Home/ Questions/Q 3353340
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T02:08:22+00:00

What areas get affected by it? code readability? maintainability? performance? security? any other? my

  • 0

What areas get affected by it?

code readability? maintainability? performance? security? any other?

my views have been using something like 

if(Model.Showthis) {<div id = "showthis">...</div>} }

and does doing something like the following have security implications? —

<%if (HttpContext.Current.User.Identity.IsAuthenticated && item.Poster.UserName == HttpContext.Current.User.Identity.Name)%>
<%{%>
...
<%}%>

yes I read "if" considered harmful in ASP.NET MVC View (.aspx) files? too, but it didn’t exactly specify what areas get affected by it. I mean I wanted to make sure there are no security and performance implications, which the link didn’t answer exactly

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t see an issue with it as long as the branching logic is purely for UI concerns. With that in mind I would change your second if to:

    <%if (item.Poster.UserName == Model.CurrentUserName)%>
<%{%>
...
<%}%>

    And set your model up so that the CurrentUserName property looks like this:

    public string CurrentUserName
{
    get
    {
        return HttpContext.Current.User.Identity.IsAuthenticated
            ? HttpContext.Current.User.Identity.Name
            : String.Empty;
    }
}

    Or even better if you’re going to be checking author against current user a lot in your system, offload that property to a helper class that can be reused from multiple models. Basically I wanted to get the implementation detail of what the current user’s name is out of the view.

    • 0