Examining the Edit Action Methods and Views for the Movie Controller

In this section, you'll examine the generated Edit action methods and views for the movie controller. But first we'll take a short diversion to make the release date look better. Open the Models\Movie.cs file and add the highlighted lines shown below:

You can also make the date culture specific like this: [Display(Name = "Release Date")] [DataType(DataType.Date)] [DisplayFormat(DataFormatString = "{0:d}", ApplyFormatInEditMode = true)] public DateTime ReleaseDate { get; set; }

Run the application and browse to the Movies controller. Hold the mouse pointer over an Edit link to see the URL that it links to.

The Edit link was generated by the Html.ActionLink method in the Views\Movies\Index.cshtml view: @Html.ActionLink("Edit", "Edit", new { id=item.ID })

The generated link shown in the previous image is http://localhost:1234/Movies/Edit/4. The default route (established in App_Start\RouteConfig.cs) takes the URL pattern {controller}/{action}/{id}. Therefore, ASP.NET translates http://localhost:1234/Movies/Edit/4 into a request to the Edit action method of the Movies controller with the parameter ID equal to 4. Examine the following code from the App_Start\RouteConfig.cs file. The MapRoute method is used to route HTTP requests to the correct controller and action method and supply the optional ID parameter. The MapRoute method is also used by the HtmlHelpers such as ActionLink to generate URLs given the controller, action method and any route data.

You can also pass action method parameters using a query string. For example, the URL http://localhost:1234/Movies/Edit?ID=3 also passes the parameter ID of 3 to the Edit action method of the Movies controller.

Open the Movies controller. The two Edit action methods are shown below.

Notice the second Edit action method is preceded by the HttpPost attribute. This attribute specifies that the overload of the Edit method can be invoked only for POST requests. You could apply the HttpGet attribute to the first edit method, but that's not necessary because it's the default. (We'll refer to action methods that are implicitly assigned the HttpGet attribute as HttpGet methods.) The Bind attribute is another important security mechanism that keeps hackers from over-posting data to your model. You should only include properties in the bind attribute that you want to change. You can read about overposting and the bind attribute in my overposting security note. In the simple model used in this tutorial, we will be binding all the data in the model. The ValidateAntiForgeryToken attribute is used to prevent forgery of a request and is paired up with @Html.AntiForgeryToken() in the edit view file (Views\Movies\Edit.cshtml), a portion is shown below:

@Html.AntiForgeryToken() generates a hidden form anti-forgery token that must match in the Edit method of the Movies controller. The HttpGet Edit method takes the movie ID parameter, looks up the movie using the Entity Framework Find method, and returns the selected movie to the Edit view. If a movie cannot be found, HttpNotFound is returned. When the scaffolding system created the Edit view, it examined the Movie class and created code to render and elements for each property of the class. The following example shows the Edit view that was generated by the visual studio scaffolding system:

All source collected from https://learn.microsoft.com/en-us/aspnet/mvc/overview/getting-started/introduction/examining-the-edit-methods-and-edit-view