Changing Query String values in ASP.NET MVC

Recently I was trying to update a query string by adding or updating a parameter for URLs generated in a partial view.

I found an excellent example for achieving this by setting route data here however this didn’t preserve current query string values in the URL. I’ve extended upon that code and updated it to include the query string values in the route data which will be appended to the query string in the generated URL (assuming the parameter key doesn’t match part of the route).

Disabling an ASP.NET MVC input control

I love ASP.NET MVC. It is a great framework to get web apps quickly built. However using the built in HtmlHelper methods on your views isn’t without its issues.

An example of this is when trying to disable a HTML input control which has been built using HtmlHelper. You can add the “disabled” attribute which would be required by making use of one of the helper’s overloads however if you want to conditionally disable a control (based on your view model) it can result in your view’s code becoming more inflated than you might have initially though it would need to be!

To try and help with this I created a simple extension which will add the required attribute based on a passed in boolean value.

This is a very simplistic helper which can be improved upon but it served it’s need when it was created.

It can be used as follows.

Fixed/Sticky Headers on ASP.NET GridView using jQuery

The GridView control in ASP.NET Web Forms is an extremely useful and quick way of getting data out to the user in a nice tabular format. It does have one weak spot though and that is some of the tags it uses when doing this. Specifically, not putting the header information inside a <thead> tag.

So why is this important?

When you have a LOT of rows (as some do) after you’ve scrolled down the page and the table headers are out of view you can forget which column is which, especially if the data is similar (such as lots of numbers).

A quick and easy solution to this is to use a jQuery “sticky” or “fixed” table header plugin such as jquery.floatThead.

The problem comes in when you try and apply one of these plugins to a GridView. Since the GridView doesn’t use the <thead> tag the plugins often can’t find the header information which they are supposed to be fixing at the top of the screen after the user has scrolled down, as a result they just don’t work.

The Solution

There a two options to fixing this problem. The first is to use the DataBound event to change the header row to actually be a header row (why this isn’t the default I don’t know). The second option is to use a JavaScript/jQuery fix to make the first row in the table a table header.

In this case we’ll be using jQuery to fix the table to make it compatible with other jQuery plugins.

I stumbled upon a JavaScript fix by Rick Strahl which I wrapped up in a jQuery GridView Fix plugin so that it fit in with the rest of the project.

After either fix has been applied the table should now be compatible with other jQuery plugins.

Any tables also start to take on correct styling from CSS frameworks such as Bootstrap which also use the <thead> tag.

Sending e-mails through Office 365

I recently signed up for an Office 365 Business Essentials subscription to get the benefit of Exchange and other nice features without the hassle of managing it myself, as part of this I wanted to setup a no-reply e-mail address I could use to send automated e-mails without having to fork out extra for another user. The answer I found lies in using a shared mailbox for the e-mail address and preventing it from accepting incoming e-mails, then configuring the client to use Office 365 as an SMTP relay.

I have written this guide assuming that the Business Essentials subscription is being used. You may have slightly different options available to you if you are using a different subscription.

Office 365 as an SMTP relay

Using Office 365 as an SMTP relay doesn’t require a username and password (which avoids having to create an extra user) but it does rely on the client having a static IP address, so if your client doesn’t these steps won’t work for you.

Required Information

Before you set off down this road there are a few pieces of information that you’ll need to collect:-

  • The public IP address of the client.
  • Your SMTP host address – this happens to be your MX record.

You will also need to make sure that the domain you are planning on using is verified in Office 365.

Creating the Shared Mailbox

  1. Login to the Office 365 Portal and go to the Admin Dashboard.
  2. Under “users & groups” click on the “Add users, reset passwords, and more” link.
    Users and Groups Screenshot
  3. Click on the “Shared Mailboxes” heading.
    Shared Mailboxes
  4. Click on the “+” symbol to create a new shared mailbox.
  5. Enter a Mailbox name and an e-mail address (this will be the name and address e-mails are sent from).
    Add Shared Mailbox Screenshot
  6. On the next step you need to find a user who you want to be able to access the shared mailbox, even though there should be no mail I’d still recommend giving a user access to the mailbox just in case.
    Add Members Screenshot
  7. Click on the “Finish” button to create the shared mailbox.

Create a Connector

  1. Login to the Exchange Admin Center.
  2. Under “mail flow” click on the “connectors” link.
    Mail Flow Screenshot
  3. Click on the “+” symbol under “Inbound Connectors” to create a new connector.
    Inbound Connectors Screenshot
  4. In the window which appears enter a connector name and set the “Connector Type” option to “On-premises”.
    New Connector Screenshot
  5. Scroll a bit further down the window and under “Sender domains” add an entry for “*”. This allows e-mail to be received for sending from any domain. If you want to you can restrict this but I will assume the IP authentication will be sufficient for this guide.
    Sender Domains Screenshot
  6. If you now scroll to the bottom of the window and under “Sender IP addresses” add an entry for the public IP address of the client.
  7. Save the connector.

Preventing incoming e-mail

  1. While logged into the Exchange Admin Center click on the “recipients” link from the menu at the side of the screen.
    ECP Screenshot
  2. Click on the “shared” header at the top of the screen.
  3. Highlight the shared mailbox that was created at the beginning and then click on the “edit” pencil symbol.
  4. In the window which loads click on the “mailbox features” link.
    Mailbox Features Screenshot
  5. Scroll down to the bottom of the window and under “Message Delivery Restrictions” click on “View details”.
  6. In the window which opens set “Accept messages from” to “Only senders in the following list” and then add an entry for the shared mailbox.
    Restrict Senders Screenshot
    This will cause any e-mails from users inside your organisation to this mailbox to be rejected.
  7. Ensure that “Require that all senders are authenticated” is checked.
    This will cause any e-mails from users outside of your organisation to this mailbox to be rejected.
  8. Click on “ok”.
  9. Click on “save”.

After you’ve completed the steps you should have a working address you can use to send e-mails from your clients.

You should also add the IP address(es) of the client(s) to the SPF record for your domain to reduce the risk that e-mail spam filters will prevent any sent e-mails reaching its destination.

The short guide above is a culmination of the documentation found at the following URLs on the Microsoft website.

Strongly Typed Data in ASP .NET Web Forms

In ASP .NET Web Forms you’ve previously had to use strings to specify which properties you’d like to output when databinding, which would probably end up looking something like the following.

In all likelihood it could probably look far less tidy if you’ve ever needed to do any formatting on values you’re about to output to the page. Not to mention the errors you’ll get if you ever rename a property on the model and forget about your web page (because Visual Studio will not warn you about these errors).

In .NET 4.5.1 a strongly typed data feature was introduced for ASP .NET Web Forms. This allows you to specify a type for your data on the binding control which lets you be able to specify properties to bind without the use of strings.

You can make use of this feature by writing code similar to the following.

As shown above you can now specify a type for the data you are about to bind using the ItemType property of the databinding control. This lets you then use the Item property in the templates to specify which properties of your model you would like to output (as well as allowing you access to any handy extension methods you may have for formatting output).

This on whole means you know if a change you have made has broken your model binding before runtime, which is definitely a great step forward for ASP .NET Web Forms development.

Install WPScan on Ubuntu 13.10


Since Ubuntu 13.10 doesn’t come set up for development work out of the box there are a few things you need to download and install first. Thankfully this is made easy by apt-get by just running the following command to get everything ready.

sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential git

Setting up WPScan

First off we need to clone the git repository to get the code for WPScan. We can do this by using the following command.

git clone

After this we need to move into the wpscan directory that gets created for us.

cd wpscan

Next we need to build the program. This should be as easy as doing the following.

sudo gem install bundler && bundle install –without test development

Using WPScan

After this we should have a working copy of WPScan. You can check that everything is up to date by running the following command.

ruby wpscan.rb –update

Assuming everything went well you can now start using WPScan to test your WordPress installations for common security vulnerabilities. You can find a list of commands you can run using WPScan on the WPScan website.

Send E-mail through Microsoft Exchange using .NET

Recently I needed to send an e-mail using Microsoft Exchange Server from an ASP .NET Web App.

My first attempt involved using the classes in the System.Net.Mail namespace however I quickly realised this wasn’t the way to be going about it as I had very little luck getting a connection to the server.

After a while spent with Google I realised that there were some web services which could be used to perform tasks, these were called Exchange Web Services (EWS) and thankfully Microsoft provide a managed API which can be used to connect to and use them!

I thought this was exactly what I needed to I was surprised to be informed that the API was already installed when I tried to run the installer. I can only imagine that this was because I had Office already installed or because I installed Visual Studio with all the optional components.

In any case I eventually found the 32-bit version at the following path:

C:\Program Files (x86)\Microsoft\Exchange\Web Services\2.0

Below is a simple example of how to use the EWS Managed API to connect to an exchange server and send an e-mail message.

I hope this saves someone some time when hunting for a quick solution!

Using a RequiredFieldValidator on a DropDownList in ASP .NET

In most applications today drop-down lists default to a “Please select..” option with some form of validation to ensure the user makes their own selection.

Drop-down list validation example

In ASP .NET web forms this frequently results in a drop-down list being created using code similar to that displayed below.

We can add an ASP .NET RequiredFieldValidator and set its ControlToValidate property to the ID of the DropDownList control as shown below.

This code would result in the drop-down list always passing validation since theRequiredFieldValidator sees the default value of “-1” as a valid value.

To correct this we need to set the InitialValue property of the RequiredFieldValidator to be the same as the initial value of the DropDownList (in this case “-1′) as shown below.

After this property has been set the DropDownList control will not pass validation until the user has selected a different option.

Boot Camp Support Software

After upgrading a Boot Camp Windows 7 installation to Windows 8 I found that the Boot Camp drivers needed to be updating to regain control of the function keys and built-in camera.

The Boot Camp software is available at Apple Boot Camp Support Website.

After the download I found the installer failed to run with the error “The installer encountered errors before Boot Camp could be configured“.

It turns of some programs interfere with the Boot Camp installer, especially ones relating to video drivers.

For me LogMeIn turned out to be responsible and after uninstalling that the installation went as expected, however some seem to have had problems with AirDisplay and other software too.

How to allow HTML content in ASP .NET MVC

Sometimes in web development, you need to provide an easy-to-use editor for non-technical users to input or change content where extra styling is required such as making text bold or italic.

However unless you use (or code yourself) an editor which uses some form of BBCode you’re going to come across the following error message if you’re using ASP .NET.

A potentially dangerous Request.Form value was detected from the client


I have seen various “fixes” to this suggested, the most frequent being turning off request validation entirely. While this will get your form working, it also lowers the security of your application since any text field will accept HTML content. This could be used to inject scripts or to deface your website, in either case this is bad news.

However in ASP .NET MVC you can specify the [AllowHtml] attribute above a property in your model to allow HTML content to be entered and maintain security in the rest of your application.