67

我正在尝试掌握 MVC 框架的窍门,所以请耐心等待。

现在,我使用会话存储的唯一目的是存储当前登录的用户。我的网站很简单。对于此示例,请考虑三个域对象:Person、Meeting 和 File。用户可以登录并查看会议的“仅限成员”个人资料,并可以向其中添加文件,或者在未登录的情况下查看会议的公开“个人资料”。

因此,从会议的私人资料中,使用登录用户,我有一个“添加文件”链接。此链接路由到 FileContoller.Add(int meetingId)。通过此操作,我得到了用户想要使用会议 ID 添加文件的会议,但是在发布表单后,我仍然需要知道用户正在向哪个会议添加文件。这就是我的问题所在,我应该通过 TempData 传递“当前正在与之交互”的会议,还是将其添加到 Session 存储中?

这就是我目前设置添加操作的方式,但它不起作用:

    public ActionResult Add(int meetingId)
    {
        try
        {
            var meeting = _meetingsRepository.GetById(meetingId);
            ViewData.Model = meeting;
            TempData[TempDataKeys.CurrentMeeting] = meeting; /* add to tempdata here */
        }
        catch (Exception)
        {
            TempData[TempDataKeys.ErrorMessage] = "Unable to add files to this meeting.";
            return RedirectToRoute("MeetingsIndex");
        }

        return View();
    }

    [AcceptVerbs(HttpVerbs.Post)]
    public ActionResult Add(FormCollection form)
    {
        var member = Session[SessionStateKeys.Member] as Member;
        var meeting = TempData[TempDataKeys.CurrentMeeting] as Meeting; /* meeting ends up null here */

        if (member == null)
        {
            TempData[TempDataKeys.ErrorMessage] = "You must be logged in to add files to an meeting.";
            return RedirectToRoute("LoginPage");
        }

        if (meeting == null) 
        {
            TempData[TempDataKeys.ErrorMessage] = "An error occurred. No meeting selected.";
            return RedirectToRoute("MeetingsIndex");
        }

            // add files to meeting

        TempData[TempDataKeys.Notification] = "Successfully added.";
        return RedirectToRoute("AddFiles", new {meetingId = meeting.MeetingId});
}

编辑:

根据大多数答案,任何人都可以提供任何示例,说明应该在 TempData vs Session 中存储哪种数据(消息除外)?

4

7 回答 7

98

TempData is session, so they're not entirely different. However, the distinction is easy to understand, because TempData is for redirects, and redirects only. So when you set some message in TempData and then redirect, you are using TempData correctly.

However, using Session for any kind of security is extremely dangerous. Session and Membership are entirely separate in ASP.NET. You can "steal" sessions from other users, and yes, people do attack web sites this way. So if you want to selectively stop a post information based on whether a user is logged in, look at IsAuthenticated, and if you want to selectively show information based on what type of user is logged in, you use a Role provider. Because GETs can be cached, the only way to selectively allow access to an action in a GET is with AuthorizeAttribute.

Update In response to your edited question: You already have a good example of using TempData in your question, namely, returning a simple error message after a failed POST. In terms of what should be stored in Session (beyond "not much"), I just think of Session as a user-specific cache. Like the non-user-specific Cache, you should not put security-sensitive information there. But it's a good place to stick stuff which is relatively expensive to look up. For example, our Site.Master has the user's full name displayed on it. That is stored in a database, and we don't want to do a database query for it for every page we serve. (An installation of our application is used in a single company, so a user's full name is not considered "security-sensitive.") So if you think of Session as a cache which varies by a cookie which the user has, you won't be far wrong.

于 2009-09-30T20:31:04.353 回答
17

The default TempData provider uses the session so there really isn't much of a distinction, except that your TempData is cleared out at the end of the next request. You should use TempData when the data needs only to persist between two requests, preferably the second one being a redirect to avoid issues with other requests from the user -- from AJAX, for example -- deleting the data accidentally. If the data needs to persist longer than that, you should either repopulate the TempData or use the Session directly.

于 2009-09-30T20:27:43.687 回答
6

You can use it as per your requirement. A clarification can be,

TempData Vs Session

TempData

  1. TempData allow us to persisting data for the duration of single subsequent request.
  2. ASP.net MVC will automatically expire the value of tempdata once consecutive request returned the result (it means, it alive only till the target view is fully loaded).
  3. It valid for only current and subsequent request only

  4. TempData has Keep method to retention the value of TempData.

    Example:

    TempData.Keep(), TempData.Keep(“EmpName”)

  5. TempData internally stored the value in to Session variable.

  6. It is used to stored only one time messages like validation messages, error messages etc.

Session:

  1. Session is able to store data much more long time, until user session is not expire.
  2. Session will be expire after the session time out occurred.
  3. It valid for all requests.
  4. N/A
  5. Session varible are stored in SessionStateItemCollection object (Which is exposed through the HttpContext.Session property of page).
  6. It is used to stored long life data like user id, role id etc. which required throughout user session.

TempData and session, both required typecasting for getting data and check for null values to avoid run time exception.

于 2017-06-22T07:07:28.423 回答
4

“它不起作用”不是很具有描述性,但让我提供一些建议。

Under the hood, TempData uses Session to store values. So there isn't much difference in terms of storage mechanisms or anything like that. However, TempData only lasts until the next request is received.

If the user makes an ajax request in between form posts, TempData is gone. Any request whatsoever will clear TempData. So it's really only reliable when you're doing a manual redirect.

Why can't you just simply render the meeting ID to a hidden field in your View form? You're already adding it to the model. Alternately, add it to your route as a parameter.

于 2009-09-30T20:27:09.803 回答
0

I prefer to maintain that kind of data in the page itself. Render meetingID as a hidden input, so it gets submitted back to the controller. The controller handling the post can then feed that meeting ID back to whatever view will be rendered, so that the meetingID basically gets passed around as long as you need it.

It's kind of like the difference between storing a value in a global variable before calling a method that will operate on it, vs. passing the value directly to the method.

于 2009-09-30T20:27:26.497 回答
0

I would suggest MvcContrib's solution: http://jonkruger.com/blog/2009/04/06/aspnet-mvc-pass-parameters-when-redirecting-from-one-action-to-another/

If you don't want full MvcContrib, the solution is only 1 method + 1 class that you can easily grab from MvcContrib sources.

于 2009-09-30T20:47:33.007 回答
0

The TempData property value is stored in session state. The value of TempData persists until it is read or until the session times out. If you want pass data one controller view to another controller view then you should use TempData.

Use Session when the data need for the throughout application

于 2014-03-28T11:31:55.253 回答