Saturday, March 16, 2013

When to use Allow Unsafe Updates

AllowUnsafeUpdates is set to true when you are trying to update the database as a result of the GET request.
Say you have a list and you want to update something, then you need to set AllowUnsafeUpdates = true for the web and after you have done you need to set it back to false.
AllowUnsafeUpdates = false protects from cross site scripting.
So if you need to allow your code to make some updates, you need to set allow unsafe updates to true and then back to false as soon you update.
SPList list= web.Lists["list name"];

SPListItemCollection items= list.GetItems();

web.AllowUnsafeUpdates = true;
foreach (SPListItem item in items)
     item["Field"] = "new val";
web.AllowUnsafeUpdates = false;

Also refer following links for more idea.

No comments:

Post a Comment