I have a asp:Textbox that I am trying to make sure the user does not copy and paste in Tags. The below code works at checking for < and > but it also will throw the error message if a user hits the Enter or Return key to create a new line in the text box. What changes do I need to make to the ValidationExpression to allow the user to be able to use the Enter/Return keys, but not allow the < or > keys?
<asp:RegularExpressionValidator ID="RegularExpressionVal3" runat="server"
ErrorMessage="You cannot put tags into the text box (e.g. <html>)"
ControlToValidate="txtMSPC"
ValidationExpression="^(?!<.*?>).*" ForeColor="Red" />
For the client-side validation only, you may use
ValidationExpression="^(?![\\s\\S]*<[^>]*>)[\\s\\S]*"
Details:
^ - start of string
(?![\\s\\S]*<[^>]*>) - no < followed with 0+ chars other than > and then > in the string
[\\s\\S]** - any 0+ chars
Related
i want to use regular expression to validate SSN with dashes. This is the format i would like to see: 000-00-0000. This expression does not work for me for some reason.
<asp:RegularExpressionValidator runat="server" Display="Dynamic" ValidationExpression="^(\\d{3}-\\d{2}-\\d{4}|\\d{9})$" ControlToValidate="txtSSN" ForeColor="Red" />
this is how i resolved:
^\d{3}-\d{2}-\d{4}$
There are a few things to note about the RegularExpressionValidator:
It will never be activated by an empty string in the control it is
validating. Only the RequiredFieldValidator catches empty strings You
do not need to specify beginning of string and end of string matching
characters (^ and $)—they are assumed. If you add them, it won't hurt
(or change) anything—it's simply unnecessary.
You could just refer to an example regex on thatpage in MSDN, and see that the value is treated as a verbatim string literal.
So, to only allow SSNs with hyphens, you just need to use:
ValidationExpression="\d{3}-\d{2}-\d{4}"
It is also ECMAScript-compliant and safe to use both at server and client, but you could further limit to
ValidationExpression="[0-9]{3}-[0-9]{2}-[0-9]{4}"
Remember, \d at server-side can also match some non-standard (Arabic, etc) digits.
I have a form in which I would like guests to enter their name, address etc...
On each field I have a RequiredFieldValidator and a RegularExpressionValidator.
For example:
<asp:TextBox ID="mailNameTextBox" runat="server" MaxLength="70" ValidationGroup="mail"></asp:TextBox>
<asp:RegularExpressionValidator ID="mailNameTextBox_RegularExpressionValidator" runat="server" ErrorMessage="Name can only have letters or spaces." ControlToValidate="mailNameTextBox" ValidationExpression="[a-zA-Z' ']" ValidationGroup="mail" Display="Dynamic">*</asp:RegularExpressionValidator>
<asp:RequiredFieldValidator ID="mailNameTextBox_RequiredFieldValidator" runat="server" ErrorMessage="Name field is required." ControlToValidate="mailNameTextBox" ValidationGroup="mail" Display="Dynamic">*</asp:RequiredFieldValidator>
When I enter a name that includes a number (ie. fails the Regex) and "tab" out of the TextBox, the RegexValidator is instantly displayed with a *, and the form fails to submit. But when I go back and remove the number (ie. pass the Regex), the Validator doesn't seem to re-check the input, and the form will forever fail to submit.
Is there a way to always fire the Validation when leaving the box rather than just the first time (besides calling a Validation method upon the TextBox losing focus). I would have thought this would be automatic?
I have spent some time trying to find an answer to this, and I'm not sure how to word my question to "thouroughly research it", so I'm sorry if this is a duplicate.
I did see this one:
ASP.NET: RegularExpressionValidator Doesn't reCheck the input
but it didn't really help in my case.
Your validation expression is this:
[a-zA-Z' ']
Which means: exactly one letter or one apostroph or one space.
You probably want to use something like the following:
[\w\s]*
Which means: any number of letters or whitespaces.
I've been trying to validate a multiline textbox. And of course it doesn't work.
<asp:TextBox ID="t_noteTextBox" runat="server" Width="700" Text='<%# Bind("t_note") %>' TextMode="MultiLine" Rows="3" MaxLength="700" />
<asp:RegularExpressionValidator ID="RegularExpressionValidator2" runat="server" ErrorMessage="Special Characters not allowed." ForeColor="Red"
ControlToValidate="t_noteTextBox" ValidationExpression="(?m)([a-z]|[A-Z]|[0-9]|[ ]|[-]|[_]|[.]|[,]|[\r]|[\n])*" Display="Dynamic"></asp:RegularExpressionValidator>
<asp:RegularExpressionValidator runat="server" ID="valInput" ControlToValidate="t_noteTextBox" ValidationExpression="^[\s\S]{0,740}$"
ErrorMessage="Please enter a maximum of 740 characters" Display="Dynamic" ForeColor="Red"></asp:RegularExpressionValidator>
The expression works fine as long as I don't add a carriage return. As soon as I go to a new line i get an error.
I even looked up and found the ?m multiline option.
however that doesn't work either.
Testing the regex in Expresso works well.
(?m)([a-z]|[A-Z]|[0-9]|[ ]|[-]|[_]|[.]|[,]|[\r]|[\n])*
But as soon as I put it on the website it doesn't.
Any ideas?
Multiline mode alters the behavior of the anchors (^ or $), which you aren't using.
Singleline mode causes the dot metacharacter to match everything including linefeeds, but you aren't using the dot that way. Like most metacharacters, the dot loses its special meaning inside a character class, so [.] just matches a literal ..
I suspect your problem is that you're allowing the validation to be done on the client side. That is, you haven't set EnableClientScript to "false". Client-side validation uses JavaScript instead of .NET, and the JavaScript regex flavor doesn't support inline modifiers like (?m) and (?s). But that shouldn't matter to you, since you aren't using the dot as a metacharacter.
This should be all you need:
ValidationExpression="[a-zA-Z0-9_.,\s-]*"
You can simplify this quite a bit.
(?m)([\w., -])*
The multiline flag (?m) only allows the anchors ^ and $ to match before and after linebreaks, as opposed to start and end of string normally, so it's not doing what you want here.
If you use \s instead of matching a space, it will match the newline as well.
([\w.,\s-])*
Following expression work well for email validation with asp.net but does not allow whitespace at start and end.
^(([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+([;.](([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+)*$
Have any way to allow whitespace?
Here is full asp.net markup, I can not trim before validation.
<asp:TextBox ID="txtEmail" runat="server" MaxLength="100" CssClass="textbg text"></asp:TextBox>
<asp:RegularExpressionValidator ID="EmailValidator" runat="server" ErrorMessage="Email is not vaild."
ForeColor="Red" ControlToValidate="txtEmail" ValidationExpression="^(([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+([;.](([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+)*$"
ValidationGroup="register">Email is not vaild.</asp:RegularExpressionValidator>
I would echo the previous points suggesting trimming the input prior to validation. Trimming or ignoring whitespace is a pretty common requirement, so I would be very surprised if your validator couldn't handle it.
I would also point out an email address with that spaces on either end is an invalid email address, so passing it as valid is technically incorrect.
However, if it can't trim it, and you must pass it, then it is trivially easy to modify any regex to allow whitespace at either end.
White space is represented in regex with \s. Zero or more white spaces would be \s*.
Therefore, all you need to do is add \s* to the start and end of the expression, immediately inside the^and$` start and end markers, like so:
/^\s*(.......)\s*$/
(where ...... represents an expression to validate an email address (but probably not the one you've quoted in the question).
Hope that helps.
Email validation using regular expressions are not easy. Since you're using ASP.NET, you could just use the same regular expression MailAddress uses. Presumably most email addresses are not going to be invalid, so the Try...Catch operation shouldn't be too expensive.
MailAddress mailAddress;
try
{
mailAddress = new MailAddress(txtEmail.Text);
}
catch (Exception ex)
{
//Email considered invalid
}
Edit 2 - This one should work with the validator:
(\s?)+\w+(([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+([;.](([a-zA-Z0-9_\-\.]+)#([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5}){1,25})+)*(\s?)+
Just be aware, email validation cannot be considered reliable because it's very easy to bypass most of the regular expressions.
I am givng a regular expression validation to a text box, which is not allowing the using to enter spcl. char. its allowing the user to enter only numbers or char.
<asp:TextBox ID="TextBox2" runat="server">
</asp:TextBox><asp:RegularExpressionValidator ValidationExpression="^[0-9a-zA-Z ]+$"
ID="RegularExpressionValidator1" runat="server" ErrorMessage="RegularExpressionValidator"
ControlToValidate="TextBox2"></asp:RegularExpressionValidator>
I want to allow the user to give few spcl char like apostrophe ' ampersand & and hyphen - with numbers and char. means if the user wants to use these three spcl. then he/she can use, is this possible if yes then how?
Yes it is very possible. Just include the characters in your expression.
^[0-9a-zA-Z\&\'\- ]+$