No matter what application system, its most essential function and purpose is to process data. In this way, data security becomes a very important topic in the system design, and some insecure data is submitted (such as SQL injection, data type, or inappropriate data range) this often leads to incorrect system computing results, paralysis, and even crash!
Therefore, this requires that the legitimacy of data must be verified when designing the system data entry and submission functions to ensure clean and accurate data flow into the system.
Anyone with web development experience knows that Javascript script verification is the most used for data input legality verification. This method is used to verify the validity of data input in the form field of a webpage using a JS script. If the input is incorrect, the data submission operation is terminated. This verification method does not occupy server resources and can ensure its performance. However, once the user disables the browser's Js script. Or, for an attacker proficient in this field, these methods are vulnerable (I can forge a page with only form fields, without JS verification scripts, and easily deal with them through high-tech (firebug ).
In the face of this situation, most developers began to use server-side verification methods. Although the server-side verification method is more secure for JS scripts, it will allow you to write a lot of verificationCode. No matter the amount of code or the consumption of server resources, too many verification logic is not ideal. Therefore, the data entry control on pages in ASPnet is. After the verification control is bound to the input control, the verification control automatically performs dual verification between the client and the server. What we do is to set the data verification rules in the verification space, and Related prompts. If the data entered on the corresponding page is blank, the type is incorrect, or the verification rules are not followed, the verification control completely terminates the page and returns the corresponding verification prompt.
Verify the control type
ASP. NET provides a total of six verification controls, such as the range check and pattern matching.
| Requiredfieldvalidator | Non-empty Verification |
| Rangevalidataor | The user checks whether the data entered by the user is within the specified range. You can use it to check the range of numbers, letters, and dates. |
| Comparevalidataor | It can be used to check the comparison with specific data types of other controls (greater than, less than, or equal) |
| Regularexpressionvalidataor | Regular Expression Verification |
| Customvalidataor | Custom Verification |
| Validationsummary | It has no verification effect, but is often used with the verification control to Display error messages from all the verification controls on the web page. |
Of course, not only one control can have one verification, but one control can be verified by multiple verification controls. For example, a text box can be used for both non-empty verification and regular expression verification.
Basevalidator
Basevalidator is the base class of all verification classes. It provides and implements all verification controls and its common attributes and methods.
| Controltovalidate | Verify the programming ID of the input control that the control will calculate. If this is an invalid ID, an exception is thrown. |
| Display | None: The verification control is never displayed inline. If you want to display an error in the validationsummary control, you can use this item Static: If the verification fails, the error message is displayed. Even if the verification succeeds, the displayed space is occupied. Dynamic: If the verification fails, the error message is displayed. If the verification succeeds, the displayed space is not occupied. |
| Enableclientscript | Indicates whether to enable client verification. js verification can be disabled by setting this attribute to false. |
| Enable | Indicates whether to enable the verification effect if the control is flase. |
| Errormessage | Text displayed when verification error occursIt allows HTML information input.That is to say, we can write an IMG mark. |
| Forecolor | Text color displayed when verification error occurs |
| Isvalid | Whether the verified control has passed verification |
| Focusonerror | When a verification error occurs, retrieve the focus of the incorrect control. |
| Validationgroup | Specifies the verification group of the verification control. |
| Validate () | Perform the verification operation and update the isvalid attribute |
| Text | If the error message displayed on the page is not specified, the error message is displayed. |
In ASP. net contains many data submission controls that can be sent back to the server, such as bulletedlist, button, checkbox, checkboxlist, htmlbutton, htmlinputbutton, htmlinputimage, imagebutton, linkbutton, ListBox, radiobuttonlist and textbox controls. These buttons all have a causesvalidation attribute.
Causesvalidation = false
ASPnet ignores the verification control, the page is normally sent back, and the event processing code is executed normally.
Causesvalidation = true
ASPnet will execute all the verification controls, and the data request will be sent back only when the verification is passed.
Before ignore
After ignore
It is worth noting that some controls can be sent back to the server only when their autopostback attribute is set to true.
Each of these controls has a validationgroup attribute. After this attribute is set, only the verification control in the specified group is verified when the control triggers server sending back.
The return control of the same group triggers events in the same group.
Requiredfieldvalidator
1: Asp: textbox id = "textbox1" runat =" server " validationgroup = "A" > Asp: textbox
2: Asp: requiredfieldvalidator id = "requiredfieldvalidator1" runat =" server " controltovalidate = "textbox1" display = "dynamic" errormessage = "the account cannot be blank" forecolor =" red " >
Asp: requiredfieldvalidator >
Rangevalidator
It can be used to verify whether user input data is within the specified range.
Type attribute| String | String Data Type |
| Integer | Specified as integer |
| Double | Double-precision floating point type |
| Date | Date data type |
| Currency | Currency type |
Note: The range control does not verify non-null errors, so we prefer to use these two controls together. Prevents users from skipping the input of a control.
ComparevalidatorAsp: rangevalidator id = "rangevalidator1" runat =" server " controltovalidate = "textbox1" errormessage =" & lt; IMG srcw.'a.jpg 'width = '20px '& gt; " maximumvalue =" 20 " minimumvalue =" 1 " type = "integer" > Asp: rangevalidator
A comparison control requires at least one data entry control to verify the data.
We will use a comparison property operator.
Compare with a constant<Asp: textbox id ="Textbox1"Runat ="Server"> </ASP: textbox>
<Asp: comparevalidator id ="Comparevalidator1"Runat ="Server"Errormessage ="Must be greater than 20"Valuetocompare ="20"Type ="Integer"Controltovalidate ="Textbox1" operator ="Equal"> </ASP: comparevalidator>
<Asp: button id ="Button1"Runat ="Server"TEXT ="Button"/>
Comparison with other controls
<Asp: textbox id ="Textbox1"Runat ="Server"> </ASP: textbox>
<Asp: textbox id ="Textbox2"Runat ="Server"> </ASP: textbox>
"comparevalidator1" runat =
"server" errormessage =
"the data of the two controls must be consistent" controltovalidate =
"textbox2" controltocompare =
" textbox1 " operator =
" equal "
Regularexpressionvalidator
You only need to specify the regular expression to be verified. The most common Verification
Custom verification control customvalidator
Generally, we use the verification control above to handle common data verification problems. If you do need custom verification methods. You can use customvalidator.
The custom verification control allows you to define the client and server verification sub-accounts based on your needs.Program. Then associate it with the verification control.
Client Verification Method<Head Runat= "Server">
<Title> </Title>
<Script Type= "Text/JavaScript">
FunctionValidation1 (source, ARG ){
If(Arg. Value % 2 = 0)
Arg. isvalid =True;
Else
Arg. isvalid =False;
}
</Script>
</Head>
<Body>
<Form ID= "Form1" Runat= "Server">
<Div>
<ASP: textbox ID= "Textbox1" Runat= "Server"> </ASP: textbox>
<ASP: customvalidator ID= "Customvalidator1" Runat= "Server" Errormessage= "Cannot be divisible by 2" Clientvalidationfunction= "Validation1" Controltovalidate= "Textbox1"> </ASP: customvalidator>
Verification results
You can also create a server-side verification method.
Protected VoidCustomvalidator1_servervalidate (ObjectSource, servervalidateeventargs ARGs)
{
Try
{
Args. isvalid =Int. Parse (ARGs. Value) % 2 = 0;
}
Catch(Exception)
{
Args. isvalid =False;
// Throw;
}
}
You only need to create a server-side verification event.
Page. isvalid
Note: If you want to determine whether the verification is successful in pageload, you need to call the page. Validate () method to check whether the verification is successful through the page. isvalid attribute.
If we only want to know whether the call is successful in a similar click event, we do not need to call the page. Validate () method.
You can see through the ASPNET page lifecycle that the verification occurs after the load event and before the Custom Event.
Summary
We have explained five common verification controls in ASPnet.
Next we will introduce the custom verification control.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
