I've got this code for signing up users:
public partial class signup : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
Response.Write(Request.Form["username"]+"SSS");
Page.Validate();
if (Request.Form["submit"] != null && Page.IsValid) {
register1();
}
}
public void register1()
{
string sql = "INSERT INTO [userinfo] ([username], [password], [email]) VALUES (N'" + Request.Form["username"] + "', N'" + Request.Form["password"] + "', N'" + Request.Form["email"] + "')";
Response.Write(sql);
Database.UpdateData(sql);
//Response.Redirect("Default.aspx");
}
It's filling my database with empty rows, I've tried simply printing Request.form and its coming up empty, I've got the names right, what going on?
Here is the html page:
<div class="grid_6">
<header class="grid_6 push_3 alpha">
<h2>הרשמה
</h2>
</header>
<!-- -->
<div class="grid_6 push_3 block alpha">
<div class="grid_6 form_block alpha omega">
<label>שם משתמש</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="text" id="username" name="username" required pattern="^\S{4,}$" runat="server" />
<span class="form_hint">שם משתמש צריך להכיל לפחות 4 תווים</span>
<asp:RegularExpressionValidator ID="valUsername" ControlToValidate="username" ValidationExpression="^\S{4,}$"
ValidationGroup="First" EnableClientScript="false" CssClass="form_hint" Style="display: inline;" ErrorMessage="שם משתמש צריך להכיל לפחות 4 תווים" runat="server" />
</div>
<div class="grid_6 alpha omega form_block">
<label>סיסמא</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="password" id="password" name="password" title="סיסמא צריכה להכיל לפחות 6 תווים" required pattern="^\S{6,}$" runat="server" />
<span class="form_hint">סיסמא צריכה להכיל לפחות 6 תווים</span>
<asp:RegularExpressionValidator ID="valPassword" ControlToValidate="password" ValidationExpression="^\S{6,}$"
ValidationGroup="First" EnableClientScript="false" CssClass="form_hint" Style="display: inline;" ErrorMessage="סיסמא צריכה להכיל לפחות 6 תווים" runat="server" />
</div>
<div class="grid_6 alpha omega form_block">
<label>וודא סיסמא</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="password" id="password2" required pattern="^\S{6,}$" runat="server" />
<span class="form_hint" id="pass2_hint">סיסמאות לא תואמות</span>
<asp:CompareValidator ID="valPasswords"
ControlToValidate="password" ControlToCompare="password2" Type="String"
ValidationGroup="First" EnableClientScript="false" CssClass="form_hint" Style="display:inline;" Text="סיסמאות לא תואמות"
runat="server" />
</div>
<div class="grid_6 alpha omega form_block">
<label>כתובת אימייל</label>
</div>
<div class="grid_6 form_block alpha omega">
<input id="email" name="email" type="text" required pattern="[^#]+#[^#]+\.[a-zA-Z]{2,6}" runat="server"/>
<span class="form_hint">התבנית התקינה לאימייל: test#test.com</span>
<asp:RegularExpressionValidator ID="valEmail" ControlToValidate="email" ValidationExpression="[^#]+#[^#]+\.[a-zA-Z]{2,6}"
ValidationGroup="First" EnableClientScript="false" CssClass="form_hint" Style="display:inline;" ErrorMessage="אימייל לא תקין" runat="server" />
</div>
<div class="grid_6 alpha omega form_block">
<label>וודא כתובת אימייל</label>
</div>
<div class="grid_6 form_block alpha omega">
<input id="email2" type="text" required pattern="[^#]+#[^#]+\.[a-zA-Z]{2,6}" runat="server"/>
<span class="form_hint" id="email2_hint">כתובות אימייל לא תואמות</span>
<asp:CompareValidator ID="valEmails"
ControlToValidate="email" ControlToCompare="email2" Type="String"
ValidationGroup="First" EnableClientScript="false" CssClass="form_hint" Style="display:inline;" Text="כתובות אימייל לא תואמות"
runat="server" />
</div>
<div class="grid_6 form_block alpha omega">
<input name="submit" type="submit" ValidationGroup="First" onclick="return validateForm()" value="שלח" />
</div>
</div>
</div>
<div class="grid_3 pull_6" id="ad">
</div>
Since the "accepted" answer provided no actual answer. This is what worked for me when I was researching an answer for myself.
when using runat="server" in an asp textbox try:
request.form(name.uniqueID)
I think you need a <form runat="server"> element wrapping your inputs.
Nevermind, problem solved, apparently when using inputs that have runat="server" attribute the method of access from the cs code is different.
Related
I have an asp.net webform that works excellent,but the visual studio detects a warning says that "The element is missing the tag name following the namespace".
It is about tag helper that i use wrong.I have added my code snippet below.
How can i fix that problem?
Thanks in advance.
My Code Snippet :
<body>
<asp: #using (Html.BeginForm("LoginControl", "Home", FormMethod.Post, new { #class = "form-horizontal", role = "form" })) />
<% { %>
<div class="container">
<div class="row" >
<div class="col-sm-6 col-md-4 col-md-offset-4" >
<div class="account-wall" style="background-color:darkgrey">
<img class="profile-img" src="images/Logo.png"
alt=""/>
<form class="form-signin" runat="server">
<input type="text" runat="server" class="form-control" id="UserName" placeholder="Kullanıcı Adı" required="required" autofocus="autofocus" />
<input type="password" runat="server" class="form-control" id="Password" placeholder="Şifre" required="required" />
<asp:button runat="server" ID="btnGiris" class="btn btn-lg btn-primary btn-block" type="submit" Text="Giriş Yap" OnClick="Unnamed1_Click"/>
<label>
<!-- <input type="checkbox" value="remember-me">
Remember me -->
</label>
<span class="clearfix"></span>
</form>
</div>
</div>
</div>
</div>
<% } %>
</body>
I'm trying to get the value of the radio button clicked but so far the value is null. The code below has a couple of things going on:
1) when the button is clicked it should move the radio buttons to the left.
2) I need to the get value of which radio button is clicked
The first part works but I can't get the second part. This is my code:
<script>
$(document).ready(function(){
$("#form1").click(function(){
$("#list_of_btns").animate({left: '-150px'});
});
});
</script>
//this is the form for radio button...it must be centered to middle of the page
<div id="list_of_btns" style="padding-top: 80px; position:fixed;">
<div class="row" style="position:fixed;">
<div class="col-md-8 col-md-offset-4" style="position:fixed;">
<div class="list-group" style="position:fixed;">
<form role="radio_button_form" style="position:fixed;">
<div class="radio">
<label><input type="radio" value="male" name="method">male</label>
</div>
<div class="radio">
<label><input type="radio" value="female" name="method">female</label>
</div>
</form>
</div>
</div>
</div>
</div>
//this is the enter button.
<div class="row" style="padding-top: 80px; position:relative;">
<div class="col-md-8 col-md-offset-16" style="position:relative;">
<form id="form1" runat="server" style="position:relative;">
<asp:LinkButton class="btn btn-info" ID="getStarted_btn" runat="server" OnClick="btn_clicked" Text="Enter" />
</form>
</div>
</div>
This is where I am trying to get value of the radio button, in my c# code:
public void btn_clicked (object sender, EventArgs args)
{
Console.Out.WriteLine ("sdsfdsfdfsdf");
if (Request.Form["method"] != null)
{
string selectedGender = Request.Form["method"].ToString();
Console.Out.WriteLine (selectedGender);
}
}
Does anybody have any idea on what I'm doing wrong or is there a better way in achieving this?
I have edited your code and this is working.Plz check
<body>
<form id="form1" runat="server" style="position: relative;">
<div id="list_of_btns" style="padding-top: 80px; position: fixed;">
<div class="row" style="position: absolute;">
<div class="col-md-8 col-md-offset-4" style="position: fixed;">
<div class="list-group" style="position: fixed;">
<div class="radio">
<label>
<input type="radio" value="male" name="method">male</label>
</div>
<div class="radio">
<label>
<input type="radio" value="female" name="method">female</label>
</div>
</div>
</div>
</div>
</div>
<div class="row" style="padding-top: 80px; position: relative;">
<div style="position: relative;">
<asp:LinkButton class="btn btn-info" ID="getStarted_btn" runat="server" OnClick="btn_clicked" Text="Enter" />
</div>
</div>
</form>
Enclose the whole content inside single Form..
I am working on a C#/.NET web app that use JQuery to implement its view and I am finding some problems using double value into input tag.
For example I have the following code snippet into my view:
<div class="ui-field-contain">
<label for="Test">Test:</label>
<input type="number" runat="server" id="Test" name="Test" min="0" max="10" step=".1" value="#Model.test" />
</div>
The value containet into the #Model.test model object field is 2.3 (I see it using the debugger) but into my input tag appear nothing.
I think that the problem could be related to the fact that JQuery use the comma to separate integer and decimal and instead it I have the . symbol.
Can you help me to resolve this issue?
EDIT 1: This is my entire view
#model DataModel.Vulnerability.Vuln
#{
ViewBag.Title = "Edit";
Layout = "~/Views/Shared/MasterPageMobile.cshtml";
}
<h2 style="float: right;">Published: #(Model.Published.Value.ToShortDateString())</h2>
<h2>Vulnerabilità: #Model.CVE</h2>
<style>
.mytabVuln {
width: 20% !important; /* 14.2% for 5 tabs wide */
clear: none !important; /* Prevent line break caused by ui-block-a */
}
</style>
<div id="MyTabs" data-role="tabs">
<div data-role="navbar">
<ul>
<li class="mytabVuln">General</li>
<li class="mytabVuln">Systems</li>
<li class="mytabVuln">Fixes/Solutions/Mitigating</li>
<li class="mytabVuln">Change Logs/References</li>
<li class="mytabVuln">OVALs</li>
</ul>
</div>
<!-- TAB-0: INFORMAZIONI GENERALI: -->
<div id="tab-0" class="ui-body ui-body-a">
#using (Html.BeginForm("Edit", "Vulnerability", FormMethod.Post))
{
#Html.AntiForgeryToken()
#Html.ValidationSummary(false)
<input type="hidden" name="Id" value="#Model.Id" />
<div class="ui-field-contain">
<label for="Title">Title:</label>
<input type="text" id="Title" name="Title" value="#Model.Title" data-clear-btn="true" />
</div>
<div class="ui-field-contain">
<label for="Test">Severity:</label>
<input type="number" id="Test" name="Test" min="0" max="10" step=".1" value="#Model.test" />
</div>
<div class="ui-field-contain">
<label for="BugTraqID">BugTraqID:</label>
<input type="number" id="BugTraqID" name="Title" min="0" step="1" value="#Model.BugTraqID" />
</div>
<div class="ui-field-contain">
<label for="StatusID">StatusID:</label>
<input type="number" id="StatusID" name="Title" min="0" max="10" step="0.1" value="#Model.StatusID" />
</div>
<div class="ui-field-contain">
<label for="Remote">Remote:</label>
<fieldset data-role="controlgroup" data-type="horizontal" data-mini="true">
<legend></legend>
<input name="Remote" id="radio-Remote-Yes" value="Yes" #(Model.Local == "Yes" ? "checked" : "") type="radio">
<label for="radio-Remote-Yes">Yes</label>
<input name="Remote" id="radio-Remote-No" value="No" #(Model.Local == "No" ? "checked" : "") type="radio">
<label for="radio-Remote-No">No</label>
<input name="Remote" id="radio-Remote-Null" value="NULL" #(Model.Local == "" ? "checked" : "") type="radio">
<label for="radio-Remote-Null">Null</label>
</fieldset>
</div>
<div class="ui-field-contain">
<label for="Local">Local:</label>
<fieldset data-role="controlgroup" data-type="horizontal" data-mini="true">
<legend></legend>
<input name="Local" id="radio-Local-Yes" value="Yes" #(Model.Local == "Yes" ? "checked" : "") type="radio">
<label for="radio-Local-Yes">Yes</label>
<input name="Local" id="radio-Local-No" value="No" #(Model.Local == "No" ? "checked" : "") type="radio">
<label for="radio-Local-No">No</label>
<input name="Local" id="radio-Local-Null" value="NULL" #(Model.Local == "" ? "checked" : "") type="radio">
<label for="radio-Local-Null">Null</label>
</fieldset>
</div>
<div class="ui-field-contain">
<label for="Credibility">Credibility:</label>
<input type="text" id="Credibility" name="Credibility" value="#Model.Credibility" />
</div>
<div class="ui-field-contain">
<label for="Classification">Classification:</label>
<input type="text" id="Classification" name="Classification" value="#Model.Classification" />
</div>
<div class="ui-field-contain">
<label for="Availability">Availability:</label>
<input type="text" id="Availability" name="Availability" value="#Model.Availability" />
</div>
<div class="ui-field-contain">
<label for="Ease">Ease:</label>
<input type="text" id="Ease" name="Ease" value="#Model.Ease" />
</div>
<div class="ui-field-contain">
<label for="Authentication">Authentication:</label>
<input type="text" id="Authentication" name="Authentication" value="#Model.Authentication" />
</div>
<h3 class="ui-bar ui-bar-a ui-corner-all">CVSS2</h3>
<div class="ui-body ui-body-a ui-corner-all">
<div data-role="fieldcontain">
<label for="slider">CVSS2_BaseScore:</label>
<input type="range" name="slider" id="slider" min="0" max="10" step=".1" value="#String.Format(new System.Globalization.CultureInfo("en-GB"), "{0:N1}", Model.CVSS2_BaseScore)" />
</div>
<div class="ui-field-contain">
<label for="CVSS2_TemporalScore">CVSS2_TemporalScore:</label>
<input type="text" id="CVSS2_TemporalScore" name="CVSS2_TemporalScore" value="#Model.CVSS2_TemporalScore" />
</div>
<div class="ui-field-contain">
<label for="CVSS2_BaseVector">CVSS2_BaseVector:</label>
<input type="text" id="CVSS2_BaseVector" name="CVSS2_BaseVector" value="#Model.CVSS2_BaseVector" />
</div>
<div class="ui-field-contain">
<label for="CVSS2_TemporalVector">CVSS2_TemporalVector:</label>
<input type="text" id="CVSS2_TemporalVector" name="CVSS2_TemporalVector" value="#Model.CVSS2_TemporalVector" />
</div>
<div class="ui-field-contain">
<label for="CVSS1_BaseScore">CVSS1_BaseScore:</label>
<input type="text" id="CVSS1_BaseScore" name="CVSS1_BaseScore" value="#Model.CVSS1_BaseScore" />
</div>
<div class="ui-field-contain">
<label for="CVSS1_TemporalScore">CVSS1_TemporalScore:</label>
<input type="text" id="CVSS1_TemporalScore" name="CVSS1_TemporalScore" value="#Model.CVSS1_TemporalScore" />
</div>
</div>
<h3 class="ui-bar ui-bar-a ui-corner-all">NVD CVSS2</h3>
<div class="ui-field-contain">
<label for="NVD_CVSS2_BaseScore">NVD_CVSS2_BaseScore:</label>
<input type="text" id="NVD_CVSS2_BaseScore" name="NVD_CVSS2_BaseScore" value="#Model.NVD_CVSS2_BaseScore" />
</div>
<div class="ui-field-contain">
<label for="NVD_CVSS2_ComponentString">NVD_CVSS2_ComponentString:</label>
<input type="text" id="NVD_CVSS2_ComponentString" name="NVD_CVSS2_ComponentString" value="#Model.NVD_CVSS2_ComponentString" />
</div>
<div class="ui-field-contain">
<label for="ImpactRating">ImpactRating:</label>
<input type="number" id="ImpactRating" name="ImpactRating" min="0" max="10" step="0.1" value="#Model.ImpactRating" />
</div>
<div class="ui-field-contain">
<label for="EaseofExploit">EaseofExploit:</label>
<input type="number" id="EaseofExploit" name="EaseofExploit" min="0" max="10" step="1" value="#Model.EaseofExploit" />
</div>
<div class="ui-field-contain">
<label for="UrgencyRating">UrgencyRating:</label>
<input type="number" id="UrgencyRating" name="UrgencyRating" min="0" max="10" step="0.1" value="#Model.UrgencyRating" />
</div>
<div class="ui-field-contain">
<label for="LastChange">LastChange:</label>
<textarea data-clear-btn="true" name="LastChange" id="LastChange" data-mini="true" data-inline="true" required="required" data-value="#Model.LastChange" placeholder = "Inserire qui il LastChange" rows="5" cols="40">#Model.LastChange</textarea>
</div>
<div class="ui-field-contain">
<label for="ShortSummary">ShortSummary:</label>
<textarea data-clear-btn="true" name="ShortSummary" id="ShortSummary" data-mini="true" data-inline="true" data-role="true" required="required" data-value="#Model.ShortSummary" placeholder = "Inserire qui lo ShortSummary" rows="5" cols="40">#Model.ShortSummary</textarea>
</div>
<div class="ui-field-contain">
<label for="Impact">Impact:</label>
<textarea data-clear-btn="true" name="Impact" id="Impact" data-mini="true" data-inline="true" required="required" data-value="#Model.Impact" placeholder = "Inserire qui l'Impact" rows="5" cols="40">#Model.Impact</textarea>
</div>
<div class="ui-field-contain">
<label for="TechnicalDescription">TechnicalDescription:</label>
<textarea data-clear-btn="true" name="TechnicalDescription" id="TechnicalDescription" data-mini="true" data-inline="true" required="required" data-value="#Model.TechnicalDescription" placeholder = "Inserire qui la TechnicalDescription" rows="5" cols="40">#Model.TechnicalDescription</textarea>
</div>
<div class="ui-field-contain">
<label for="AttackScenario">AttackScenario:</label>
<textarea data-clear-btn="true" name="AttackScenario" id="AttackScenario" data-mini="true" data-inline="true" required="required" data-value="#Model.AttackScenario" placeholder = "Inserire qui l'AttackScenario" rows="5" cols="40">#Model.AttackScenario</textarea>
</div>
<div class="ui-field-contain">
<label for="Exploit">Exploit:</label>
<textarea data-clear-btn="true" name="Exploit" id="Exploit" data-mini="true" data-inline="true" required="required" data-value="#Model.Exploit" placeholder = "Inserire qui l'Exploit" rows="5" cols="40">#Model.Exploit</textarea>
</div>
<div class="ui-field-contain">
<label for="Credit">Credit:</label>
<textarea data-clear-btn="true" name="Credit" id="Credit" data-mini="true" data-inline="true" required="required" data-value="#Model.Credit" placeholder = "Inserire qui i Credit" rows="5" cols="40">#Model.Credit</textarea>
</div>
<div class="ui-field-contain">
<label for="URL">URL:</label>
<input type="url" id="URL" name="URL" value="#Model.URL" />
</div>
<div class="ui-field-contain">
<label for="AlertStatusId">AlertStatusId:</label>
<input type="number" id="AlertStatusId" name="AlertStatusId" min="0" max="10" step="1" value="#Model.AlertStatusId" />
</div>
<div class="ui-field-contain">
<label for="Type">Type:</label>
<input type="number" id="Type" name="AlertStatusId" min="0" step="1" value="#Model.Type" />
</div>
<div class="ui-field-contain">
<label for="DetailLevel">DetailLevel:</label>
<input type="number" id="DetailLevel" name="DetailLevel" min="-1" step="1" value="#Model.DetailLevel" />
</div>
<div class="ui-field-contain">
<label for="Language">Language:</label>
<input type="number" id="Language" name="Language" min="-1" step="1" value="#Model.Language" />
</div>
<div data-role="controlgrup" data-type="horizontal">
Annulla
<input type="submit" value="Salva" data-inline="true" data-mini="true" />
</div>
}
</div>
<!-- /tab-0 -->
Given the test that we did in the comments, the following should solve the problem:
#Html.TextBoxFor(mdl => mdl.test, new { #id="Test", #min="0", #max="10", #step="0.1" })
I want to Show() and Hide() the display with respect to the click of the radiobuttonlist.
I have set an attribute keep-customization="1" which is set in table tag.
Code which i wrote is:
$("keep-customization").change(function () {
if ($(this).is(":checked").val() == "")
{
example(".textgrid").has("input[keep-current-customization='false']").show();
}
else {
example(".textgrid").has("input[keep-current-customization='false']").hide();
}
});
my Source that looks on the page for the radiobuttonlist is:
Keep Your Current Phone Number (Required)
<div class="desc">
Will you be keeping your current phone number?</div>
<br />
<div class="textgrid">
<div class="feildset1">
<span id="rptCustomization_rptItems_6_ctl00_0" style="display:none;"><strong style="color:Red;">Required.</strong></span><table id="rptCustomization_rptItems_6_ctrl_0" keep-customization="1">
<tr>
<td><input id="rptCustomization_rptItems_6_ctrl_0_0_0" type="radio" name="rptCustomization$ctl06$rptItems$ctl00$ctrl" value="43" /><label for="rptCustomization_rptItems_6_ctrl_0_0_0">Y</label></td>
</tr><tr>
<td><input id="rptCustomization_rptItems_6_ctrl_0_1_0" type="radio" name="rptCustomization$ctl06$rptItems$ctl00$ctrl" value="44" /><label for="rptCustomization_rptItems_6_ctrl_0_1_0">N</label></td>
</tr>
</table>
<br />
</div>
</div>
The div that will show and hide respective on the change of the radiobuttonlist is:
<div class="textgrid">
<div class="feildset1">
Account holders name on your current phone bill?: </br><input name="rptCustomization$ctl07$rptItems$ctl00$ctrl" type="text" maxlength="100" id="rptCustomization_rptItems_7_ctrl_0" keep-current-customization="false" /></br>
<br />
</div>
</div>
<div class="textgrid">
<div class="feildset1">
Current phone company you have?: </br><input name="rptCustomization$ctl07$rptItems$ctl01$ctrl" type="text" maxlength="100" id="rptCustomization_rptItems_7_ctrl_1" keep-current-customization="false" /></br>
<br />
</div>
</div>
<div class="textgrid">
<div class="feildset1">
What is the account # with your current provider?: </br><input name="rptCustomization$ctl07$rptItems$ctl02$ctrl" type="text" maxlength="100" id="rptCustomization_rptItems_7_ctrl_2" keep-current-customization="false" /></br>
<br />
</div>
</div>
<div class="textgrid">
<div class="feildset1">
What is the PIN/access code for current provider?: </br><input name="rptCustomization$ctl07$rptItems$ctl03$ctrl" type="text" maxlength="100" id="rptCustomization_rptItems_7_ctrl_3" keep-current-customization="false" /></br>
<br />
</div>
</div>
<div class="textgrid">
<div class="feildset1">
What are the two nearest cross streets?: </br><input name="rptCustomization$ctl07$rptItems$ctl04$ctrl" type="text" maxlength="100" id="rptCustomization_rptItems_7_ctrl_4" keep-current-customization="false" /></br>
<br />
</div>
</div>
You cannot create your own html attributes like "keep-customization". Also you cannot handle change event of table because it doesn't exist.
Try to change it for the class. And bind event to radio buttons.
Currently I have a website with a simple signup form in html, this is the code:
<div class="grid_6 push_3 block alpha">
<div class="grid_6 form_block alpha omega">
<label>שם משתמש</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="text" id="username" name="username" pattern="^\S{4,}$" required />
</div>
<div class="grid_6 alpha omega form_block">
<label>סיסמא</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="password" id="password" name="password" pattern="^\S{6,}$" required title="סיסמא צריכה להכיל לפחות 6 תווים" />
</div>
<div class="grid_6 alpha omega form_block">
<label>וודא סיסמא</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="password" id="password2" pattern="^\S{6,}$" required />
</div>
<div class="grid_6 alpha omega form_block">
<label>כתובת אימייל</label>
</div>
<div class="grid_6 form_block alpha omega">
<input id="email" name="email" type="email" required pattern="[^#]+#[^#]+\.[a-zA-Z]{2,6}" />
</div>
<div class="grid_6 alpha omega form_block">
<label>וודא כתובת אימייל</label>
</div>
<div class="grid_6 form_block alpha omega">
<input type="email" id="email2" required pattern="[^#]+#[^#]+\.[a-zA-Z]{2,6}" />
</div>
<div class="grid_6 form_block alpha omega">
<input name="submit" type="submit" onclick="return validateForm()" value="שלח" />
</div>
</div>
(Its actually being wrapped in tags from the master page, this is the master:
<%# Master Language="C#" AutoEventWireup="true" CodeFile="MasterPage.master.cs" Inherits="MasterPage" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
<link href="css/reset.css" rel="stylesheet" />
<link href="css/text.css" rel="stylesheet" />
<link href="css/963_9_10_10.css" rel="stylesheet" />
<link href="css/style.css" rel="stylesheet" />
<asp:ContentPlaceHolder ID="head" runat="server">
</asp:ContentPlaceHolder>
</head>
<body dir="rtl">
<form runat="server">
<div class="container_9">
<div class="header grid_9">
<h1>סיכומים.נט</h1>
</div>
<!-- END HEADER -->
<nav>
<ul class="clearfix grid_6 push_3">
<li class="grid_1 alpha literature">ספרות</li>
<li class="grid_1 language">לשון</li>
<li class="grid_1 civics">אזרחות</li>
<li class="grid_1 history">היסטוריה</li>
<li class="grid_1 bible">תנך</li>
<li class="grid_1 omega english">אנגלית</li>
</ul>
</nav>
<div class="grid_3 pull_6" id="search">
<input type="text" id="search_box" placeholder="הקלד מילות חיפוש"/>
<input type="submit" value="חפש" id="search_button"/>
</div>
<asp:ContentPlaceHolder ID="ContentPlaceHolder1" runat="server">
</asp:ContentPlaceHolder>
<footer class="grid_9">
2013 © כל הזכויות שמורות לסיכומים.נט
</footer>
</div>
<!-- END CONTAINER -->
</form>
</body>
</html>
I also have a signup.aspx.cs file that inserts the signup information into the database as follows:
public partial class signup : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Form["submit"] != null) {
register1();
}
}
public void register1()
{
string sql = "INSERT INTO [userinfo] ([username], [password], [email]) VALUES (N'" + Request.Form["username"] + "', N'" + Request.Form["password"] + "', N'" + Request.Form["email"] + "')";
Database.UpdateData(sql);
}
}
I think i'm doing everything right so far (I'm a beginner in anything beyond html/css) but correct me if I've made any errors.
What I want to do now is validate my form input server-side before I insert it into my database. I want to check that it obeys all my rules, char-lengths, matching fields and so forth - and also that the username/email isn't taken already.
I'm currently doing some basic javascript validation but I understand that isn't sufficient security wise.
an explanation (as simple as possible) as to what I have to go about doing now, would be great. Ideally i would like to return to the signup page and list the errors at the top of the form in a customizable way.
thanks
The RegularExpressionValidator and CompareValidator are going to be your friends here.
For example:
<asp:RegularExpressionValidator id="valEmail" ControlToValidate="email"
ValidationExpression="[^#]+#[^#]+\.[a-zA-Z]{2,6}"
EnableClientScript="false" ErrorMessage="The email is invalid!"
runat="server" />
And:
<asp:CompareValidator id="valEmails"
ControlToValidate="email" ControlToCompare="email2" Type="String"
EnableClientScript="false" Text="The email addresses must match!"
runat="server" />
Optionally, you can wrap them all neatly in a ValidationSummary control.
Finally, check Page.IsValid in your codebehind.
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Form["submit"] != null && Page.IsValid)
{
register1();
}
}
You can read about the other validation controls here.
Finally, fix your SQL so it's not vulnerable to SQL Injection:
string sql = "INSERT INTO [userinfo] ([username], [password], [email]) VALUES (N'" + Request.Form["username"].Replace("'","''") + "', N'" + Request.Form["password"].Replace("'","''") + "', N'" + Request.Form["email"].Replace("'","''") + "')";
You may want to use Asp.net server validation controls and Validation Summary Control
By using this control you can be sure that all rules will be followed. You can check it server side by using
if(page.IsValid)
{
//Code goes here
}