Content by Category
.NET 1.x
.NET 2.0
.NET 3.0
.NET 3.5
.NET 4.0
.NET 4.5
.NET Assemblies
.NET Framework
.NET Getting Started
Accessibility
ADO.NET
Advertorials
Agile Development
AJAX
Amazon Web Services
Analysis Services
Android
Architecture
Arduino
ASP .NET Web API
ASP.NET
ASP.NET MVC
ASP.NET WebForms
Azure
B2B (Business Integration)
BDD
Big Data
Bing
BizTalk
Book Excerpts
Build and Deploy
Business Intelligence
C#
C++
ClickOnce
Cloud Computing
Code Contracts
CODE Framework Info - non Technical
CODE on the Road!
COM+
Community
Conferences
Continuous Integration
Crystal Reports
CSLA.NET
CSS
Data
Debugger
Design Patterns
Development Process
Display Technologies
Distributed Computing
Document Database
DotNetNuke
DSL
Dynamic Languages
Dynamic Programming
Editorials
Enterprise Services ("COM+")
Entity Framework
Events
Expression Blend
F#
Fox to Fox
Frameworks
Functional Programming
Git
Graphics
HTML 5
Internet Explorer 8.0
Interviews
IOS
iPhone
Iron Ruby
Java
Java Script
JavaScript
jQuery
JSON
Lightswitch
LINQ
Linux
LUA
Mac OS X
MDX
Messaging
Metro
Microsoft Application Blocks
Microsoft Business Rules Framework
Microsoft Dynamics
Microsoft Expression
Microsoft Office
Mobile Development
Mobile PC
Mono
MsBuild
MVVM
MySQL
Network
NHibernate
node.js
NOSQL
Nuget
Object Oriented Development
Objective C
Odata
OLAP
Open Source
Opinion
Opinions
Oracle
ORM
Other Languages
Parallel Programming
Patterns
PHP
Podcasts
Post Mortem
PowerPoint
Print/Output
Prism
Product News
Product Reviews
Project Management
Prolog
Python
Q&A
Rails
Rake
Razor
Reporting Services
REST
RIA Services
Ruby
Ruby on Rails
Scheme
Search
Security
Services
SharePoint
SignalR
Silverlight
SOA
Social Networks
Software & Law
Software Business
Source Control
Speech-Enabled Applications
SQL Server
SQL Server 2000
SQL Server 2005
SQL Server 2008
SQL Server 2012
SQL Server CE/AnyWhere/Mobile/Compact
SSIS
Subversion
Sync Framework
Tablet PC
TDD
Team System
Techniques
Testing and Quality Control
TFS
Tips
TypeScript
UI Design
UML
User Groups
VB Script
VB.NET
Version Control
VFP and .NET
VFP and SQL Server
Virtual Earth
Vista
Visual Basic
Visual Basic 6 (and older)
Visual FoxPro
Visual Studio .NET
Visual Studio 11
Visual Studio 2005
Visual Studio 2008
Visual Studio 2010
Visual Studio 2011
Visual Studio 2012
Visual Studio Tools for Office
VSX
WCF
Web Development (general)
Web Services
WebMatrix
WF
Whitepapers
Windows 7
Windows 8
Windows Azure
Windows Live
Windows Phone 7
Windows Phone SDK
Windows Server
Windows Vista
WinForms
WinRT
Workflow
WPF
XAML
Xiine Documentation
XML
XNA
XSLT



LearnNow


XAMALOT
 


SSWUG

Reader rating:
Click here to read 7 comments about this article.
Article source: CoDe (2003 - July/August)


Article Pages:  1  2 3 4 - Next >


Validating Data On Web Forms

There are six controls included with ASP.NET that simplify data validation.Prior to ASP.NET, data validation was performed through scripts using either JavaScript or VBScript. Hence, many times validation was not performed in a uniform manner, complex validation was difficult to implement, and Web servers were vulnerable to validation scripts being modified by malicious users.

Validating the information entered by users is an essential part of developing a professional Web-based user interface. Data validation over the Web is performed in one of two locations: on the user's computer, or on the Web server.

Most applications perform their data validation on the user's local computer. In this scenario, if an error occurs while performing validation on the user's computer, the application can directly display the error message on the page that the user is viewing without the page making a round trip to the Web server and then back to the user. This increases performance and reduces traffic over the Web.

A slightly negative aspect of validating data on the user's computer is that the validation is performed via a script residing in the Web page. Thus, the validation script is browser-specific. You only have two possible scripting languages that you can use on a user's computer: VBScript or JavaScript. Some resources also refer to Jscript (Microsoft) and ECMAScript (European Computer Manufacturer's Association), but these are both derivatives of JavaScript. Since only Microsoft Internet Explorer supports VBScript, you'll probably choose JavaScript as your primary scripting language to use on a user's computer.

In addition, malicious users can subvert the validation process. Users with harmful intent may easily modify the validation script because it is contained in the source of the page that is sent to the user's computer. The malicious user can then submit the modified script to the Web server with results that are different than what you, the developer, intended.

The alternative to processing data validation on the user's computer is to process it on the Web server. The opposite pros and cons that applied to processing data validation on the user's computer apply to processing data validation on the Web server. For instance, since the validation occurs on the Web server, your application must post the Web page that the user is viewing back to the Web server for validation to occur. This decreases performance since the page must make a round trip to the Web server and back to the user's computer if data validation fails. However, when you validate a process on the Web server, you can use any scripting language because the user's Web browser doesn't process the scripting language. Furthermore, the data validation scripts are protected inside the Web server so they are not vulnerable to malicious user modifications.

ASP.NET Validation Controls

In its efforts to improve Web development on the whole, Microsoft included in ASP.NET a set of controls (called the ASP.NET validation controls), which offer an exceptional solution to data validation. ASP.NET comes with five validation controls as well as a summary control.

"
Validating the information entered by users is an essential part of developing a professional Web-based user interface.
"

The ASP.NET validation controls use a combination of the benefits of traditional data validation. The ASP.NET data validation controls process data validation on the Web server, but you can also optionally process data validation on the user's computer. Similar to the other ASP.NET Web server controls, your ASP.NET Web application renders the data validation controls on the user's computer as HTML elements based upon the selected TargetSchema property. Hence, if you configure the data validation controls to enable validation on the user's computer, the resulting HTML is browser-specific. More precisely, the rendered HTML uses a script library called WebUIValidation.js and implements Microsoft JScript functionality that is only supported by Microsoft Internet Explorer 4.0 and later versions.

With the above-mentioned restriction in mind, you can configure the ASP.NET data validation controls to enable validation on the user's computer in most cases without any negative impact on Web browsers that do not support the scripting functionality. If you choose to support validation on the user's computer, performance will increase slightly. However, to reiterate, validation will always be performed on the Web server in order to offer validation to Web browsers that do not support the client-side scripting as well as protect against the possibility of modified validation scripts.

All of the data validation controls are displayed in the toolbox when ASP.NET displays a Web form or Web user control in design view in Visual Studio .NET. You can also (directly in HTML or programmatically) add data validation controls to Web forms and Web user controls. The data validation controls are shown in Figure 1 as they appear in the Visual Studio .NET Toolbox.

Click for a larger version of this image.

Figure 1. The ASP.NET Data Validation controls as they appear in the Visual Studio .NET Toolbox

&

By: Shannon A Horn

Shannon Horn is the co-founder and chief software architect of WebGeniuses Corporation (http://www.webgeniuses.com). He is a Microsoft Certified Application Developer (MCAD), Microsoft Certified Solution Developer (MCSD) and a Microsoft Certified Trainer (MCT) who has been developing Microsoft Windows and Web-based solutions as well as training for over 12 years. He has been a featured speaker at many industry events including Microsoft DevDays and the ASP.NET and Web Services Solutions conference produced by asp.netPRO. He is a published author on several subjects including XML, the migration from Visual Basic 6 to VB.NET, JScript.NET, C#, and ASP.NET.

Shannon speaks and trains for companies such as AppDev (http://www.appdev.com) and LearnIt (http://www.learnit.com) and has been a featured speaker in training videos with LearnKey. He has also worked with large corporate clients including Microsoft, Universal Studios, MGM Studios, Monster.com/FlipDog.com, Intel, Polygram Pictures, Prudential, Micro Accounting Systems, Sky Harbor International Airport, and Southern Automated Systems on projects using Microsoft technologies such as Visual FoxPro, Visual Studio.NET, C#, ADO.NET, and ASP.NET. Shannon lives in Glendale, AZ, and is married with two daughters and a son.

shannon_horn@webgeniuses.com

Fast Facts

There are five validation controls included with ASP.NET as well as a summary control. Data validation with the ASP.NET validation controls is always processed on the Web server and can also optionally be processed on the user's computer.


Article Pages:  1  2 3 4 - Next Page: 'RequiredFieldValidator Control' >>

Page 1: Validating Data On Web Forms
Page 2: RequiredFieldValidator Control
Page 3: RangeValidator Control
Page 4: ValidationSummary Control
How would you rate the quality of this article?
1 2 3 4 5
Poor      Outstanding

Tell us why you rated the content this way. (optional)

Average rating:
3.3 out of 5

29 people have rated this article.

Instantly Search Terabytes Of Text
“Lightning Fast”
– Redmond Mag
“Covers all data
sources” – eWeek
25+ fielded & full-text search options
dtSearch’s own document filters highlight hits in popular file types
Web Spider supports static & dynamic data
APIs for .NET, Java, C++, SQL, etc.
Win / Linux (64-bit & 32-bit)
www.dtSearch.com
 

      AppsWorld Europe

 

SSWUG  

© by EPS Software 1993 - 2013. All rights reserved.
6605 Cypresswood Dr., Suite 300, Spring, TX 77379
Voice: (+1) 832-717-4445 --- Fax: (+1) 832-717-4460
Contact us via email: info@code-magazine.com
CoDe Magazine Privacy Policy