Validating User Input in ASP.NET Part II

Posted on September 23, 2007 - Filed Under ASP.NET |

Common Aspects of Validation Controls

When using the validation controls you should consider several common factors. First, Using validation controls will not normally reduce network traffic. When you use validation controls, validation occurs both at the client as well as at the server. Why? One of the security risks inherent in depending entirely on client-side validation is that malicious users could create their own copy of your page, eliminate the client-side validation, and submit invalid or incorrect values to the business logic of your application. By providing both client- and server-side validation you have the following tw advantages:

1. Improved performance on most browsers (achieved by not requiring a roundtrip before discovering a blank field or incorrect entry).

2. Increased security and confidence that the values submitted to the application logic are within acceptable and, more importantly, expected ranges.

So how do these controls know when to generate a client-side code to improve performance or when to eliminate the client-side JavaScript to prevent incompatibility or errors during validation? Natively, these controls automatically detect the user’s browser and dynamically deliver JavaScript client-side code where it is appropriate and safe, and enforce server-side validation when the browser may not support client-side validation. However, you can force these controls to always or never use client-side validation with the following page directives:

<%@ Page ClientTarget = “DownLevel” %>

This will force the validation control to only do validation on the server whereas

<%@ Page ClientTarget = “UpLevel” %>

forces the controls to do both client-side and server-side validation of all posted values. Be aware that forcing the use of client-side script with the UpLevel directive will ensure that all browsers, even those that do not support JavaScript, will receive client-side validation. So, be careful in using these directives. Typically, you will be better off letting these controls do the browser sniffing for you.

Reference:  ASP.NET Database Programming Weekend Crash Course by Jason Butler and Tony Caudill

Comments

Leave a Reply

Name (required)

Email Address(required)

Website

• Recent Posts

  • Database, DBMS Principles, and the Relational Model
  • Learn more about Microsoft’s Licensing Programs
  • Dasol Sea Salt website developed by PS Ventures Philippines
  • ASP.NET for Clan Garments’ Website
  • A Message to the Graduates of 2008

• Categories

  • ASP.NET
  • Databases
  • Network Administration
  • Online Learning
  • Operating System
  • Personal Encounter
  • PHP
  • Programming Languages
  • Security
  • Site Statistics
  • Watching the World
  • Web Servers
  • What's New

• Links

  • Anti-Virus Online Scan. Free!
  • ASP.NET
  • Bit Defender Online Free Anti-Virus Scan
  • Blackle.com
  • blogsite.psvphil.com
  • Friendster.com
  • GMail
  • Google.com
  • GSIS Website
  • Inquirer.Net
  • Lycos Mail
  • Microsoft
  • MySQL
  • Pangasinan State University
  • Peralta-Santiago Ventures Philippines
  • Philippine Top Blogs
  • Philippine Top Blogs
  • PHP.net
  • PSU ICT Blog Site
  • PSU web mail
  • Singapore Call Center
  • Singapore Call Center
  • SundayPunch Blogs
  • The Author
  • Web Tools
  • Yahoo Mail
  • Yahoo.com
  • You Tube

• 
  

• Recent Comments

  • mayann on Memoir … bits of recovered information from the brain of a former Computer Science student
  • Website Design on Learn more about Microsoft’s Licensing Programs
  • aurelie on CSS and ASP.NET Master Page - an easy approach to create websites
  • Chris Ivey on CSS and ASP.NET Master Page - an easy approach to create websites
  • Batang_x on Simple ASP.NET User Login Accounts Maintenance Application

•  

  September 2007

  M	T	W	T	F	S	S
  				Oct »
  					1	2
  3	4	5	6	7	8	9
  10	11	12	13	14	15	16
  17	18	19	20	21	22	23
  24	25	26	27	28	29	30

• Archives

  • August 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007

• Meta

  • Register
  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org