Introduction: In previous articles i explained the Difference between Delete and Truncate in sql server
and Difference between Response.Redirect and Server.Transfer in asp.net and main differences between Stored procedures and Functions in Sql Server are most important interview questions.
Similarly Difference between Page.Isvalid and Page.Validate is also important ASP.Net interview question. When we create a web form for taking user input e.g. login form or contact us form in asp.net we have to validate the user input before submitting to server so that only validated data could be submitted to server.
******************** END *******************
and Difference between Response.Redirect and Server.Transfer in asp.net and main differences between Stored procedures and Functions in Sql Server are most important interview questions.
Similarly Difference between Page.Isvalid and Page.Validate is also important ASP.Net interview question. When we create a web form for taking user input e.g. login form or contact us form in asp.net we have to validate the user input before submitting to server so that only validated data could be submitted to server.
We can apply client side validations through Validation controls provided by Visual Studio such as RequiredFieldValidator , RangeValidator, CompareValidator, RegularExpressionValidator, CustomValidator etc.
After validating we may thing that we have built a secure application but a hacker could disable JavaScript and bypass all our validators ! This is where the Page.Validate() method and more importantly, the Page.IsValid property come in.
Page.IsValid is a property to check whether page validation succeeded or not
The Page.Validate() method is fired automatically by controls that have the CausesValidation property set to true. Note that the Button control’s CausesValidation property is true by default.
We should check this property only after calling the Page. Validate () method, or set the CausesValidation property to true which is by default true for button control.
Implementation: Let’s check by an example
- Place two TextBox control for username and Password, a Button control for Login button and two RequiredFieldValidator for validating username and password whether username and password entered or not.
<table>
<tr>
<td>
User Name</td>
<td>
<asp:TextBox ID="txtUserName" runat="server"></asp:TextBox>
<asp:RequiredFieldValidator ID="rfvUserName" runat="server"
ControlToValidate="txtUserName"ErrorMessage="Please enter username"
ForeColor="#FF3300" SetFocusOnError="True"></asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td>
Password</td>
<td>
<asp:TextBox ID="txtPwd" runat="server"></asp:TextBox>
<asp:RequiredFieldValidator ID="rfvPwd" runat="server"
ControlToValidate="txtPwd"ErrorMessage="Please enter password"
ForeColor="#FF3300" SetFocusOnError="True"></asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td>
</td>
<td>
<asp:Button ID="btnLogin" runat="server" Text="Login"
onclick="btnLogin_Click" />
</td>
</tr>
</table>
C#.NET Code
protected void btnLogin_Click(objectsender, EventArgs e)
{
Page.Validate(); //optional here because it is required only if buttons's CausesValidation property is set to false but it is true by default
if (!Page.IsValid)
{
return;
}
//write your login code here
}
VB.NET Code
Protected Sub btnLogin_Click(ByValsender As Object, ByVal e AsSystem.EventArgs) HandlesbtnLogin.Click
Page.Validate() 'optional here because it is required only if buttons's CausesValidation property is set to false but it is true by default
If Not Page.IsValid Then
Return
End If
'Write your login code here
End Sub
Note: If we don’t check for Page.IsVaid property then hackers can disable JavaScript from the browser and bypass our validation and submit the form which we don’t want to. So it is recommended to check Page.IsValid before submitting to server.******************** END *******************
No comments:
Post a Comment