Invalid length for a Base-64 char array

AdamPembs · February 4th, 2011, 07:20 AM

StackTrace
at System.Convert.FromBase64String(String s) at System.Web.UI.ObjectStateFormatter.Deserialize(Str ing inputString) at System.Web.UI.ObjectStateFormatter.System.Web.UI.I StateFormatter.Deserialize(String serializedState) at System.Web.UI.Util.DeserializeWithAssert(IStateFor matter formatter, String serializedState) at System.Web.UI.HiddenFieldPageStatePersister.Load()

I'm getting this error message mailed to me from my page at http://www.mphhire.co.uk/tool-hire-catalogue.aspx - I'm not sure what's causing it, it might be malicious activity or someone using bad input. However, I'm not too happy about the page as my code is a bit bloated.

I use a repeater for displaying the full hire catalog, but I need the category names displayed with the products nested inside so I use linq to get the data from the different tables.

I then have a listview to display the search results which is hidden unless there is a postback

I could just try adding validation controls but ideally, I would prefer one data control to do the whole lot as I think what I have is quite clunky.

Code:

 

protected void Page_Load(object sender, EventArgs e)
        {
        using (items_catsDataContext myDataContext = new items_catsDataContext())
        {

                var TopCats = from category in myDataContext.categories where category.categoryid >1  //top level category not to be displayed
                select new { catName = category.categoryName, category.tblHireItems };               


            rptCats.DataSource = TopCats;
            rptCats.DataBind();

   
        }

       }
   
    
       

    protected void btnSearch_Click(object sender, EventArgs e)
    {
        if (!(productSearch.Text == ""))
        {

            rptCats.Visible = false;

        }
        else
        {
            SearchError.Text = "Please enter a search phrase";
        }
        
       
    }
    protected void resetSearch_Click(object sender, EventArgs e)
    {
        productSearch.Text = string.Empty;
        rptCats.Visible = true;
    }

and front end

Code:

<asp:SqlDataSource ID="SqlDataSource1" runat="server" 
            ConnectionString="<%$ ConnectionStrings:mphhireConnectionString %>" 
            SelectCommand="sp_searchHireItems" SelectCommandType="StoredProcedure">
            <SelectParameters>
                <asp:ControlParameter ControlID="productSearch" Name="searchterm" 
                    PropertyName="Text" Type="String" />
            </SelectParameters>
        </asp:SqlDataSource>

and the stored procedure uses

@searchterm nvarchar(50)

I'm thinking that setting a maximum length of 50 on the text box might be the solution to the error if I have a nvarchar(50) for the stored procedure but I would welcome any thoughts on this. Should I use a validation control in addition to a max length on the textbox?