authorize filter

In this section, I will show how to create a simple Login page by implementing a custom
authentication and role-based page authorization without using ASP.NET Membership or
ASP.NET Identity. If you want to build an app that allow users to login using their social media
accounts like Facebook, Twitter, Google Plus, etc. then you may want explore on ASP.NET
Identity instead.
Before we get our hands dirty let’s talk about a bit of security in general.
Forms Authentication Overview
Security is an integral part of any Web-based application. Majority of the web sites nowadays
heavily relies on authentication and authorization for securing their application. You can think of
a web site as somewhat analogous to a company office where an office is open for people like
applicants or messenger to come, but there are certain parts of the facility, such as workstations
and conference rooms, that are accessible only to people with certain credentials, such as
employees. An example is when you build a shopping cart application that accepts users’ credit
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

30

card information for payment purposes and stores them to your database; ASP.NET helps protect
your database from public access by providing authentication and authorization mechanism.
Forms authentication lets you authenticate users by using your own code and then maintain an
authentication token in a cookie or in the page URL. To use forms authentication, you create a
login page that collect credentials from the user and that includes code to authenticate the
credentials. Typically you configure the application to redirect requests to the login page when
users try to access a protected resource, such as a page that requires authentication. If the user's
credentials are valid, you can call the method of the FormsAuthentication class to redirect the
request back to the originally requested resource with an appropriate authentication ticket
(cookie).
Let’s get our hands dirty!
As a recap, here's the previous project structure below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

31
Figure 21: The Project structure

Enabling Forms Authentication
The very first thing you do to allow forms authentication in your application is to configure
FormsAuthentication which manages forms authentication services to your web application. The
default authentication mode for ASP.NET is “windows”. To enable forms authentication, add
the  and  elements under  element in your web.config
like:



©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

32



Setting the loginUrl enables the application to determine where to redirect an un-authenticated
user who attempts to access a secured page. The defaultUrl redirects users to the specified page
after they have successfully logging-in into the web site.
Adding the UserLoginView Model
Let's go ahead and create a View Model class for our Login page by adding the following code
below within the “UserModel” class:
public class UserLoginView
{
[Key]
public int SYSUserID { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Login ID")]
public string LoginName { get; set; }
[Required(ErrorMessage = "*")]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
}

The fields defined above will be used in our Login page. You may also notice that the fields are
decorated with Required, Display and DataType attributes. Again these attributes are called Data
Annotations. Adding these attributes will allow you to do pre-validation on the model. For
example the LoginName and Password field should not be empty.
Adding the GetUserPassword() Method
Add the following code below under “UserManager.cs” class:
public string GetUserPassword(string loginName) {
using (DemoDBEntities db = new DemoDBEntities()) {
var user = db.SYSUsers.Where(o =>
o.LoginName.ToLower().Equals(loginName));
if (user.Any())
return user.FirstOrDefault().PasswordEncryptedText;
else
return string.Empty;
}
}

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

33

As the method name suggests, it gets the corresponding password from the database for a
particular user using LINQ query.
Adding the Login Action Method
Add the following code below under “AccountController” class:
public ActionResult LogIn() {
return View();
}
[HttpPost]
public ActionResult LogIn(UserLoginView ULV, string returnUrl) {
if (ModelState.IsValid) {
UserManager UM = new UserManager();
string password = UM.GetUserPassword(ULV.LoginName);
if (string.IsNullOrEmpty(password))
ModelState.AddModelError("", "The user login or password provided is
incorrect.");
else {
if (ULV.Password.Equals(password)) {
FormsAuthentication.SetAuthCookie(ULV.LoginName, false);
return RedirectToAction("Welcome", "Home");
}
else {
ModelState.AddModelError("", "The password provided is
incorrect.");
}
}
}
// If we got this far, something failed, redisplay form
return View(ULV);
}

There are two methods above with the same name. The first one is the "Login" method that
simply returns the LogIn.cshtml view. We will create this view in the next step. The second one
also named as "Login" but it is decorated with the "[HttpPost]" attribute. If you still remember
from previous section, this attribute specifies an overload of the "Login" method that can be
invoked for POST requests only.
The second method will be triggered once the Button "LogIn" is clicked. What it does is, first it
will check if the required fields are supplied so it checks for ModelState.IsValid condition. It will
then create an instance of the UserManager class and call the GetUserPassword() method by
passing the user LoginName value supplied by the user. If the password returns an empty string
then it will display an error to the View. If the password supplied is equal to the password
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

34

retrieved from the database then it will redirect the user to the Welcome page, otherwise displays
an error stating that the login name or password supplied was invalid.
Adding the Login View
Before adding the view, make sure to build your application first to ensure that the application is
error free. After a successful build, navigate to “AccountController” class and right click on the
Login Action method and then select “Add View”. This will bring up the following dialog
below:

Figure 22: Add View dialog

Take note of the values supplied for each field above. Now click on “Add” to let Visual Studio
scaffolds the UI for you. Here’s the modified HTML markup below:
@model MVC5RealWorld.Models.ViewModel.UserLoginView
@{
ViewBag.Title = "LogIn";
Layout = "~/Views/Shared/_Layout.cshtml";
}

LogIn

@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

35




@Html.ValidationSummary(true, "", new { @class = "text-danger" })


@Html.LabelFor(model => model.LoginName, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.EditorFor(model => model.LoginName, new { htmlAttributes = new {
@class = "form-control" } })
@Html.ValidationMessageFor(model => model.LoginName, "", new { @class =
"text-danger" })






@Html.LabelFor(model => model.Password, htmlAttributes: new { @class =
"control-label col-md-2" })


@Html.EditorFor(model => model.Password, new { htmlAttributes = new {
@class = "form-control" } })
@Html.ValidationMessageFor(model => model.Password, "", new { @class =
"text-danger" })















}


@Html.ActionLink("Back to Main", "Index", "Home")



Implementing the Logout Functionality

The logout code is pretty much easy. Just add the following method below within the
“AccountController “class.
[Authorize]
public ActionResult SignOut() {
FormsAuthentication.SignOut();
return RedirectToAction("Index", "Home");
}

The FormsAuthentication.SignOut method removes the forms-authentication ticket from the
browser. We then redirect user to Index page after signing out.
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

36

Here’s the corresponding action link for the Logout that you can add within your Home page:
@Html.ActionLink("Signout","SignOut","Account")

Running the Application
Now try to navigate to this URL: http://localhost:15599/Account/LogIn. It should display
something like these:
When validation triggers

Figure 23: Validation triggers
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

37

After successful Logging-in

Figure 24: Successful logging-in

After logging out

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

38
Figure 25: After Logging-out

That simple! Now let’s take a look at how we are going to implement a simple role-based page
authorization.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

39

Implementing a Simple Role-Based Page Authorization
Authorization is a function that specifies access rights to a certain resource or page. One practical
example is having a page that only a certain user role can have access to it. For example, only
allow administrator to access the maintenance page for your application. In this section we will
create a simple implementation on how to achieve that.
Creating the IsUserInRole() Method
Add the following code below at “UserManager” class:
public bool IsUserInRole(string loginName, string roleName) {
using (DemoDBEntities db = new DemoDBEntities()) {
SYSUser SU = db.SYSUsers.Where(o =>
o.LoginName.ToLower().Equals(loginName))?.FirstOrDefault();
if (SU != null) {
var roles = from q in db.SYSUserRoles
join r in db.LOOKUPRoles on q.LOOKUPRoleID equals
r.LOOKUPRoleID
where r.RoleName.Equals(roleName) &&
q.SYSUserID.Equals(SU.SYSUserID)
select r.RoleName;
if (roles != null) {
return roles.Any();
}
}
return false;
}
}

The method above takes the loginName and roleName as parameters. What it does is it checks
for the existing records in the “SYSUser” table and then validates if the corresponding user has
roles assigned to it.
Creating a Custom Authorization Attribute Filter
If you remember we are using the [Authorize] attribute to restrict anonymous users from
accessing a certain action method. The [Authorize] attribute provides filters for users and roles
and it’s fairly easy to implement it if you are using membership provider. Since we are using our
own database for storing users and roles then we need to implement our own authorization filter
by extending the AuthorizeAttribute class.
AuthorizeAttribute specifies that access to a controller or action method is restricted to users
who meet the authorization requirement. Our goal here to allow page authorization based on user
roles and nothing else. If you want to implement custom filters to do certain task and value
separation of concerns then you may want to look at IAutenticationFilter instead.
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

40

To start, add a new folder and name it as “Security”. Then add the “AuthorizeRoleAttribute”
class. Here’s a screen shot of the structure below:

Figure 26: The AuthorizeRoleAttribute class location

Here’s the code block for our custom filter:
using
using
using
using

System.Web;
System.Web.Mvc;
MVC5RealWorld.Models.DB;
MVC5RealWorld.Models.EntityManager;

namespace MVC5RealWorld.Security
{
public class AuthorizeRolesAttribute : AuthorizeAttribute
{
private readonly string[] userAssignedRoles;
public AuthorizeRolesAttribute(params string[] roles) {
this.userAssignedRoles = roles;
}
protected override bool AuthorizeCore(HttpContextBase httpContext) {
bool authorize = false;
using (DemoDBEntities db = new DemoDBEntities()) {
UserManager UM = new UserManager();
foreach (var roles in userAssignedRoles) {
authorize = UM.IsUserInRole(httpContext.User.Identity.Name, roles);
if (authorize)
return authorize;
}
}
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

41
return authorize;
}
protected override void HandleUnauthorizedRequest(AuthorizationContext
filterContext) {
filterContext.Result = new RedirectResult("~/Home/UnAuthorized");
}
}
}

There are two main methods in the class above that we have overridden. The AuthorizeCore()
method is the entry point for the authentication check. This is where we check the roles assigned
for a certain users and returns the result if the user is allowed to access a page or not. The
HandleUnuathorizedRequest() is a method in which we redirect un-authorized users to a
certain page.
Adding the AdminOnly and UnAuthorized page
Now switch back to “HomeController” and add the following code:
[AuthorizeRoles("Admin")]
public ActionResult AdminOnly() {
return View();
}
public ActionResult UnAuthorized() {
return View();

}
If you notice we decorated the AdminOnly action with our custom authorization filter by
passing the value of “Admin” as the role name. This means that only allow admin users to access
the “AdminOnly” page. To support multiple role access, just add another role name by
separating it with comma for example [AuthorizeRoles(“Admin”,”Manager”)]. Note that the
value of “Admin” and “Manager” should match with the role names from your database for it to
work. And finally, make sure to reference the namespace below before using the AuthorizeRoles
attribute:
using MVC5RealWorld.Security;

Here’s the AdminOnly.cshtml view:
@{
ViewBag.Title = "AdminOnly";
Layout = "~/Views/Shared/_Layout.cshtml";
}

For Admin users only!


And here’s the UnAuthorized.cshtml view:
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

42
@{
ViewBag.Title = "UnAuthorized";
Layout = "~/Views/Shared/_Layout.cshtml";
}

Unauthorized Access!


Oops! You don't have permission to access this page.



@Html.ActionLink("Back to Main", "Welcome", "Home")



Adding Test Roles Data
Before we test the functionality lets add an admin user to the database first. For this demo I have
inserted the following data to the database:
INSERT INTO SYSUser (LoginName,PasswordEncryptedText, RowCreatedSYSUserID,
RowModifiedSYSUserID)
VALUES ('Admin','Admin',1,1)
GO
INSERT INTO SYSUserProfile (SYSUserID,FirstName,LastName,Gender,RowCreatedSYSUserID,
RowModifiedSYSUserID)
VALUES (2,'Vinz','Durano','M',1,1)
GO
INSERT INTO SYSUserRole (SYSUserID,LOOKUPRoleID,IsActive,RowCreatedSYSUserID,
RowModifiedSYSUserID)
VALUES (2,1,1,1,1)

Okay now we have some data to test and we are ready to run the application.
Running the Application
Here are some of the screenshots captured during my test:
When logging in as normal user and accessing the following URL:
http://localhost:15599/Home/AdminOnly

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

43
Figure 27: Unauthorized access

When logging in as an Admin user and accessing the following URL:
http://localhost:15599/Home/AdminOnly

Figure 28: Admin page

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

44

Implementing Fetch, Edit, Update and Delete Operations
In previous sections you’ve learned about creating a simple database from scratch using MS SQL
Server, a brief overview about ASP.NET MVC in general, creating a data access using Entity
Framework database first approach and a simple implementation of a Signup page in ASP.NET
MVC . You’ve also learned the step-by-step process on creating a basic login page and creating a
simple role-based page authorization within your ASP.NET MVC application.
In this section, I’m going to walk you through about how to perform Fetch, Edit, Update and
Delete (FEUD) operations in our application. The idea is to create a maintenance page where
admin users can modify user profiles. There are many possible ways to implement FEUD
operations in you MVC app depending on your business needs. For this particular demo, I’m
going to use jQuery and jQuery AJAX to perform asynchronous operation in our page.
Let’s get started!
Fetching and Displaying the Data
For this example, I’m going to create a PartialView for displaying the list of users from the
database. Partial Views allow you to define a view that will be rendered inside a main view. If
you are using WebForms before then you can think of partial views as user-controls (.ascx).
Adding the View Models
The first thing we need is to create view models for our view. Add the following code below
within “UserModel.cs” class:
public class UserProfileView
{
[Key]
public int SYSUserID { get; set; }
public int LOOKUPRoleID { get; set; }
public string RoleName { get; set; }
public bool? IsRoleActive { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Login ID")]
public string LoginName { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Password")]
public string Password { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "First Name")]
public string FirstName { get; set; }
[Required(ErrorMessage = "*")]
[Display(Name = "Last Name")]
public string LastName { get; set; }
public string Gender { get; set; }
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

45
}
public class LOOKUPAvailableRole
{
[Key]
public int LOOKUPRoleID { get; set; }
public string RoleName { get; set; }
public string RoleDescription { get; set; }
}
public class Gender
{
public string Text { get; set; }
public string Value { get; set; }
}
public class UserRoles
{
public int? SelectedRoleID { get; set; }
public IEnumerable UserRoleList { get; set; }
}
public class UserGender
{
public string SelectedGender { get; set; }
public IEnumerable Gender { get; set; }
}
public class UserDataView
{
public IEnumerable UserProfile { get; set; }
public UserRoles UserRoles { get; set; }
public UserGender UserGender { get; set; }
}

If you still remember, View Model is a model that houses some properties that we only need for
the view or page.
Now Open “UserManager” class and declare the namespace below:
using System.Collections.Generic;

The namespace above contain interfaces and classes that define generic collections, which allow
us to create strongly-typed collections. Now add the following code below in “UserManager”
class:
public List GetAllRoles() {
using (DemoDBEntities db = new DemoDBEntities()) {
var roles = db.LOOKUPRoles.Select(o => new LOOKUPAvailableRole {
LOOKUPRoleID = o.LOOKUPRoleID,
RoleName = o.RoleName,
RoleDescription = o.RoleDescription
}).ToList();
return roles;
}
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

46
}
public int GetUserID(string loginName) {
using (DemoDBEntities db = new DemoDBEntities()) {
var user = db.SYSUsers.Where(o => o.LoginName.Equals(loginName));
if (user.Any())
return user.FirstOrDefault().SYSUserID;
}
return 0;
}
public List GetAllUserProfiles() {
List profiles = new List();
using(DemoDBEntities db = new DemoDBEntities()) {
UserProfileView UPV;
var users = db.SYSUsers.ToList();
foreach(SYSUser u in db.SYSUsers) {
UPV = new UserProfileView();
UPV.SYSUserID = u.SYSUserID;
UPV.LoginName = u.LoginName;
UPV.Password = u.PasswordEncryptedText;
var SUP = db.SYSUserProfiles.Find(u.SYSUserID);
if(SUP != null) {
UPV.FirstName = SUP.FirstName;
UPV.LastName = SUP.LastName;
UPV.Gender = SUP.Gender;
}
var SUR = db.SYSUserRoles.Where(o =>
o.SYSUserID.Equals(u.SYSUserID));
if (SUR.Any()) {
var userRole = SUR.FirstOrDefault();
UPV.LOOKUPRoleID = userRole.LOOKUPRoleID;
UPV.RoleName = userRole.LOOKUPRole.RoleName;
UPV.IsRoleActive = userRole.IsActive;
}
profiles.Add(UPV);
}
}
return profiles;
}
public UserDataView GetUserDataView(string loginName) {
UserDataView UDV = new UserDataView();
List profiles = GetAllUserProfiles();
List roles = GetAllRoles();
int? userAssignedRoleID = 0, userID = 0;
string userGender = string.Empty;
userID = GetUserID(loginName);
using (DemoDBEntities db = new DemoDBEntities()) {
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

47
userAssignedRoleID = db.SYSUserRoles.Where(o => o.SYSUserID ==
userID)?.FirstOrDefault().LOOKUPRoleID;
userGender = db.SYSUserProfiles.Where(o => o.SYSUserID ==
userID)?.FirstOrDefault().Gender;
}
List genders = new List();
genders.Add(new Gender { Text = "Male", Value = "M" });
genders.Add(new Gender { Text = "Female", Value = "F" });
UDV.UserProfile = profiles;
UDV.UserRoles = new UserRoles { SelectedRoleID = userAssignedRoleID,
UserRoleList = roles };
UDV.UserGender = new UserGender { SelectedGender = userGender, Gender =
genders };
return UDV;
}

The methods shown from the code above is pretty much self-explanatory as their method names
suggest. The main method there is the GetUserDataView () which gets all user profiles and
roles. The UserRoles and UserGender properties will be used during editing and updating of
user data. We will use those values to populate the dropdown lists for roles and gender.
Adding the ManageUserPartial Action Method
Open “HomeController.cs” class and add the following namespaces below:
using System.Web.Security;
using MVC5RealWorld.Models.ViewModel;
using MVC5RealWorld.Models.EntityManager;

And then add the following action method below:
[AuthorizeRoles("Admin")]
public ActionResult ManageUserPartial() {
if (User.Identity.IsAuthenticated) {
string loginName = User.Identity.Name;
UserManager UM = new UserManager();
UserDataView UDV = UM.GetUserDataView(loginName);
return PartialView(UDV);
}
return View();
}

The code above is decorated with the custom Authorize attribute so that only admin users can
invoke that method. What it does is it calls the GetUserDataView() method by passing in the
loginName as the parameter and return the result in the Partial View.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

48

Adding the ManageUserPartial Partial View
Now let’s create the Partial View. Right click on the “ManageUserPartial” method and select
“Add New” view. This will bring up the following dialog:

Figure 29: Admin page

Since we are going to create a custom view for managing the users then just select an “Empty”
template and make sure to tick the “Create as a partial view” option. Click “Add” and then
copy the following HTML markup below:
@model MVC5RealWorld.Models.ViewModel.UserDataView



List of Users

@ViewBag.Message

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

49

@foreach (var i in Model.UserProfile) {

}





ID
Login ID
Password
First Name
Last Name
GenderRole







 @Html.DisplayFor(m => i.SYSUserID)
 @Html.DisplayFor(m => i.LoginName)
 @Html.DisplayFor(m => i.Password)
 @Html.DisplayFor(m => i.FirstName)
 @Html.DisplayFor(m => i.LastName)
 @Html.DisplayFor(m => i.Gender)
 @Html.DisplayFor(m => i.RoleName)
 @Html.HiddenFor(m => i.LOOKUPRoleID)
Edit
Delete







The markup above is a strongly-typed View which renders the UserDataView model. By
specifying the type of data, you can get access to data associated within the model instead of
using the general ViewData/ViewBag structure and most importantly able to use IntelliSense
feature in Visual Studio.
Now open the “AdminOnly.cshtml” view and add the following markup:


@Html.Action("ManageUserPartial", "Home");



Running the Application
Now try to login to your web page then navigate to: http://localhost:15599/Home/AdminOnly . The
output should look something like this:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

50
Figure 29: List of Users

Pretty much easy right?  Now let’s move to the next step.
Editing and Updating the Data
Since we are going to use jQueryUI for presenting a dialog box for the user to edit the data, then
we need to add a reference to it first. To do that, just right click on your project and then select
“Manage Nuget Packages”. In the search box type in “jquery” and select “jQuery.UI.Combined”
as shown in the image below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

51
Figure 30: Adding jQuery as NuGet package

Once installed the jQueryUI library should be added in your project under the “Scripts” folder:

Figure 31: The jQuery and jQueryUI scripts
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

52

Now go to Views > Shared >_Layout.cshtml and add the jQueryUI reference in the following
order:



The jQueryUI should be referenced after jQuery library since jQueryUI uses the core jQuery
library under the hood.
Now add the jQueryUI CSS reference:


Your _Layout.cshtml markup should look something like below with the added references to
jQuery and jQueryUI:





@ViewBag.Title - My ASP.NET Application















@Html.ActionLink("Application name", "Index", "Home", new { area = "" },
new { @class = "navbar-brand" })





    










@RenderBody()
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

53





© @DateTime.Now.Year - My ASP.NET Application










Adding the UpdateUserAccount() Method
Keep in mind that this demo is intended to make an app as simple as possible. In complex real-scenarios
I would strongly suggest you to use a Repository pattern and Unit-of-Work for your data access layer.
Add the following code below within “UserManager.cs” class:
public void UpdateUserAccount(UserProfileView user) {
using (DemoDBEntities db = new DemoDBEntities()) {
using (var dbContextTransaction = db.Database.BeginTransaction()) {
try {
SYSUser SU = db.SYSUsers.Find(user.SYSUserID);
SU.LoginName = user.LoginName;
SU.PasswordEncryptedText = user.Password;
SU.RowCreatedSYSUserID = user.SYSUserID;
SU.RowModifiedSYSUserID = user.SYSUserID;
SU.RowCreatedDateTime = DateTime.Now;
SU.RowMOdifiedDateTime = DateTime.Now;
db.SaveChanges();
var userProfile = db.SYSUserProfiles.Where(o => o.SYSUserID == user.SYSUserID);
if (userProfile.Any()) {
SYSUserProfile SUP = userProfile.FirstOrDefault();
SUP.SYSUserID = SU.SYSUserID;
SUP.FirstName = user.FirstName;
SUP.LastName = user.LastName;
SUP.Gender = user.Gender;
SUP.RowCreatedSYSUserID = user.SYSUserID;
SUP.RowModifiedSYSUserID = user.SYSUserID;
SUP.RowCreatedDateTime = DateTime.Now;
SUP.RowModifiedDateTime = DateTime.Now;
db.SaveChanges();
}
if (user.LOOKUPRoleID > 0) {
var userRole = db.SYSUserRoles.Where(o => o.SYSUserID == user.SYSUserID);
SYSUserRole SUR = null;
if (userRole.Any()) {
SUR = userRole.FirstOrDefault();
SUR.LOOKUPRoleID = user.LOOKUPRoleID;
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

54
SUR.SYSUserID = user.SYSUserID;
SUR.IsActive = true;
SUR.RowCreatedSYSUserID = user.SYSUserID;
SUR.RowModifiedSYSUserID = user.SYSUserID;
SUR.RowCreatedDateTime = DateTime.Now;
SUR.RowModifiedDateTime = DateTime.Now;
}
else {
SUR = new SYSUserRole();
SUR.LOOKUPRoleID = user.LOOKUPRoleID;
SUR.SYSUserID = user.SYSUserID;
SUR.IsActive = true;
SUR.RowCreatedSYSUserID = user.SYSUserID;
SUR.RowModifiedSYSUserID = user.SYSUserID;
SUR.RowCreatedDateTime = DateTime.Now;
SUR.RowModifiedDateTime = DateTime.Now;
db.SYSUserRoles.Add(SUR);
}
db.SaveChanges();
}
dbContextTransaction.Commit();
}
catch {
dbContextTransaction.Rollback();
}
}
}
}

The method above takes UserProfileView object as the parameter. This parameter object is
coming from a strongly-typed View. What it does is it first issues a query to the database using
the LINQ syntax to get the specific user data by passing the SYSUserID. It then updates the
SYSUser object with the corresponding data from the UserProfileView object. The second
query gets the associated SYSUserProfiles data and then updates the corresponding values.
After that it then looks for the associated LOOKUPRoleID for a certain user. If the user doesn’t
have role assigned to it then it adds a new record to the database otherwise just update the table.
If you also noticed, I used a simple transaction within that method. This is because the tables
SYSUser, SYSUserProfile and SYSUserRole have dependencies to each other and we need to
make sure that we only commit changes to the database if the operation for each table is
successful. The Database.BeginTransaction() is only available in EF 6 onwards.
Adding the UpdateUserData Action Method
Add the following code within “HomeController” class:
[AuthorizeRoles("Admin")]
public ActionResult UpdateUserData(int userID, string loginName, string password,
string firstName, string lastName, string gender, int roleID = 0) {
UserProfileView UPV = new UserProfileView();
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

55
UPV.SYSUserID = userID;
UPV.LoginName = loginName;
UPV.Password = password;
UPV.FirstName = firstName;
UPV.LastName = lastName;
UPV.Gender = gender;
if (roleID > 0)
UPV.LOOKUPRoleID = roleID;
UserManager UM = new UserManager();
UM.UpdateUserAccount(UPV);
return Json(new { success = true });
}

The method above is responsible for collecting data that is sent from the View for update. It then
calls the method UpdateUserAccount() and pass the UserProfileView model view as the
parameter. The UpdateUserData method will be called through an AJAX request.
Modifying the UserManagePartial View
Add the following HTML markup within “UserManagePartial.cshtml”:


Integrating jQuery and jQuery AJAX
Before we go to the implementation it’s important to know what these technologies are.
jQuery is a light weight and feature-rich JavaScript library that enable DOM manipulation, even
handling, animation and Ajax much simpler with powerful API that works across all major
browsers.
jQueryUI provides a set of UI interactions, effects, widgets and themes built on top of the
jQuery library.
jQuery AJAX enables you to use functions and methods to communicate with your data from
the server and loads your data to the client/browser.
Now switch back to “UserManagePartial” View and add the following script block at the very
bottom:


The initDialog initializes the jQueryUI dialog by customizing the dialog. We customized it by
adding our own Save and Cancel button for us to write custom code implementation for each
event. In the Save function we extracted each values from the edit form and pass these values to
the UpdateUser() JavaScript function.
The UpdateUser() function issues an AJAX request using jQuery AJAX. The "type" parameter
indicates what form method the request requires, in this case we set the type as "POST". The
"url" is the path to the controller's method which we created in previous step. Note that the value
of “url” can be a web service, web API or anything that host your data. The "data" is where we
assign values to the method that requires parameter. If your method in the server doesn't require
any parameter then you can leave this as empty using the value "{}". The "success" function is
usually used when you do certain process if the request succeeds. In this case we load the Partial
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

58

View to reflect the changes on the View after we update the data. Keep in mind that we are
passing a new parameter to the "ManageUserPartial" action that indicates the status of the
request.
The last function is where we open the dialog when the user clicks on the "edit" link from the
grid. This is also where we extract the data from the grid using jQuery selectors and populate the
dialog fields with the extracted data.
Modifying the UserManagePartial Action Method
If you remember, we’ve added the new parameter “status” to the “UserManagePartial“method in
our AJAX request so we need to update the method signature to accept a parameter. The new
method should now look something like this:
[AuthorizeRoles("Admin")]
public ActionResult ManageUserPartial(string status = "") {
if (User.Identity.IsAuthenticated) {
string loginName = User.Identity.Name;
UserManager UM = new UserManager();
UserDataView UDV = UM.GetUserDataView(loginName);
string message = string.Empty;
if (status.Equals("update"))
message = "Update Successful";
else if (status.Equals("delete"))
message = "Delete Successful";
ViewBag.Message = message;
return PartialView(UDV);
}
return RedirectToAction("Index", "Home");

}
Displaying the Status Result
If you notice we are creating a message string based on a certain operation and store the result in
ViewBag . This is to let user see if a certain operation succeeds. Now add the following markup
below within “ManageUserPartial” view:
@ViewBag.Message

Running the Application
Here are the outputs below:
After clicking the edit dialog
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

59
Figure 32: Editing the data

Editing the data

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

60
Figure 33: Modifying the data

After updating the data

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

61
Figure 34: Update successful

If you’ve made it this far then congratulations, you’re now ready for the next step. Now down to
the last part of this series. 
Deleting Data
Adding the DeleteUser() Method
Add the following method in “UserManager” class:
public void DeleteUser(int userID) {
using (DemoDBEntities db = new DemoDBEntities()) {
using (var dbContextTransaction = db.Database.BeginTransaction()) {
try {
var SUR = db.SYSUserRoles.Where(o => o.SYSUserID == userID);
if (SUR.Any()) {
db.SYSUserRoles.Remove(SUR.FirstOrDefault());
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

62
db.SaveChanges();
}
var SUP = db.SYSUserProfiles.Where(o => o.SYSUserID == userID);
if (SUP.Any()) {
db.SYSUserProfiles.Remove(SUP.FirstOrDefault());
db.SaveChanges();
}
var SU = db.SYSUsers.Where(o => o.SYSUserID == userID);
if (SU.Any()) {
db.SYSUsers.Remove(SU.FirstOrDefault());
db.SaveChanges();
}
dbContextTransaction.Commit();
}
catch {
dbContextTransaction.Rollback();
}
}
}

}
The method above deletes the record for a particular user in the SYSUserRole, SYSUserProfile
and SYSUser tables by passing the SYSUserID as the parameter.
Adding the DeleteUser() Action Method
Add the following code within “HomeController” class:
[AuthorizeRoles("Admin")]
public ActionResult DeleteUser(int userID) {
UserManager UM = new UserManager();
UM.DeleteUser(userID);
return Json(new { success = true });
}

Integrating jQuery and jQuery AJAX
Add the following script within the 

The HTML markup above is fairly simple and nothing really fancy about it. It just contains some
div elements, textarea and a button. I also applied few CSS style for the div and textbox
elements. Keep in mind that the look and feel doesn't really matter for this tutorial as we are
focusing mainly on the functionality itself.
Down to the JavaScript Functions
There are four (4) main JavaScript functions from the markup above. The first one is the
GetMessages() function. This function uses jQuery AJAX to issue an asynchronous post request
to the server to get all available messages from the database. If the AJAX call is successful then
we iterate to each items from the JSON response and call the GenerateHTML() function to
build up the UI with the result set. The GenerateHTML() function uses jQuery function to build
up the HTML and append the values to the existing div element. The FormatDateString()
funtion is a method that converts JSON date format to JavaScript date format and return our own
date format to the UI for the users to see. The Fetch() function calls the GetMessages() function
and handles the scroll position of the div. This means that we auto scroll to the bottom part of the
div element once there's a new message coming.
The $(function (){}) is the short-hand syntax for jQuery's document ready function which fires
once all DOM elements are loaded in the browser. This is where we register the onscroll event of
div and the “onclick” event of button using jQuery. In “onscroll” event we just set some values
to some global variables for future use. In onclick event we just issued an AJAX request to the
server to add new data to the database. When the DOM is ready we also call the GetMessages()
function to display all messages on initial load of the browser. You may also noticed there that I
have used the setInterval() function to automatically pull data from the server after every five
(5) seconds. So if other users from your web site send a message then it will automatically be
available for other users after 5 seconds cycle. This is the traditional way of using AJAX to pull
data from the server for a given period of time.
Wrapping Up
Add the following markup below in Index.cshtml file:

@Html.Action("ShoutBoxPartial", "Home")
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

78

Running the Application
Running the code should look something like this:

Figure 40: The ShoutBox

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

79

Deploying Your ASP.NET MVC 5 App to IIS8
Web Developers today build and test ASP.NET sites and applications using one of the two webservers:



The IIS Express that comes built-into Visual Studio
The IIS Web Server that comes built-into Windows

If you have noticed the URL displayed in the browser shows http://localhost:15599. The integer
value in the URL represents the port number used in IIS Express. IIS Express is the default web
server for web application projects in Visual Studio 2012 and higher versions. The default
internal web server in Visual Studio typically used to build and run your app during development
for you to test and debug codes. You can see the IIS Express configuration by right clicking on
the project and then by clicking on the “Web” tab. The figure below shows how it looks like:

Figure 41: Web Settings

You will use IIS Web Server when you want to test your web application using the server
environment that is closest to what the live site will run under, and it is practical for you to install
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

80

and work with IIS on your development computer. This section will walk you through on how to
host your ASP.NET MVC 5 web application in your local IIS Web Server.
Before deploying your app, verify that you have IIS installed in your machine. If you already
have IIS installed then you can skip this step otherwise if you don't then just follow through.
In this particular project I used Windows 8.1 as my Windows Operating System. If you are using
a different version of Windows OS then I'm sure there are plenty of resources from the web that
demonstrate the installation of IIS in your Windows machine.
Installing IIS8 on Windows 8.1
Open Control Panel and click on “Programs” as shown in the figure below:

Figure 42: Windows Control Panel

Then click on “Turn Windows features on or off” from the Programs and Features dialog and
select “Internet Information Services” from the list as shown in the figure below:
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

81
Figure 43: Windows Features dialog

Expand IIS and check/enable all components under “World Wide Web Services” > “Application
Development Features” as shown in the figure below.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

82
Figure 44: Windows Features dialog

Click “OK” to let Windows install the need files. Once installed you may now close the dialog.
Now open an internet browser and type-in “localhost” to verify that IIS was indeed installed. It
should bring up the following page below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

83
Figure 45: IIS page

Publishing from Visual Studio
If you’ve seen that in the browser then we are ready to deploy and host our app in IIS. Now
switch back to Visual Studio 2015 and then right click on your project, in this case
“MVC5RealWorld” and then select “Publish”. It should bring up the following dialog below:
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

84
Figure 46: Publish Web dialog

Select “Custom” from the options and enter a profile name for your host as shown in the figure
below:

Figure 47: New Custom Profile dialog

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

85

Click “OK” to bring up the following dialog below:

Figure 48: Publish Method

Now select “File System” as publish method and enter your preferred deployment location. In
my case I target it at this location “C:\Users\ProudMonkey\WebSite” in my local drive. See the
figure below for your reference:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

86
Figure 49: Publish Method

Click “Next” and then select “Release” as the configuration and check the “Delete all existing
files prior to publish” option to make sure that Visual Studio will generate fresh files once you
re-publish your app.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

87
Figure 50: Publishing

Click “Next” and it should take you to the next step where it will inform you that your web app
will be deployed to the location you supplied from the previous step. If you are sure about it then
just click “Publish” as shown in the figure below.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

88
Figure 51: Publishing

Visual Studio will compile and publish your app to the desired location. When it’s succeeded
then it show something like this in the output window.

Figure 52: Publish succeeded
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

89

Now browse the location to where you point your files to be published. In this example the file
was published in “C:\Users\ProudMonkey\WebSite” (it could a different location in your case).
To verify that the location is accessible in IIS then make sure that the folder containing the
published files is not “Read-Only”. You can verify it by right-clicking on the folder and see the
read-only option. Make sure it is unchecked.
We’re Not Done Yet!
Converting Your App to Web Application
Yup, we’re not done yet. The last step is to configure IIS to convert your app as a web
application. To do this open IIS Manager or simply type “inetmgr” in Windows 8 search box. It
should bring up the following window below:

Figure 53: IIS Manager

Expand the “Sites” folder and then right click on the “Default Web Site” and select “Add
Virtual Directory”. You should be able to see the following dialog below.
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

90
Figure 54: Add Virtual Directory

Enter an alias name and then browse the location where you publish the source files for your web
app. In this case “C:\Users\ProudMonkey\WebSite”. Now click “OK”. The “MVC5Demo”
folder should be added under “Default Web Site”.
Now right click on “MVC5Demo” folder and select “Convert to Web Application”. It should
bring up the following dialog.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

91
Figure 55: Add Application

Click “OK” to convert your folder into a Web Application.
Enable File Sharing in IIS
Now to ensure that our virtual location to where we publish the web site is accessible to IIS then
we need to enable “Sharing” so IIS users can have access it. To do this, right-click on
“MVC5Demo” and select “Edit Permissions”. In the dialog click on the “Sharing” tab and click
the “Share” button. It should bring up the following dialog below.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

92
Figure 55: File Sharing

Add “Everyone” and click “Share” to add it to the list. You should now be able to see the
something like below after you’ve added the users.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

93
Figure 56: WebSite Properties

Now open up internet browser and try to access this URL:
http://localhost/MVC5Demo/Account/Login

It should show up the Login page just like in the figure below:

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

94
Figure 57: Hosted App in IIS

Now try to enter an account credentials and click “Login”. If you are seeing the following error
below, don’t panic! 

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

95
Figure 58: Cannot open database error

Configuring SQL Server Logins
Open SQL Express Management Studio as an “Administrator” and navigate to Security > Logins
> NT AUTHORITY\SYSTEM as shown in the figure below.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

96
Figure 59: Configuring Logins

Right click on “NT AUTHORITY\SYSTEM” and select Properties. Select “Server Roles” from
the left panel and make sure that “public” and “sysadmin” are checked as shown in the figure
below.

Figure 60: Login Properties
©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

97

Configuring Application Pool’s Identity
Now open IIS Manager. Select “Application Pools” and select “DefaultAppPool” from the list
since our app uses this default application pool. If you are using a different application pool for
your app then select that instead. On the left panel, select the link “Advance Settings” as shown
in the figure below.

Figure 61: AppPool Advance Settings

Make sure that you select “Local System” as the Identity from the Advance Settings dialog as
shown in the figure below.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

98
Figure 62: Advance Settings

Click “OK” and try to browse your page again using the same URL.
Running Your Application
You should now be able to connect to your database. Here are some screen shots of the page
hosted in IIS.
After logging-in

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

99
Figure 63: After Successful Login

After updating the database

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

100
Figure 64: After successful update to the database

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.

101

That’s it. You now have a web app hosted in IIS Web Server that is up and running. 
Summary
This book was targeted to beginners and to developers who are still confused on how to start
building an ASP.NET MVC 5 application from scratch. I’ve demonstrated the basics on creating
a database and how to perform basic CRUD operations in MVC5 using Entity Framework as the
data access mechanism. Along the way, I have shown how to integrate jQuery and jQueryUI to
perform client-side way of manipulating the data from the UI to the database. I have also shown
how to use jQuery AJAX to perform asynchronous operations and real-time update using the
ShoutBox as an example. Deploying an application to local IIS Web Server was also included in
the exercise.
The features demonstrated in this book are not full-blown and there are a lot of rooms for
improvement. What I’ve shown was just the basic and to guide you to get something working.
You can always enhance and add more features to it if you’d like to and apply the things that
wasn’t included in this book, for example enhancing the look and feel of the page or even extend
the database to support shopping cart. That’s just few of the examples that you can integrate.
I hope somehow you find this book useful.

©2016 C# CORNER.
SHARE THIS DOCUMENT AS IT IS. PLEASE DO NOT REPRODUCE, REPUBLISH, CHANGE OR COPY.
Source Exif Data: 
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : No
Page Count                      : 106
Language                        : en-US
Tagged PDF                      : Yes
Author                          : Windows User
Creator                         : Microsoft® Word 2010
Create Date                     : 2016:05:20 16:28:12+05:30
Modify Date                     : 2016:05:20 16:28:12+05:30
Producer                        : Microsoft® Word 2010
EXIF Metadata provided by EXIF.tools

Navigation menu