Let's say you have a class to represent different flavors of ice cream.With Drop Down List For, you typically want a view model that will contain at least 2 properties: - one property to hold a collection of Select List Items to build the drop down - one property to hold the value selected by a user ..
If you want strong typing, use LINQ to project ice cream flavors into Select List Items.In the end a client simply sends an HTTP request back to the server and it contains some data, and that data could be the values entered into the HTML form, or it could be arbitrary values chosen at the user's whim. Anything sent by the client should be suspect, there's no guarantee that it's what you expect, and it must be validated on the server before acceptance. User downloads the HTML, modifies the content, and sends the from with modified content.Make absolutely sure that you are validating all form data before it hits your DB.It's the same magic Web Form programmers see with View State. This example has a text box that accepts user input, which is a potential security threat. NET Web pages validate that user input does not include script or HTML elements.