 |
BOOK: Beginning ASP.NET 4.5 : in C# and VB
 | This is the forum to discuss the Wrox book Beginning ASP.NET 4.5: in C# and VB by Imar Spaanjaars; ISBN: 978-1-118-31180-6 |
Welcome to the p2p.wrox.com Forums.
You are currently viewing the BOOK: Beginning ASP.NET 4.5 : in C# and VB section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
|
|
April 3rd, 2013, 10:56 AM
|
|
Friend of Wrox
|
|
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
|
|
State code validation
Say for instance that you have a webform that allows customers to post back information to the server for processing. On this webform you have a state field as a text box. Is there a front end validation tool that comes with Visual Studio out of the box that would say only allow the user to put in state codes for Arizona, Texas, Wyoming, California, Nevada, Maryland, and Florida and exclude or throw a validation era for all the other states besides the ones I just listed? In other words if they entered state codes into the texbox that were not part of the above mention state code list, it would throw a validation message/error. Is there an out of the box Validation tool in Visual Studio 2012 that can handle this scenario? I know that you can do it on the front end with JavaScript as follows:
Code:
var $ = function (id) {
return document.getElementById(id);
}
var stateCodeLookup = function (stateCode) {
var states = ["CA", "WA", "OR", "NV", "NM", "AZ", "WY", "MT", "TX","FL"];
stateCode = stateCode.toUpperCase();
for (var i = 0; i < states.length; i++) {
if (states[i] == stateCode) {
return true;
}
}
return false;
}
var joinList = function () {
var emailAddress1 = $("email_address1").value;
var emailAddress2 = $("email_address2").value;
var isValid = true;
// validate the first email address
if (emailAddress1 == "") {
$("email_address1_error").firstChild.nodeValue = "This field is required.";
isValid = false;
} else {
$("email_address1_error").firstChild.nodeValue = "";
}
// validate the second email address
if (emailAddress2 == "") {
$("email_address2_error").firstChild.nodeValue = "This field is required.";
isValid = false;
} else if (emailAddress1 !== emailAddress2) {
$("email_address2_error").firstChild.nodeValue = "This entry must equal first entry.";
isValid = false;
} else {
$("email_address2_error").firstChild.nodeValue = "";
}
// validate the first name entry
if ($("first_name").value == "") {
$("first_name_error").firstChild.nodeValue = "This field is required.";
isValid = false;
}
else {
$("first_name_error").firstChild.nodeValue = "";
}
// validate the state code entry
var stateCode = $("state_code").value;
if (!stateCodeLookup(stateCode)) {
$("state_code_error").firstChild.nodeValue = "State code is invalid.";
isValid = false;
}
else {
$("state_code_error").firstChild.nodeValue = "";
}
// submit the form if all entries are valid
if (isValid) {
$("email_form").submit();
}
}
window.onload = function () {
$("join_list").onclick = joinList;
$("email_address1").focus();
}
I am just wondering if there is a more simple and elegant way to do this using Visual Studio validation tools that run on the back end?
|
|
April 3rd, 2013, 11:02 AM
|
 |
Wrox Author
|
|
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
|
|
Nope, there's nothing out of the box in VS or .NET for this. You need to write your own or search the web for similar implementations already written by others.
Two comments: make sure you also validate at the server (using a CustomValidator), or consider using a DropDownList as it nicely limits the list of options as well.
This is getting a bit too off-topic for this forum category for my book. Would you mind posting questions like these that are not directly related to my book in a general category here: http://p2p.wrox.com/book-beginning-a...-4-5-c-vb-710/ This way, other people can contribute to and learn from the discussion as well.
Cheers,
Imar
|
|
April 3rd, 2013, 04:22 PM
|
|
Friend of Wrox
|
|
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
|
|
Okay while I have you here let me ask a follow up question.
So if you do a front end validation on your webform, if the user puts in incorrect information into a webform object and pushes the submit button, does that prevent the web form from being posted back the server or does it just post back the server anyway and then throw an validation error message to user after the post back?
|
|
April 3rd, 2013, 04:27 PM
|
|
Wrox Author
|
|
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
|
|
It depends. If you implement a client side validation function then yes, it will prevent the form from being submitted. If you only provide server side validation, then it requires a postback in order to be triggered.
Imar
|
|
April 3rd, 2013, 05:01 PM
|
|
Friend of Wrox
|
|
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
|
|
Okay then....
theoretically you can stop the user from posting any kind of malicious stuff on to the server by nipping it in the bud by validating on the front end? Is that not correct?
|
|
April 3rd, 2013, 05:43 PM
|
|
Wrox Author
|
|
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
|
|
>> Is that not correct?
No, it's not correct. As explained in the book, it's easy to bypass client side validation by disabling JavaScript or by crafting your own direct HTTP requests. Server side validation is the only real form of validation; client side is just a courtesy to the user.
Imar
|
|
|
|
button below this post to show your appreciation!
