Improved Input Validation - The Number Game
(Page 4 of 9 )
Now that you know how it all works, let's look at a practical example of how you can put this knowledge to good use. Consider the following example, which displays an HTML form asking the user for credit card and email information to complete a purchase.
<%@ Page Language="C#" %>
<html>
<head>
<title>Credit Card Information</title>
<basefont face="Arial">
</head>
<body>
<div align="center">
<h2>Credit Card Information</h2>
<form runat="server" method="POST" >
<!-- credit card number -->
<asp:label id="lblcc_num" runat="server" text="Credit Card Number: " />
<asp:textbox id="cc_num" runat="server" ></asp:textbox><br/>
<asp:RequiredFieldValidator id="cc_numRFV" ControlToValidate="cc_num" ErrorMessage="Please enter your credit card number!" runat="server" Display="dynamic" EnableClientScript="false"/>
<asp:RegularExpressionValidator id="cc_numREV" runat="server" ControlToValidate="cc_num" ErrorMessage="Please enter the correct credit card number [XXXX-XXXX-XXXX-XXXX]" ValidationExpression="[0-9]{4}-[0-9]{4}-[0-9]{4}-[0-9]{4}"
display="dynamic" EnableClientScript="false"/><br/>
<!-- credit card type -->
<asp:label id="lblcc_type" runat="server" text="Credit Card Type [Mastercard/VISA]:" />
<asp:textbox id="cc_type" runat="server">
</asp:textbox><br/>
<asp:RequiredFieldValidator id="cc_typeRFV" ControlToValidate="cc_type"
ErrorMessage="Please select your credit card type!" runat="server" Display="dynamic" EnableClientScript="false"/>
<asp:RegularExpressionValidator id="cc_typeREV" runat="server" ControlToValidate="cc_type" ErrorMessage="Please select Mastercard or a VISA!" ValidationExpression="Mastercard|VISA" display="dynamic" EnableClientScript="false"/><br/>
<!-- Credit Card Date of Expiry -->
<asp:label id="lblcc_doe" runat="server" text="Credit Card Date of
Expiry: " />
<asp:textbox id="cc_doe" runat="server" >
</asp:textbox><br/>
<asp:RequiredFieldValidator id="cc_doeRFV" ControlToValidate="cc_doe" ErrorMessage="Please enter the credit card date of expiry!" runat="server" Display="dynamic" EnableClientScript="false"/>
<asp:RegularExpressionValidator id="cc_doeREV" runat="server" ControlToValidate="cc_doe" ErrorMessage="Please enter the correct date of expiry [MM/YYYY]" ValidationExpression="^([0][1-9]|[1][1-2])/20(0[3-9]|10)$"
display="dynamic" EnableClientScript="false"/><br/>
<!-- PIN code of card billing address -->
<asp:label id="lblcc_pin" runat="server" text="PIN code of card billing address:" />
<asp:textbox id="cc_pin" runat="server" >
</asp:textbox><br/>
<asp:RequiredFieldValidator id="cc_pinRFV" ControlToValidate="cc_pin" ErrorMessage="Please enter the PIN code!" runat="server" Display="dynamic" EnableClientScript="false"/>
<asp:RegularExpressionValidator id="cc_pinREV" runat="server" ControlToValidate="cc_pin" ErrorMessage="Please enter a correct PIN code (five digits or more)" ValidationExpression="^[0-9]{5,}$"
display="dynamic" EnableClientScript="false"/><br/>
<!-- Email Address -->
<asp:label id="lblcc_email" runat="server" text="Email Address: " />
<asp:textbox id="cc_email" runat="server" >
</asp:textbox><br/>
<asp:RequiredFieldValidator id="cc_emailRFV" ControlToValidate="cc_email" ErrorMessage="Please enter your Email Address!" runat="server" Display="dynamic" EnableClientScript="false"/>
<asp:RegularExpressionValidator id="cc_emailREV" runat="server" ControlToValidate="cc_email" ErrorMessage="Please enter a valid email address!" ValidationExpression="^([a-zA-Z0-9])+([.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+
(.[
a-zA-Z0-9_-]+)+" display="dynamic" EnableClientScript="false"/><br/>
<asp:button id="Submit" Text="Submit" runat="server"/>
</form>
</body>
</html>
You'll notice, in the example above, that I've used numerous regular expressions to verify that the data being entered into the form by the user is of the correct format. This type of input validation is extremely important on the Web, to ensure that the data you receive is accurate, and in the correct format.
Next: Custom Craft >>
More ASP.NET Articles
More By Harish Kamath (c) Melonfire
/ 15 
