Asp Forum
Home
|
Login
|
Register
|
Search
Forums
>
microsoft.public.dotnet.framework.aspnet.webcontrols
Help:CustomerValidator in user control
hb
1/24/2003 5:29:00 PM
Hi,
I made a user control "checkEvil.ascx" to serve as a customerValidator
for checking if the input text contains some SQL reserved key word
in order to prevent SQL injection attack. Since I have difficulty to
assign a value to the 'controltovalidate' attribute of the customerValidator
v1 in "checkEvil.ascx", I add a textBox in the user control.
The user control was used on the page "userCustomerValidator.aspx".
But, somehow, I have to click the button "Go" twice to get the user
control work.
You will find the source code below. Would you please help to figure
our the problem?
Thank you
hb
*source code:
=========
--------------
checkEvil.ascx
==============
<%@ Control Language="c#" AutoEventWireup="false"
Codebehind="checkEvil.ascx.cs"
Inherits="GoodMart.controls.checkEvil"
TargetSchema="
http://schemas.microsoft.com/intellisense/ie5&...
<asp:textbox id="t1" runat="server" visible="False" />
<asp:customvalidator id="v1" runat="server" display="Dynamic"
controltovalidate="t1" onservervalidate="CheckEvil" />
-----------------
checkEvil.ascx.cs
=================
namespace GoodMart.controls
{
using System;
using System.Web;
using System.Web.UI.WebControls;
public abstract class checkEvil : System.Web.UI.UserControl
{
protected System.Web.UI.WebControls.CustomValidator v1;
protected System.Web.UI.WebControls.TextBox t1;
public string textValue
{
get
{ return t1.Text; }
set
{ t1.Text=value; }
}
public void CheckEvil(object sender, ServerValidateEventArgs e)
{
string s=e.Value.ToLower();
if (!IsEvil(s))
{ e.IsValid=true; }
else
{
e.IsValid=false;
v1.Text="Sorry, the text is not acceptable";
}
}
public bool IsEvil(string s1)
{
string s=s1.ToLower();
bool b=false;
if (s.IndexOf("delete")!=-1)
{ b=true; }
if (s.IndexOf("drop")!=-1)
{ b=true; }
if (s.IndexOf("update")!=-1)
{ b=true; }
return b;
}
}
}
-----------------------------------------------
use of user control: userCustomerValidator.aspx
===============================================
<%@ Page language="c#" Codebehind="userCustomerValidator.aspx.cs"
AutoEventWireup="false" Inherits="GoodMart.test.userCustomerValidator" %>
<%@ Register TagPrefix="ge" TagName="checkevil"
Src="/controls/checkEvil.ascx" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html><head></head><body>
<form id="userCustomerValidator" method="post" runat="server">
<asp:textbox id="txtName" runat="server" />
<ge:checkevil id="vc" runat="server" />
<asp:button id="btnGo" runat="server" text="Go" />
<br>
<asp:label id="lblMsg" runat="server" />
</form>
</body></html>
-----------------------------
userCustomerValidator.aspx.cs
=============================
using System;
using System.Web.UI;
using System.Web.UI.WebControls;
using GoodMart.controls;
namespace GoodMart.test
{
public class userCustomerValidator : System.Web.UI.Page
{
protected System.Web.UI.WebControls.TextBox txtName;
protected System.Web.UI.WebControls.Button btnGo;
protected System.Web.UI.WebControls.Label lblMsg;
protected checkEvil vc;
private void btnGo_Click(object sender, System.EventArgs e)
{
vc.textValue=txtName.Text;
lblMsg.Text=txtName.Text;
}
private void InitializeComponent()
{
this.btnGo.Click += new System.EventHandler(this.btnGo_Click);
this.Load += new System.EventHandler(this.Page_Load);
}
}
}
Servizio di avviso nuovi messaggi
Ricevi direttamente nella tua mail i nuovi messaggi per
Help:CustomerValidator in user control
Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te
Il servizio è completamente GRATUITO!
x
Login to ForumsZone
Login with Google
Login with E-Mail & Password