I would like to know what is the best practice on separating the content of an aspx page (ASP.NET 3.5) from the code (I'm using C#). I have a form that users can type data in - for example they are allowed to enter a percent. If they enter data that's not valid they would get an error message:
<p class="errormsg" id="percenthigh">Please enter a percent below 100</p>
<p class="errormsg" id="percentnegative">Percent cannot be below 0</p>
<p class="errormsg" id="percentnot">This is not a percent</p>
So in essence I'm hiding the error messages and showing one depending on what the user input is.
I believe this is the best way to seperate the content from the code behind. However, how do I select elements and hide/unhide them depending on the user input? I'm aware I can do a runat="server" on the elements but the problem is that I can't select by class and am limited only to ID's.
What workarounds do you recommend? Aside from putting in the values in code behind which is notoriously difficult to debug.
Also has this been "fixed" in ASP.NET 4? And I'm interested in doing this only via C#/ASP.NET as some people have JavaScript disabled. This means that I would have to check errors on both client side and server side.
Use an ASP.Net Validation control for this. That will take care of the wiring in the code for you. You use a different Validation control for each of the paragraph tags in your question.
You should take a look to asp net validators. In most of the cases these are good enough.
If ASP NET validators are not suitable for any reason you could check a jQuery solution like this one
In any case, I'd recommend you to avoid spending time solving problems already solved in many different (good) ways.
Selectionm should be by ID when you want unique elements, ID should be unique across all of your elements. Class is used like a type in HTML, and is generally used for styling.
Also, text in asp.net projects should be saved in resource files. This allows easy changing of languages.
Related
What is this thing called? I was hoping I could use something similar drop down as a "log in" box instead of having a whole page for logging in (which would contain text boxes and buttons).
Regarding the actual element circled, this is simply an enhanced client-side tooltip to display messages to the user. This one in particular looks like it relies on the jQuery UI library.
That's generally going to be generated by the built-in jQuery validation that comes standard in some of the ASP.NET related templates. It uses a bit of client-side code to let the user know if what they are typing in is valid or not.
In reality, this is simply a just a form that will handle posting your information to the server and then routing the user to the appropriate location (and it could be handled with just a bit of HTML).
I am fairly new to asp.net so this may seem like a stupid question, but:
I am attempting to modify a pre-exsiting help menu in a web-app.
In this menu the previous developer, just used three literals seperated by paragraphs and a button linking to a 100 page manual. (i know doesn't seem to be much help, hence why i was planning to update and fix this)
What i had in mind was setting something up like a menu that would link to the different section of the page when the title is clicked.
So something along these lines:
<h1>Menu Contents</h1>
<ol>
<li>section1</li>
<li>section2</li>
<li>etc</li>
</ol>
After the contents section i would have the first section with it's details.
What i am wondering is why would i use asp-literals over just sticking to html?
So basically i would like to know what are the benefits or reasons for using asp literals and i guess when is it that i should use them?
I've attempted to find the solution to this on my own, but the only related matters i have been able to find have to deal with people arguing whether literals or labels are the best option so it's not entirely helpful.
Any help or suggestions are greatly appreciated.
Thanks.
You generally use literals if you want to be able to control the text you display programmatically. Say your page has a way to edit the section titles of your manual, for instance. Or say your manual is in multiple languages and you want the user to be able to set her language and see the section titles displayed in that language.
In your case, by what you're saying, I infer none of this applies and your manual is quite static. In that case I would stick to simple HTML.
Maybe it's been done that way so it would allow the links to be built dynamically, something like:
litMenuItem1.Text = "section1";
thus giving full control over the output? There are better ways to do that however.
I have a .net c# web application that allows users to purchase products.
My site has a payment page, with input fields etc.
I have had some attacks recently via bots automating the submit of payments just to validate credit card authorization.
So I need to change my page so that bots cant do this. So I am looking at advice as to do this? I have started by changing the field names so that they are different each time to page loads, via a hash. Any other tips?
CAPTCHA will help to stop this. It will require the user to complete a validation check before the page will go through. Here is a sample implementation of how CAPTCHA can be implemented in ASP.Net
A "captcha" is the standard way of preventing bot submitted forms. Recaptcha is free, works well and is actually helping to scan books through its use.
I tried the following approach once and it gave me good results.
In short the idea is to create an invisible field, name it so that the robot could easily understand it and, on the server side, check the value of this field. If it is populated, than it was definitely a robot and you can safely ignore this request.
For example:
Rename your FirstName field to, say, EmanTsrif.
Add another field <input id="FirstName" class="trap_for_robots">.
Define css class trap_for_robots: {display: none} (preferable in a standalone .css file - don't use style="display:none"!).
In your codebehind check if (FirstName.Text != "") { //do nothing, log something }.
I can understand that you are trying to find a solution which does not involve human interaction in order to keep the user experience as good as possible.
Since the evil-doers are using your site to check credit card validity you are probably dealing with a more targeted misuse of your resources as opposed to common blocking scenarios for automated processes, like comment spam bots and alike. Depending on how valuable "your service" is to the people who are exploiting your website, locking them out without requiring human interaction might only work until they figured out what you changed.
Alternating field names aren't going to stop them from populating the fields by order of appearance on your site, for example.
Solutions like having javascript populate a hidden form field are only good as long the bot does not speak javascript.
I would suggest to use all the techniques found when searching for captcha alternatives and use the methods in random combinations for each request - then hope that another site is less secured so they start using a different site to get what they need.
If all doesn't help you can still use a solution that involves human interaction.
Ajax control kit has a "NoBot" control you can use.
http://www.asp.net/ajax/ajaxcontroltoolkit/samples/NoBot/NoBot.aspx
Have look on this wikipedia article , read the "Technical measures to stop bots" section, it gives a number of measures to stop bots.
A similar question was asked here in storing information in a given html element.
I'm still green to jQuery, but I'm looking for the best way to store information on the page. I have a Repeater that holds one image per item. These images are clickable and can fire a given jQuery event. The issue I'm having is, the objects that the Repeater is bound to holds some specific information(such as "Subtext", "LargerImage", etc) which I would like to be accessible from the page.
Core/Data in jQuery accomplishes this just fine, however we would still need to build the jQuery statement from C#, as all the data is stored on the server. To clarify a bit, this is storing information on the page from a database, which is a bit different than arbitrary information being made available through jQuery.
I'm not restricting this question to "how to bind a custom attribute to an element", because I did come across an idea of generating a JS Struct from the C# codebehind to store information, but I'm avoiding any code generating code scenarios(or trying to).
Custom Attributes from HTML5(ie, "data-subtext") are also a possibility as I can easily add those from the itemdatabound event:
sampleImageElement.Attributes.Add("data-subtext", "And this what the image is about");
I'm a bit confused on browser support for this specific attribute though, or if it is even best practice so early in the game. If custom attributes are the way to go, that's an easy change to make happen. If jQuery can accomplish the same, I'd love to be pointed that way at least for my own understanding.
Any thoughts are greatly appreciated.
I'm answering this question only for the record keeping purposes of stackoverflow, as this is the solution I've moved forward with for this scenario. An AJAX call is completely warranted for any larger datasets and is a direction I would definitely go otherwise.
I went ahead with the "data-" field in the HTML5 spec, provided by the jQuery meta-data plugin.
I'm wrote a short extension method on the Web.UI.AttributeCollection class called "AddMetaData", which accepts an IList as well as a string "Key" to ease the attachment to a given page element.
I'm not marking this as the answer just yet, as there might be some community feedback on my own direction.
To clarify what happens in ASP.NET, once the page is served to the client, the objects that the Repeater is bound to on the server are destroyed and are then recreated upon each page postback.
It sounds like you want to achieve some kind of tooltip effect where the contents are retrieved from the server through AJAX? There are numerous different tooltip options available
jQuery Tooltip plugin
Random.Next()'s jQuery AJAX tooltip
dhtml goodies AJAX tooltip
clueTip
that can be used to do this. You could then set up a webservice or page method to retrieve the relevant data from your datasource.
Of course, you could have the content rendered in the HTML sent to the client when the request is processed and simply hide this markup. Then write your own plugin to display the markup in the form you require.
I realize this is probably a fundamental thing I should know but I am self-teaching myself C# and asp.net so I am a little lost at this point.
I right now have 2 pages. One is an .aspx (with aspx.cs file included) that is blank and html is generated for it from a Page_Load function in the cs file. The HTML is very simple and it is just an image and some text.
The second file is a shtml file which has lots of things, serverside includes, editable and noneditable areas. I want to put my webapp into this file. My asp.net app uses Response.Write to just write out the html. This does not flow well with this page as all that does is write it at the top of the page which is because it is ran first and generates it at the top.
How can I make it to where I can generate HTML code inside the page, like within a specific DIV so it does not mess up the page. Where would a starting point be in learning how to do that.
I should note that I do not need any interaction from the user. All of this should generate right away.
I think you need to read up on some basic ASP.Net documentation and tutorials. Response.Write is not the correct approach - you need to understand how the ASP.Net page lifecycle works and how WebControls are used to render the html.
ASP.Net tries to abstract away having to create your html manually for the most part.
So if i have understood the questions correctly.
You already have an existing page/application (the shtml file) that you want to extend with some new ASP.NET components by including output from the ASP.NET page in the existing page?
This is as not something that is out of the box "supported" by ASP.NET and you "won't" be able to execute the aspx page using SSI. But you can do the opposite, an ASP.NET page does support SSI. So if you are not using any other scripts in the shtml file this might be a solution.
Otherwise the only common solutions would be either to use an AJAX framework and let it call the ASP.NET from within the existing pages or to use an iframe solution. In both cases the client will be resposible for making the calls to the ASP.NET pages and merging the results.
And then you have a issue with controlling the output from the ASP.NET page?
The Polymorphic Podcast has a good article on Controlling HTML in ASP.NET WebForms .
You can add a Literal control to the page inside the div:
<div>
<asp:Literal ID="litMarkup" runat=server />
</div>
then in your code-behind:
litMarkup.Text = "<strong>Your markup</strong>";
I don't know how well this would work for you, but could you try using an iframe to house the ASP.NET page? This should keep it in the specified region and not overwriting your shtml file. It may be something to think about.
If it is necessary that you generate your HTML output from C# code, and you would use this in more than one place, I think you may be thinking of something like what are called ASP.NET Custom Controls (not to be confused with "User Controls"-- though you probably could put together a solution with those as well, using a Literal control as another person suggested). The MSDN documentation would be a good starting point. In general, though, the writing-out-HTML-yourself-from-code model (like you would with, say, CGI applications), is not the usual ASP.NET model of development, as it largely defeats the point of using ASP.NET at all. You'd mostly want to do this sort of thing if you are writing your own web control, though this might be exactly what you are doing (hard to tell from the description).