Input Validation With ASP.NET, Part 1 - A Comparative Study
(Page 6 of 6 )
ASP.NET comes with a very cool CompareValidator control, which lets you compare the value of a control with a constant value or that of another control. Consider the following example:
<%@ Page Language="C#" %>
<html>
<head>
<basefont face="Arial">
</head>
<body>
<form runat="server" method="POST" >
<asp:label id="lblPassword1" runat="server" text="Your Password?" />
<asp:textbox id="strPassword1" runat="server" />
<p>
<asp:label id="lblPassword2" runat="server" text="Please re-enter" />
<asp:textbox id="strPassword2" runat="server" />
<p>
<asp:CompareValidator id="strPasswordCV" ControlToValidate="strPassword2"
ErrorMessage="Please re-enter your password correctly!"
ControlToCompare="strPassword1" runat="server" />
<p>
<asp:button id="Submit" Text="Order" runat="server"/>
</form>
</body>
</html>
All the magic here happens with the CompareValidator control. Here are the important lines:
<%
<asp:label id="lblPassword1" runat="server" text="Your Password?" />
<asp:textbox id="strPassword1" runat="server" />
<asp:label id="lblPassword2" runat="server" text="Please re-enter" />
<asp:textbox id="strPassword2" runat="server" />
<asp:CompareValidator id="strPasswordCV" ControlToValidate="strPassword2"
ErrorMessage="Please re-enter your password correctly!"
ControlToCompare="strPassword1" runat="server" />
%>
Apart from the standard "ControlToValidate" and "ErrorMessage" attributes, the CompareValidator control comes with a "ValueToCompare" attribute; this is used to specify a constant value against which the value entered by the user will be compared. It's pretty easy to understand, once you know what to look for.
And that's about it for this first segment. I started this article with a brief introduction to the importance of input validation, especially in the context of a Web-based application, and a quick overview of the types of validation controls built into ASP.NET. This was followed by an introduction to the RequiredFieldValidator control, used to force input into a specific form field. The wide range of attributes accompanying this (and other) Validator controls allows you to control the display and formatting of the error messages; these attributes were discussed at length, together with an illustration of a truly hideous error message.
With the basics out of the way, I moved on to the RangeValidator control, showing you how it can be used to restrict the datatype and allowed range of values for a field. I also showed you the CompareValidator control, which allows you to compare the value of the target control with a static value or another server control on the page, and illustrated it with a very common Web application: password reconfirmation.
In the second, and concluding, segment of this tutorial, I'll be explaining how you can perform more sophisticated input validation, with the remaining two Validator controls, the RegularExpressionValidator control and the CustomValidator control. These two controls are not as simple as the ones you've just seen, so you'll need to have all your wits about you when we start in on them. Additionally, I'll also demonstrate how you can display a summary of input validation errors to the user instead of displaying errors as they occur on a per-control basis.
Until next time, be good, and keep practicing!
Note: Examples are illustrative only, and are not meant for a production environment. Melonfire provides no warranties or support for the source code described in this article.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
/ 38 
