Best Practices (edit)


I would start with PCI-DSS guidance as a baseline for protecting the data.

PCI-DSS is the Payment Card Industry Data Security Standard. It's the industries first attempt to lay down guidelines for protecting data around the banking area. The guidelines are specifically for cardholder data, but are a great resource for protection of data in general. PCI requirements include yearly onsite audits, and quarterly network scans.

Another good resource is OWASP which offers guidance on security of web applications in general

OWASP goes into a lot of detail about how to perform threat modelling, test for (and correct) common vulnerabilities. For the quick start head to the OWASP Top Ten


AllowHtml, DataAnnotation

Overview MVC 1,2,3,4,5 + @section scripts

MVC Solution Architecture (source)

Action Filter

Unobtrusive Validation

Data Annotation: Đa ngôn ngữ với Model Metadata

Good Practices

Nerd Dinner

MVC Music Store

MVC Music Store is a tutorial application built on ASP.NET MVC. It's a lightweight sample store which demonstrates ASP.NET MVC using Entity Framework.

How to run MVC Music Store?

1) Download and install ASP.NET MVC 3 Tools from the official ASP.NET MVC 3 page or from Microsoft Download Center. It will install the required DLLS into the GAC.

2) Install the corresponding ASP.NET MVC 3 NuGet package into MvcMusicStore project using following command in the Package Manager Console:

Install-Package Microsoft.AspNet.Mvc -Version 3.0.50813.1


Install-Package Microsoft.AspNet.Mvc -Version 3.0.20105.1

After using either of the described ways you will be able to successfully build and run the MVC Music Store tutorial application.

Note that these ways are not conflicting with each other, so you may safely install ASP.NET MVC 3 Tools into your OS and install ASP.NET MVC 3 NuGet package into the project.



Learn MVC in CodeProject