Verify the detailed parsing of the OnClientClick event of the control and Button

I. Events

This is a problem that has been ignored for a long time or has not been found. The problem is as follows:

On a page, when a verification control exists, when the Button control triggers the OnClientClick event and the event returns true and false, the verification control becomes invalid and does not take effect. The detailed description is as follows:

The. Net page is as follows:
Copy codeThe Code is as follows:
<Form id = "form1" runat = "server">
<Asp: ScriptManager ID = "ScriptManager1" runat = "server">
</Asp: ScriptManager>
<Div>
<Asp: TextBox ID = "TextBoxTest" runat = "server"> </asp: TextBox>
<Asp: RequiredFieldValidator ID = "RequiredFieldValidator1" runat = "server" ControlToValidate = "TextBoxTest"
ErrorMessage = "cannot be blank" Display = "None"> </asp: RequiredFieldValidator> <ajaxToolkit: ValidatorCalloutExtender
ID = "ValidatorCalloutExtender1" TargetControlID = "RequiredFieldValidator1" runat = "server">
</AjaxToolkit: validatorcalloutexkit>
<Asp: Button ID = "ButtonText" runat = "server" Text = "test" OnClientClick = "return confirm ('Are you sure you want to submit? '); "/>
</Div>
</Form>

As shown above, add the RequireFieldValidator verification control to the page so that the TextBoxTest value cannot be blank. When submitting the page in ButtonText, you need to confirm whether to submit it. There seems to be no problem with a simple page. However, when the TextBoxTest value is empty, the verification control does not work and the page is submitted successfully. Why?

2. Event Response

What's going on? First, after removing the OnClientClick event of ButtonTest, verify that the control works. Why? I checked the source code of the page and found that the ButtonTest control generated the following source code:

<Input type = "submit" name = "ButtonText" value = "test" onclick = "javascript: WebForm_DoPostBackWithOptions (new WebForm_PostBackOptions (" ButtonText "," ", true ,"", "", false, false) "id =" ButtonText "/>

From this line of source code, we can see that the verification control generates a piece of javascript code on the client and verifies whether the value in TextBox is null. After I added the OnClientClick of ButtonTest, I checked the source code again. The source code generated by the ButtonTest control is as follows:

<Input type = "submit" name = "ButtonText" value = "test" onclick = "return confirm ('Are you sure you want to submit? '); WebForm_DoPostBackWithOptions (new WebForm_PostBackOptions ("ButtonText", "", true, "", "", false, false) "id =" ButtonText "/>

From this line of code, we can clearly see where the problem is. on the client side, we first execute custom javascript, and then execute the javascript generated by the verification control, obviously, in this case, the verification control loses any meaning.

3. Response Control

Once you know where the problem is, it's easy to handle it. My solution is: Execute the custom javascript (return confirm ('Are you sure you want to submit? '), It is necessary to verify whether the controls on the page comply with the rules, so I modified the OnClientClick event of ButtonTest as follows:
Copy codeThe Code is as follows:
<Asp: Button ID = "ButtonText" runat = "server" Text = "test" OnClientClick = "if (CheckClientValidate () return Confirm ('Are you sure you want to submit the page? '); "/>

The code for the CheckClientValidate () method is as follows:
Copy codeThe Code is as follows:
<Script language = "javascript" type = "text/javascript">
Function CheckClientValidate (){
Page_ClientValidate ();
If (Page_IsValid ){
Return true;
} Else {
Return false;
}
}
</Script>

Run and test. Verify the role of the control. Solve the problem.

Iv. Postscript

This is the problem and solution that I have known to be ignored. When I found this problem, I experienced a cold sweat. Fortunately, I did a strict server verification. Otherwise, it would be terrible. It can also be seen from here that it is necessary to specify strict server-side verification :-). It not only prevents hackers from bypassing client verification, but also prevents data inaccuracy due to errors that you have not detected.

Note:

Page_ClientValidate (). This function is used to return True or False on the aspx page containing the Microsoft verification control based on whether the user input operation is valid.

Can be directly judged.
Copy codeThe Code is as follows:
If (Page_ClientValidate ())
{
Return true;
}
Else
{
Return false;
}