.net assignment

C# Tutorial

C# examples.

C# (C-Sharp) is a programming language developed by Microsoft that runs on the .NET Framework.

C# is used to develop web apps, desktop apps, mobile apps, games and much more.

Examples in Each Chapter

Our "Try it Yourself" editor makes it easy to learn C#. You can edit C# code and view the result in your browser.

Try it Yourself »

Click on the "Run example" button to see how it works.

We recommend reading this tutorial, in the sequence listed in the left menu.

C# Exercises

Test yourself with exercises.

Insert the missing part of the code below to output "Hello World!".

Start the Exercise

Advertisement

Learn by Examples

Learn by examples! This tutorial supplements all explanations with clarifying examples.

See All C# Examples

Learn by taking a quiz! The quiz will give you a signal of how much you know, or do not know, about C#.

Start C# Quiz

My Learning

Track your progress with the free "My Learning" program here at W3Schools.

Log in to your account, and start earning points!

This is an optional feature. You can study at W3Schools without using My Learning.

Kickstart your career

Get certified by completing the course

COLOR PICKER

Contact Sales

If you want to use W3Schools services as an educational institution, team or enterprise, send us an e-mail: [email protected]

Report Error

If you want to report an error, or if you want to make a suggestion, send us an e-mail: [email protected]

Top Tutorials

Top references, top examples, get certified.

ASP.NET Core Tutorials For Beginners and Professionals

Asp.net core tutorials.

In this ASP.NET Core Tutorials series, I will discuss all the basic, intermediate, and advanced   concepts of ASP.NET Core. These ASP.NET Core tutorials will help you to build rich data-driven web applications. At the end of this ASP.NET Core Tutorial series, you will be better positioned to develop different kinds of Real-time applications using EF Core, SQL Server Database, ASP.NET Core Identity, etc. You will learn ASP.NET Core basics , ASP.NET Core Razor Pages , ASP.NET Core MVC , Blazor , Entity Framework Core , and ASP.NET Core Web API . 

These ASP.NET Core Tutorials are for whom?

These  ASP.NET Core Tutorials are designed for Beginners and Professional Developers who want to learn ASP.NET Core step by step. We will provide a hands-on approach to the subject with step-by-step program examples that will assist you in learning and putting the acquired knowledge into practice.

ASP.NET Core (.NET):

ASP.NET Core (.NET) is a free, open-source, and cloud-optimized framework that can run on Windows, Linux, or macOS. It is the new version of ASP.NET. The framework was completely rewritten to be open-source, modular, and cross-platform.

ASP.NET Core:             -> Web Framework             -> Open-Source             -> Cross-Platform             -> Modular             -> Cloud Optimize             -> Runs on top of the .NET Core and .NET Framework

What is .NET Core?

.NET Core is the new version of the .NET Framework, a free, open-source, general-purpose development platform maintained by Microsoft. It was designed to build modern, high-performance, and scalable applications that could run on Windows, macOS, and Linux. .NET Core aimed to provide a unified platform for developing various applications, including web applications, desktop applications, microservices, and more.

.NET Core is written from scratch to be a modular, lightweight, fast, and cross-platform framework. It includes the core features required to run a basic .NET Core app. Other features are provided as NuGet Packages, which you can add to your application as needed. In this way, the .NET Core application speeds up performance, reduces the memory footprint, and becomes easy to maintain.

Why .NET Core Over .NET Framework?

There are some limitations to the .NET Framework. For example, it only runs on the Windows Platform. Also, you need to use different .NET APIs for different Windows devices such as Windows Desktop, Windows Store, Windows Phone, and Web Applications. The following are some of the reasons why you might choose .NET Core over .NET Framework for your application development:

• Cross-Platform Compatibility: .NET Core was designed from the ground up to be cross-platform, allowing you to develop applications that can run on Windows, macOS, and Linux. .NET Framework, on the other hand, was primarily Windows-centric. If you needed your application to work on non-Windows platforms, .NET Core was the better choice.
• Open Source: .NET Core was open source, meaning you can access the source code and contribute to its development. This allows you to customize the framework to suit your needs better. .NET Framework was not open source. If you need an Open Source framework for your application, then .NET Core is the winner here.
• Performance and Modernization: .NET Core was optimized for performance and suitable for modern application development. It included features like just-in-time (JIT) compilation, which improved runtime performance, and support for modern application patterns like microservices and containerization. .NET Framework was designed in an earlier era and lacked these features.
• Long-Term Support (LTS): .NET Core introduced the concept of LTS releases, which provided a stable and supported platform for an extended period. This was particularly important for enterprise applications that required long-term stability and security updates. Currently, Microsoft will not provide any new enhancements for the .NET Framework.

Note: Microsoft continued encouraging developers to migrate from .NET Framework to .NET Core and the subsequent .NET 5+ versions to take advantage of the benefits mentioned above. 

.NET Core Characteristics:

Open-Source Framework: .NET Core is an open-source framework maintained by Microsoft and available on GitHub under MIT and Apache 2 Licenses. You can view, download, or contribute to the source code using the following GitHub repositories: .NET Core Runtime: https://github.com/dotnet/runtime .NET Core SDK: https://github.com/dotnet/sdk ASP.NET Core: https://github.com/dotnet/aspnetcore Language Compiler Platform Roslyn: https://github.com/dotnet/roslyn

CLI Tools: .NET Core includes CLI tools (Command Line Interface) for development and continuous integration.

Flexible Deployment: .NET Core applications can be deployed user-wide or system-wide or with Docker Containers.

Compatibility: Compatible with .NET Framework and Mono APIs using .NET Standard Specification.

Developer(s): .NET Foundation Initial Release: .NET Core 1.0 – 27th June 2016 Stable Release: .NET 8 Preview Release: .NET 9 Repository: github.com/dotnet/core Written: C++ and C# Operating System: Windows, Linux, and macOS Type: Software Framework Website: dotnet.microsoft.com

.NET Core Versions:

A new major release of .NET is published every year in November, enabling developers, the community, and businesses to plan their roadmaps. Even numbered releases are LTS releases with free support and patches for three years. Odd-numbered releases are STS releases with free support and patches for 18 months.

.NET Core has evolved over various versions, with each version introducing new features, improvements, and changes. Here are some notable features introduced in each major version of .NET Core:

.NET Core 1.0 (Initial Release – June 2016):

• Initial release of .NET Core.
• Cross-platform support (Windows, macOS, and Linux).
• Introduction of the Command-Line Interface (CLI) tools.
• CoreCLR (Core Common Language Runtime), the cross-platform CLR.
• CoreFX, the foundational libraries.
• Support for ASP.NET Core for web applications.
• NuGet package manager for dependency management.

.NET Core 1.1 (November 2016):

• Performance improvements and bug fixes.
• Enhanced compatibility with .NET Framework libraries.
• More APIs were added to increase compatibility with the .NET Framework.
• Azure support enhancements.
• Entity Framework Core 1.1 included improvements and new features.

.NET Core 2.0 (August 2017):

• Introduction of .NET Standard 2.0 for uniform API specification.
• Enhanced tooling for Visual Studio.
• Major performance improvements.
• Expanded OS support and increased compatibility with .NET Framework.
• Visual Basic support was added.
• Introduction of Razor Pages in ASP.NET Core for page-based coding model.

.NET Core 2.1 (May 2018):

• Span<T> and Memory<T> for performance improvements in buffer management.
• Improved support for Linux containers.
• SignalR for real-time web functionality.
• Improved build performance and runtime compilation.
• Global tools for extending the CLI.
• GDPR compliance features in ASP.NET Core.

.NET Core 2.2 (December 2018):

• HTTP/2 support in ASP.NET Core.
• Improved gRPC support.
• Enhanced diagnostic tools.
• Health Checks API for application health monitoring.
• Improved HTTP request routing.
• A new JIT compiler, a tiered compilation, which improves startup time.

.NET Core 3.0 (September 2019):

• Support for Windows Desktop Applications (WPF and Windows Forms).
• Introduction of C# 8.0.
• Performance improvements across the board.
• Support for IoT and AI workloads.
• Introduction of gRPC in ASP.NET Core.

.NET Core 3.1 (December 2019):

• LTS (Long-Term Support) release.
• Focus on stability and bug fixes.
• Enhanced performance and support for cloud-native applications.
• Blazor Server is used to build interactive web UIs using C#.
• Improved performance for JSON serialization and deserialization.
• Improved support for Azure Functions and Azure App Service.

.NET 5 (November 2020):

• .NET Core and .NET Framework were merged into a unified platform called “.NET 5.”. Microsoft dropped the “Core” branding from .NET 5 onward to unify the .NET platforms.
• Support for ARM64 architecture.
• Improved support for containers and cloud-native development.
• Improved single-file applications.
• Better performance improvements, including garbage collection and System.Text.Json.
• C# 9.0 with records, pattern-matching enhancements, and top-level programs.
• F# 5.0 with interactive programming and a performance boost.
• Blazor WebAssembly for full-stack web development with .NET.

.NET 6 (November 2021):

• Introduction of MAUI (Multi-platform App UI) for cross-platform app development.
• Support for HTTP/3.
• Unified platform for all .NET code.
• Long-term support (LTS) release.
• C# 10 and F# 6 with new features and enhancements.
• Minimal API for simplified and clean API endpoints in ASP.NET Core.
• Blazor Desktop allows Blazor components to run in desktop apps.
• Hot reload capabilities for .NET apps across different application types.
• AOT compilation for improved startup and support for Apple Silicon (M1).

.NET 7 (November 2022)

• Performance Improvements
• Introduction of new language features in C# 11
• Minimal APIs enhancements
• SignalR improvements
• General Availability of .NET MAUI
• Container improvements
• Enhanced support for gRPC
• Integration with Azure AI and ML features
• Hot Reload improvements for .NET and Visual Studio
• Better support for Kubernetes

.NET 8 (November 2023)

• Performance Enhancements
• C# 12 Integration
• JSON Handling
• ASP.NET Core Improvements
• .NET MAUI Enhancements
• Cryptography and Security improvements
• AI and Machine Learning Enhanced support
• Extended Native AOT (Ahead-of-Time) Compilation

These are key features introduced in each version of .NET Core and the subsequent unified .NET platform. It’s important to note that the .NET ecosystem continues to evolve, with new features and improvements regularly added in subsequent versions beyond .NET 6.

.NET Core Composition:

The .NET Core Framework is composed of the following parts:

• CLI Tools: A set of tooling for development and deployment.
• Roslyn: .NET Compiler Platform.
• CoreFx: A Set of framework libraries.
• CoreCLR: A JIT-based CLR (Common Language Runtime). CoreCLR is the .NET execution engine in .NET Core, performing garbage collection and machine code compilation functions.

What Type of Application Can You Develop with ASP.NET Core?

• Web: ASP.NET Core MVC, Web API, Razor Pages, and Microservices
• Desktop Applications (Starting from 3.0)
• Gaming Applications
• Cloud Applications

Application Types: We will discuss the following as part of this course.

• ASP.NET Core with Razor Pages
• ASP.NET Core with MVC (ASP.NET Core MVC or Core MVC or MVC Core)
• ASP.NET Core with WEB API (ASP.NET Core Web API or Core Web API or Web API Core)
• ASP.NET Core with Angular (Single Page Application)
• ASP.NET Core with React JS (Single Page Application)
• ASP.NET Core with React JS & Redux (Single Page Application)

Note : If we missed any topics in this ASP.NET Core Course, please let us know by commenting in the Comment Box, and we promise that as soon as possible, we will publish articles on that topic. 

Lastly, your valuable feedback is essential and means a lot to us. So, if you have a few minutes, please let us know your thoughts and feedback on this ASP.NET Core course.

Course Information

Course instructor.

Author: Pranaya Rout Pranaya Rout is a Senior Technical Architect with more than 11 Years of Experience, Microsoft MVP, Author, YouTuber, and Blogger eager to learn new technologies. Pranaya Rout has published more than 3,000 articles in his 11-year career. Pranaya Rout has very good experience with Microsoft Technologies, Including C#, VB, ASP.NET MVC, ASP.NET Web API, EF, EF Core, ADO.NET, LINQ, SQL Server, MYSQL, Oracle, ASP.NET Core, Cloud Computing, Microservices, Design Patterns and still learning new technologies.

Online ASP.NET Core Training Program

Asp.net core online training program, asp.net core – introduction & environment setup, overview of microsoft web technologies, introduction to asp.net core framework, asp.net core environment setup, download and install visual studio 2022, download and install .net core sdk, download and install visual studio code, download and install sql server 2022, download and install ssms, download and install postman and fiddler, .net core vs .net framework code execution process, difference between .net core and .net framework, difference between web application and website, asp.net core basics, creating asp.net core web application using visual studio, asp.net core project file, asp.net core main method, asp.net core inprocess hosting, kestrel web server in asp.net core, asp.net core out of process hosting, asp.net core 3.1 main method, asp.net core launchsettings.json file, asp.net core startup class, asp.net core appsettings.json file, asp.net core middleware components, asp.net core request processing pipeline, wwwroot folder in asp.net core, static files middleware in asp.net core, configuring default page in asp.net core, developer exception page middleware in asp.net core, asp.net core command line interface, project templates in asp.net core application, asp.net core mvc – basic, introduction to asp.net core mvc framework, how to set up mvc in asp.net core, addcontroller vs addmvc vs addcontrollerswithviews vs addrazorpages, controllers in asp.net core mvc, models in asp.net core mvc, views in asp.net core mvc, asp.net core dependency injection, singleton vs scoped vs transient services in asp.net core, asp.net core mvc – data passing techniques, creating asp.net core application using mvc template, viewdata in asp.net core mvc, viewbag in asp.net core mvc, strongly typed view in asp.net core mvc, viewmodel in asp.net core mvc, tempdata in asp.net core mvc, post-redirect-get (prg) pattern example in asp.net core, asp.net core mvc – routing, routing in asp.net core mvc, custom routing in asp.net core mvc, custom route constraint in asp.net core mvc , attribute routing in asp.net core mvc, asp.net core attribute routing using tokens, attribute routing vs conventional routing in asp.net core, asp.net core mvc – views, layout view in asp.net core mvc, sections in layout view in asp.net core mvc, viewstart in asp.net core mvc, viewimports in asp.net core mvc, partial views in asp.net core mvc, different ways to render partial view in asp.net core mvc, view components in asp.net core mvc, razor view engine and razor syntax in asp.net core, how to install bootstrap in asp.net core mvc, how to use bootstrap in asp.net core mvc, asp.net core mvc – action results, action results in asp.net core mvc, view result in asp.net core mvc, partial view result in asp.net core mvc, json result in asp.net core mvc, content result in asp.net core mvc, file result in asp.net core mvc, redirect results in asp.net core mvc, status results in asp.net core mvc, object result in asp.net core mvc, emptyresult in asp.net core mvc, asp.net core mvc – html helpers, html helpers in asp.net core mvc, textbox html helper in asp.net core mvc, textarea html helper in asp.net core mvc, dropdownlist html helper in asp.net core mvc, radiobutton html helper in asp.net core mvc, check box html helper in asp.net core mvc, listbox html helper in asp.net core mvc, editor html helper in asp.net core mvc, password html helper in asp.net core mvc, hidden html helper in asp.net core mvc, custom html helper in asp.net core mvc , real-time examples of custom html helpers in asp.net core mvc, creating form using html helpers in asp.net core mvc, different ways to generate links in asp.net core mvc, asp.net core mvc – tag helpers, tag helpers in asp.net core mvc, image tag helper in asp.net core, environment tag helper in asp.net core mvc, navigation menus in asp.net core mvc, form tag helpers in asp.net core mvc, partial tag helper in asp.net core mvc, creating custom tag helper in asp.net core mvc, view component tag helper in asp.net core mvc, cache tag helper in asp.net core mvc, html helpers vs. tag helpers in asp.net core mvc, asp.net core mvc – model binding, model binding in asp.net core mvc, model binding using fromform in asp.net core mvc, model binding using fromquery in asp.net core mvc, model binding using fromroute in asp.net core mvc, model binding using fromheader in asp.net core mvc, model binding using frombody in asp.net core mvc, model binding in asp.net core mvc with complex type, custom model binding in asp.net core mvc, asp.net core mvc – data annotation validation, data annotations in asp.net core mvc, model validations in asp.net core mvc, data annotation attributes in asp.net core mvc, custom data annotation in asp.net core mvc, custom data annotation real-time examples in asp.net core mvc, remote validation in asp.net core mvc, blacklist and whitelist checks using data annotation in asp.net core mvc, displaying and formatting attributes in asp.net core mvc, bindnever and bindrequired attribute in asp.net core mvc, real-time examples of data annotations in asp.net core mvc, asp.net core mvc – fluent api validation, fluent api in asp.net core mvc, fluent api validation examples in asp.net core mvc, fluent api async validators in asp.net core mvc, fluent api custom validators in asp.net core mvc, real-time examples of fluent api validations in asp.net core mvc, data annotations vs. fluent api in asp.net core mvc, asp.net core mvc – state management, cookies in asp.net core mvc, how to encrypt cookies in asp.net core mvc, persistent vs non-persistent cookies in asp.net core mvc, sessions in asp.net core mvc, in-memory vs distributed sessions in asp.net core mvc, differences between cookies and sessions in asp.net core mvc, asp.net core – filters, filters in asp.net core mvc, exception filter in asp.net core mvc, handling non-success http status codes in asp.net core mvc, error pages based on status code in asp.net core mvc, result filters in asp.net core mvc, custom result filter in asp.net core mvc, response caching in asp.net core, authorization filters in asp.net core mvc, action filters in asp.net core mvc, typefilter vs servicefilter in asp.net core mvc, antiforgery token in asp.net core mvc, entity framework core, introduction to entity framework core, how to install entity framework core, dbcontext in entity framework core, database connection string in entity framework core, crud operations in entity framework core, entity states in entity framework core, linq to entities in entity framework core, eager loading in entity framework core, lazy loading in entity framework core, explicit loading in entity framework core, default conventions in entity framework core, data annotation attributes in entity framework core, table attribute in entity framework core, column attribute in entity framework core, key attribute in entity framework core, foreignkey attribute in entity framework core, index attribute in entity framework core, inverseproperty attribute in entity framework core, notmapped attribute in entity framework core, required attribute in entity framework core, maxlength and minlength attribute in entity framework core, databasegenerated attribute in entity framework core, timestamp attribute in entity framework core, concurrencycheck attribute in entity framework core, fluent api in entity framework core, relationships in entity framework core, one-to-one relationships in entity framework core, one-to-many relationships in entity framework core, many-to-many relationships in entity framework core, self-referencing relationship in entity framework core, entity configurations using entity framework core fluent api, primary key and composite primary key using entity framework core fluent api, property configuration using entity framework core fluent api, bulk operations in entity framework core, bulk operations using entity framework core extension, asynchronous programming with entity framework core, disconnected entities in entity framework core, disconnected entity graph in entity framework core, stored procedures in entity framework core, entity framework core inheritance, transactions in entity framework core, seed data in entity framework core, shadow properties in entity framework core, global query filters in entity framework core, entity framework core database first approach, asp.net core mvc using ef core, crud operations in asp.net core mvc using entity framework core, repository design pattern in asp.net core mvc using ef core, generic repository pattern in asp.net core mvc, using both generic and non-generic repository pattern in asp.net core mvc, unit of work pattern in asp.net core mvc using ef core, asp.net core mvc – file handling, how to upload file in asp.net core mvc, how to restrict uploaded file size in asp.net core mvc, how to restrict uploaded file type in asp.net core mvc, how to save uploaded file to database in asp.net core mvc, how to display images in asp.net core mvc, how to delete images in asp.net core mvc, how to upload multiple files in asp.net core mvc, how to export data to excel file in asp.net core mvc, how to import excel data to database in asp.net core mvc, how to generate pdf in asp.net core mvc, how to generate password protected pdf in asp.net core mvc, how to convert html to pdf in asp.net core mvc, how to send email with attachment in asp.net core mvc, asp.net core mvc – advanced, asp.net core mvc request life cycle, asp.net core mvc with ef core db first approach, bundling and minification in asp.net core mvc, bundling and minification in asp.net core using weboptimizer, how to host asp.net core web application into iis server, how to use ssl in local iis server, crud operation on a single page in asp.net core mvc, cascading dropdown list in asp.net core mvc, asp.net core razor pages application, interview questions and answers, top 100 entity framework core interview questions and answers, asp.net core basic interview questions and answers, asp.net core intermediate interview questions and answers, asp.net core experienced interview questions and answers, asp.net core mvc basic interview questions and answers, asp.net core mvc intermediate interview questions and answers, asp.net core mvc experienced interview questions and answers, asp.net core popular books, most recommended asp.net core books, most recommended entity framework core books, most recommended asp.net core mvc books, 24 thoughts on “asp.net core tutorials for beginners and professionals”.

Why I can’t browse the contents in this website any more? It does not show any Course Info and Navigation.

Thank you. Henry Regard

Hi Henry, Sorry for the inconvenience problem. You can check now.

It was such a great article.

Very helpful tutorial!

Are you planning to update this tutorial according to .NET Core 3.1 and Visual Studio 2019?

And complete the missing lessons such as Model Validating etc.?

Yes, We are going to update this tutorials according to .NET Core 3.1 and Visual Studio 2019

Sir, you are an amazing teacher! can’t describe in words!! Thank you very much for your help and looking forward for the rest of articles.

Can you update this article for asp.net core 3? This article is great and very useful

Yes. From very soon we will be update the articles to latest version as well as will add the next articles.

Sir I am waiting eagerly.

Hi, DOTNETTUTORIALS are great, very accurate and explain concepts in a manner that are very easy to understand. But, sir I found .net core course somewhat incomplete. For e.g concepts like validations, authentication, data annotations etc are not touched at all. Sir I would be really thankful if you could provide some more knowledge on .net core. As I am already addicted to the way you teach, so articles provided by you will really help. Thanks,

Hi we are planning to update the dot net core with latest version and we are currently working on the same

Can I apply Angular 2 for Front-end development for web pages?? Its because I want to create a web site that can store pictures from my users, but I also want it to be eyr-candy for users.

I’m always confused if I need to learn ASP.NET Core because I always understand that it serves only as a backend project usage.

Please do the tutorial for asp.net

Dear Sir, It is requested, Kindly do the tutorial for SharePoint Tutorials on-premise (on-prem) and Office 3659(online).

Respect sir, articles on this site are great, helped me a lot for the interview.

Please create Azure tutorials as well as today this is mandatory for dot net developer.

PLease add the following projects architecture and desription, it will add more value to the tutorial.

NET Core with Angular (Single Page Application) NET Core with React JS (Single Page Application) NET Core with React JS & Redux (Single Page Application)

Here all content is so useful and helpful for beginners and experienced both. This site is so amazing, This site gives good knowledge of Aspdot-net, This is very helpful for me.

It’s an awesome website for .NET DEVELOPERS.. One place to learn new technologies under .Net and to brush-up your skills for Interview preparation. Highly recommended for Microsoft .Net Developers

Thanks for your feedback.

wow this is such a good article

Your feedback means a lot to us. Keep learning and keep sharing your feedback.

I need a full tutorials(ASP.NET core web API). If there is a any possibility to buy a book.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Andrew Lock | .NET Escapades Andrew Lock

• ASP.NET Core

Preventing mass assignment or over posting in ASP.NET Core

Mass assignment, also known as over-posting, is an attack used on websites that involve some sort of model-binding to a request. It is used to set values on the server that a developer did not expect to be set. This is a well known attack now, and has been discussed many times before , (it was a famous attack used against GitHub some years ago ), but I wanted to go over some of the ways to prevent falling victim to it in your ASP.NET Core applications.

How does it work?

Mass assignment typically occurs during model binding as part of MVC. A simple example would be where you have a form on your website in which you are editing some data. You also have some properties on your model which are not editable as part of the form, but instead are used to control the display of the form, or may not be used at all.

For example, consider this simple model:

It has two properties, but we only actually going to allow the user to edit the Name property - the IsAdmin property is just used to control the markup they see:

So the idea here is that you only render a single input tag to the markup, but you post this to a method that uses the same model as you used for rendering:

This might seem OK - in the normal browser flow, a user can only edit the Name field. When they submit the form, only the Name field will be sent to the server. When model binding occurs on the model parameter, the IsAdmin field will be unset, and the Name will have the correct value:

However, with a simple bit of HTML manipulation, or by using Postman/Fiddler , a malicious user can set the IsAdmin field to true . The model binder will dutifully bind the value, and you have just fallen victim to mass assignment/over posting:

Defending against the attack

So how can you prevent this attack? Luckily there's a whole host of different ways, and they are generally the same as the approaches you could use in the previous version of ASP.NET. I'll run through a number of your options here.

1. Use BindAttribute on the action method

Seeing as the vulnerability is due to model binding, our first option is to use the BindAttribute :

The BindAttribute lets you whitelist only those properties which should be bound from the incoming request. In our case, we have specified just Name , so even if a user provides a value for IsAdmin , it will not be bound. This approach works, but is not particularly elegant, as it requires you specify all the properties that you want to bind.

2. Use [Editable] or [BindNever] on the model

Instead of applying binding directives in the action method, you could use DataAnnotations on the model instead. DataAnnotations are often used to provide additional metadata on a model for both generating appropriate markup and for validation.

For example, our UserModel might actually be already decorated with some data annotations for the Name property:

Notice that as well as the Name attributes, I have also added an EditableAttribute . This will be respected by the model binder when the post is made, so an attempt to post to IsAdmin will be ignored.

The problem with this one is that although applying the EditableAttribute to the IsAdmin produces the correct output, it may not be semantically correct in general. What if you can edit the IsAdmin property in some cases? Things can just get a little messy sometimes.

As pointed out by Hamid in the comments, the [BindNever] attribute is a better fit here. Using [BindNever] in place of [Editable(false)] will prevent binding without additional implications.

3. Use two different models

Instead of trying to retrofit safety to our models, often the better approach is conceptually a more simple one. That is to say that our binding/input model contains different data to our view/output model. Yes, they both have a Name property, but they are encapsulating different parts of the system so it could be argued they should be two different classes:

Here our BindingModel is the model actually provided to the action method during model binding, while the UserModel is the model used by the View during HTML generation:

Even if the IsAdmin property is posted, it will not be bound as there is no IsAdmin property on BindingModel . The obvious disadvantage to this simplistic approach is the duplication this brings, especially when it comes to the data annotations used for validation and input generation. Any time you need to, for example, update the max string length, you need to remember to do it in two different places.

This brings us on to a variant of this approach:

4. Use a base class

Where you have common properties like this, an obvious choice would be to make one of the models inherit from the other, like so:

This approach keeps your models safe from mass assignment attacks by using different models for model binding and for View generation. But compared to the previous approach, you keep your validation logic DRY .

There is also a variation of this approach which keeps your models completely separate, but allows you to avoid duplicating all your data annotation attributes by using the ModelMetadataTypeAttribute .

5. Use ModelMetadataTypeAttribute

The purpose of this attribute is to allow you defer all the data annotations and additional metadata about you model to a different class. If you want to keep your BindingModel and UserModel hierarchically distinct, but also son't want to duplicate all the [MaxLength(200)] attributes etc, you can use this approach:

Note that only the UserModel contains any metadata attributes, and that there is no class hierarchy between the models. However the MVC model binder will use the metadata of the equivalent properties in the UserModel when binding or validating the BindingModel .

The main thing to be aware of here is that there is an implicit contract between the two models now - if you were to rename Name on the UserModel , the BindingModel would no longer have a matching contract. There wouldn't be an error, but the validation attributes would no longer be applied to BindingModel .

This was a very quick run down of some of the options available to you to prevent mass assignment. Which approach you take is up to you, though I would definitely suggest using one of the latter 2-model approaches. There are other options too, such as doing explicit binding via TryUpdateModelAsync<> but the options I've shown represent some of the most common approaches. Whatever you do, don't just blindly bind your view models if you have properties that should not be edited by a user, or you could be in for a nasty surprise.

And whatever you do, don't bind directly to your EntityFramework models. Pretty please.

Popular Tags

Stay up to the date with the latest posts!

Basics Of .NET

In 2000, Microsoft announced a new Software development framework for Windows called .NET in the Professional Developer Conference(PDC). Microsoft release PDC version for Developers to test in the version of Beta 1 and Beta 2. Both of the version thrown to open community to test and lots of changes has to be done. Finally, in march 2002 Microsoft release final version of the .NET framework. Future development involves new and upgraded version of the framework.

Application of .NET

What type of application can you develop through .NET Many Internet and networked application.

• ASP.NET Web application: These include Dynamic and Data Driver Browser application.
• Windows Form based application: Client application.
• Console application: Traditional DOS kind of application like batch scripts.
• Web and Window Custom control: Web control allows to develop your own window controls and web controls are extended to custom control to the web.
• Web Services: “Well callable” Functionality available via industry standards like HTTP, XML, SOAP.
• Window Services: Application that runs as services in the background.

Use for creating all kinds of application that you find under Windows.

To get help in .NET application based Project Contact Us

.net framework sdk.

To develop varied types of application, .NET has a complete Software Development Kit (SDK) that provides classes, interfaces and languages. This Framework is available free of cost, you can download it from MSDN website.

Development Tools

If you are developing an application simple notepad may not serve the purpose for that we need to require the new Visual Studio .NET is such an IDE. Productive features of visual studio like: drag and Drop design – IntelliSense Features –Syntax highlighting and auto-syntax checking-Excellent debugging tools – Integration with version control software.

Visual Studio.NET Edition

It comes in different editions you can select different edition in the kind of development you are doing. Following editions are: Professionals-Enterprise Developer –enterprise architect Visual Studio. Developers can use the professional edition to create solution that span any device and integrate with any platform, features include collaborative team development, third party tool integration. The additional feature includes a visual designer for XML services.

Features of .NET

• Rich Functionality Out of the box: Contain hundreds of classes for that developer need not to go low level details.
• Easy Development of web application: the grid of coding from the programmer's side because ASP.net provides event-Driven Programming language and server controls.
• Multi language support: When enterprise have varying skill sets with the visual basic, C++ so you need not to throw them you can mold them in any language suitability. Currently VS.NET supports 20+ programming languages.
• Compatibility with COM and COM+: You can still use COM components and ActiveX controls. .Net relies on COM+ for transaction management and object pooling.
• No more DLL hell.
• XML strong support
• Ease of deployment and configuration.

Overview of .NET Framework architecture

At the bottom there is Operating System which wrap up with the .NET, Insulating software developed with .NET from most Operating System specifics such as File handling and memory allocation.

Common Language Runtime(CLR): This is the Execution environment consist heart of the .NET framework. .NET applications are compiled to a common language that is also known as Microsoft Intermediate Language then CLR handles the compiling the IL to machine language that time Program is executed. In such kind of environment common services, garbage collection and security are provided automatically.

.NET Class Framework: Also referred as .NET base class library it consist of several thousands of type definition and each type exposing their functionality. CLR and Class Framework allow developers to build following type of application: Web forms, window forms, Window console application, window services.

ADO.NET: It is Microsoft next generation ActiveX Data Object that heavily dependent on XML for representation of data. It DataSet Object is the core component of ADO.NET architecture.

User Interface: This layer allow user to interact with the outside world. Some type of interaction interfaces supported by .NET framework: Web forms, Window forms, Web services. ActiveX server pages has undergone extensive changes in ASP.NET: New support for HTML server control, It is now possible for server to process client-side events, New Control families with enhanced intrinsics.

Languages: CLR allow object written in one language be treated as equal by code written in another language to make this possible Microsoft has defined a Common Language Specification and language that conforms CLS can run on CLR. In .Net framework languages are Visual Basics, Visual C++, Visual C# and JScript support.

To know more about VB.NET and C#.NET you must learn about VB and C# Click here for VB Click here for C#

Find the best solution of .net topics..

• Parameters By Reference
• Parameters By Value
• Controls And Loops
• Error And Exceptions Handling
• Input And Output
• Difference Between .NET and Java
• Collections
• Browser And Session
• Date And Time
• Data Compression
• String Pattern Matching
• File Handling
• GUI Windows Forms

• MassiveMark Playground
• Transliteration Playground
• Professional Practice Test
• Assignmenthelp Services
• Custom Writing help
• Free Assignment Samples
• Free Homework Help Samples
• Terms of Use
• Refund Policy

Announcing UNISTR and || operator in Azure SQL Database – preview

Abhiman Tiwari

June 4th, 2024 0 0

We are excited to announce that the UNISTR intrinsic function and ANSI SQL concatenation ope ra tor ( || ) are now available in public preview in Azure SQL Database. The UNISTR function allows you to escape Unicode characters, making it easier to work with international text. The ANSI SQL concatenation ope ra tor ( || ) provides a simple and intuitive way to combine characters or binary strings. These new features will enhance your ability to manipulate and work with text data.  

What is UNISTR function?

The UNISTR function takes a text literal or an expression of characters and Unicode values, that resolves to character data and returns it as a UTF-8 or UTF-16 encoded string . This function allows you to use Unicode codepoint escape sequences with other characters in the string. The escape sequence for a Unicode character can be specified in the form of \ xxxx or \+ xxxxxx , where xxxx is a valid UTF-16 codepoint value, and xxxxxx is a valid Unicode codepoint value. This is especially useful for inserting data into NCHAR columns.  

The syntax of the UNISTR function is as follows:

• The data type of character_expression could be char ,  nchar ,  varchar , or  nvarchar . For  char and  varchar  data types, the collation should be a valid UTF-8 collation only.
• A single character representing a user-defined Unicode escape sequence. If not supplied, the default value is \.

Example #1:

For example, the following query returns the Unicode character for the specified value:

——————————-

Example #2:  

In this example, the UNISTR function is used with a user-defined escape character ( $ ) and a VARCHAR data type with UTF-8 collation.

I ♥ Azure SQL.

The legacy collations with code page can be identified using the query below:

What is ANSI SQL concatenation operator (||)?

The ANSI SQL concatenation ope ra tor ( || ) concatenates two or more characters or binary strings, columns, or a combination of strings and column names into one expression . The || ope ra tor does not honor the SET CONCAT_NULL_YIELDS_NULL option and always behaves as if the ANSI SQL behavior is enabled . This ope ra tor will work with character strings or binary data of any supported SQL Server collation . The || ope ra tor supports compound assignment || = similar to += . If the ope ra nds are of incompatible collation, then an error will be thrown. The collation behavior is identical to the CONCAT function  of character string data.

The syntax of the string concatenation operator is as follows:

• The expression is a character or binary expression. Both expressions must be of the same data type, or one expression must be able to be implicitly converted to the data type of the other expression. If one ope ra nd is of binary type, then an unsupported ope ra nd type error will be thrown.

Example #1:  

For example, the following query concatenates two strings and returns the result:

Hello World!

Example #2:

In this example, multiple character strings are concatenated. If at least one input is a character string, non-character strings will be implicitly converted to character strings.

full_name order_details                                                                                                         item_desc

Josè Doe Order-1001~TS~Jun 1 2024 6:25AM~442A4706-0002-48EC-84FC-8AF27XXXX NULL

Example #3:  

In the example below, concatenating two or more binary strings and also compounding with T-SQL assignment operator.

V1          B1    B2

0x1A2B       0x4E  0xAE8C602E951AC245ADE767A23C834704A5

Example #4:  

As shown in the example below, using the || operator with only non-character types or combining binary data with other types is not supported.

Above queries will fail with error messages as below –  

In this blog post, we have introduced the UNISTR function and ANSI SQL concatenation operator (||) in Azure SQL Database.  The UNISTR function allows you to escape Unicode characters, making it easier to work with international text. ANSI SQL concatenation operator (||) provides a simple and intuitive way to combine characters or binary data. These new features will enhance your ability to manipulate and work with text data efficiently.  

We hope you will explore these enhancements, apply them in your projects, and share your feedback with us to help us continue improving.   Thank you!

Abhiman Tiwari Senior Product Manager, Azure SQL

Leave a comment Cancel reply

Log in to start the discussion.

Insert/edit link

Enter the destination URL

Or link to existing content

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

?: operator - the ternary conditional operator

• 11 contributors

The conditional operator ?: , also known as the ternary conditional operator, evaluates a Boolean expression and returns the result of one of the two expressions, depending on whether the Boolean expression evaluates to true or false , as the following example shows:

As the preceding example shows, the syntax for the conditional operator is as follows:

The condition expression must evaluate to true or false . If condition evaluates to true , the consequent expression is evaluated, and its result becomes the result of the operation. If condition evaluates to false , the alternative expression is evaluated, and its result becomes the result of the operation. Only consequent or alternative is evaluated. Conditional expressions are target-typed. That is, if a target type of a conditional expression is known, the types of consequent and alternative must be implicitly convertible to the target type, as the following example shows:

If a target type of a conditional expression is unknown (for example, when you use the var keyword) or the type of consequent and alternative must be the same or there must be an implicit conversion from one type to the other:

The conditional operator is right-associative, that is, an expression of the form

is evaluated as

You can use the following mnemonic device to remember how the conditional operator is evaluated:

Conditional ref expression

A conditional ref expression conditionally returns a variable reference, as the following example shows:

You can ref assign the result of a conditional ref expression, use it as a reference return or pass it as a ref , out , in , or ref readonly method parameter . You can also assign to the result of a conditional ref expression, as the preceding example shows.

The syntax for a conditional ref expression is as follows:

Like the conditional operator, a conditional ref expression evaluates only one of the two expressions: either consequent or alternative .

In a conditional ref expression, the type of consequent and alternative must be the same. Conditional ref expressions aren't target-typed.

Conditional operator and an if statement

Use of the conditional operator instead of an if statement might result in more concise code in cases when you need conditionally to compute a value. The following example demonstrates two ways to classify an integer as negative or nonnegative:

Operator overloadability

A user-defined type can't overload the conditional operator.

C# language specification

For more information, see the Conditional operator section of the C# language specification .

Specifications for newer features are:

• Target-typed conditional expression
• Simplify conditional expression (style rule IDE0075)
• C# operators and expressions
• if statement
• ?. and ?[] operators
• ?? and ??= operators
• ref keyword

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback .

Submit and view feedback for

Additional resources