I've setup two pages. 1.aspx, and 2.aspx.
on 1.aspx I have a form like so:
<form action="2.aspx" method="post" id="myform">
<input type="hidden" value="this works" id="mydata" />
<input type="submit" />
</form>
on 2.aspx I have this code:
Response.Write(Request.Form("mydata"))
This returns nothing.
I also tried
Response.Write(Request.Form(0))
but I get "Index was out of range." Message from the server.
I know I'm probably missing something very simple, but, I can't seem to find it!
What am I doing wrong?
Thanks!
ID is used for client-side access. Give your hidden field name="mydata" for server-side form access
Instead of having
<input type="hidden" value="this works" id="mydata" />
have
<input type="hidden" value="this works" name="mydata" />
IF you want to keep id instead of name you have to write it out differently.
you want to use document.getElementById instead of Request.form
Related
I've an aspx form with a form tag as below and this form tag contains some sensitive info with hidden fields
<form id="payment_confirmation" target="myFrame" action='https://testsecureacceptance.cybersource.com/embedded/pay' method="post"/>
<input type="hidden" name="access_key" value="sensitivevalue1">
<input type="hidden" name="profile_id" value="sensitivevalue2">
<input type="hidden" name="transaction_uuid" value="<% Response.Write(getUUID()); %>">
<input type="hidden" name="signed_field_names" value="sensitivevalue3">
<input type="hidden" name="unsigned_field_names" value="card_type,card_number,card_expiry_date">
<input type="hidden" name="signed_date_time" value="<% Response.Write(getUTCDateTime()); %>">
<input type="hidden" name="locale" value="en">
<input type="submit" id="submit" name="submit" value="Submit"/>
</form>
When i click "Submit" it successfully post the values and user is "redirected" into the "https://testsecureacceptance.cybersource.com/embedded/pay" form but those hidden fields values are exposed to users (when they inspect the page). I can encrypt them but is there any other way i can post values and redirect from backend where values will not be exposed to users?
Thanks
In short, no. Hidden fields are only hidden from view on the screen and will always be available be available when viewing the source of the page when you are using web forms like this. You can use the viewstate, which will encode the fields and make them harder to read, but if it is truly sensitive information, you will need to properly encrypt that information.
Hope that helps.
I am new to asp.net.
My question is, can a ASP.net form with runat="server", have a method attribute in it?
For example:
<form id="form1" runat="server" method="get">
.......
</form>
Is this possible?
Thanks for your answers.
I would like to share some points which I found.
By default the form with runat="server", will have method="post".
But when we request a page for the first time, (i.e) request is not a postback, the method="get".
And it becomes method="post",while postback.
I checked this by placing a piece of code in code behind:
In Page_Load():
if(Request.RequestType=="GET")
{
Response.Write("Request is a GET type");
}
else if(Request.RequestType=="POST")
{
Response.Write("Request is a POST type");
}
By default, the output
For the first request of that page: Request is a GET type
In postback: Request is a POST type
If i give the following code in the WebForm1.aspx
<form id="form1" runat="server" method="get">
For this, the output will be:
For the first request of that page: Request is a GET type
In postback: Request is a GET type
This is what I found.
Thank you very much for your responses.
yes you can try like below.
design part
you can design a form like :
<form id="form1" runat="server" method="post">
<input type="radio" name="Gender" value="male" id="test" checked="checked" />
male
<input type="radio" name="Gender" value="female" />female
<input type="submit" value="test" />
<asp:Button ID="btn" runat="server" Text="value" />
</form>
and how to get value from the form :
if (Request.Form["Gender"] != null)
{
string selectedGender = Request.Form["Gender"].ToString();
}
with this way you can get the value from form in asp.net.
i hope it will help you.
Yes,You can use use Method attribute..
The default will be Method="Post"
The form is always submitted to the page itself. If you specify an action attribute, it is ignored. If you omit the method attribute, it will be set to method="post" by default. Also, if you do not specify the name and id attributes, they are automatically assigned by ASP.NET.
If you select view source in an .aspx page containing a form containg these properties...
Please refer : http://www.w3schools.com/aspnet/aspnet_forms.asp
Basically I want to place a url in the form action method.
The ltlUrl.text value is added on the server side in pageLoad.
How do i use the ltlUrl as the action method?
<form action="<%# ltlurl.text%>" enctype="multipart/form-data">
<input type="text" name="title" value="test" />
<input type="file" name="file" />
<input type="submit" />
</form>
Since you are populating the text control on code behind, you can simply do this:
this.Page.Form.Action = "http://someour";
I believe the VB.NET syntax would be:
Me.Page.Form.Action = "http://someurl"
I would like to display a form that lets a user enter up to 10 rows of information. If they need to go over, I'm going to use an "add additional row" button that will add one row at a time. What will my Model class look like for something like this? When I use javascript to add a new row, how can I tie that new row into the Model as well?
This article from Phil Haack shows you how to bind to collections. You'll need to use the javascript to create the new row with the correct names.
Probably this rows contains related values, so you can give the same name to all theses inputs in the html, and declare that you action receive an array of values.
Assume that you have this
<form method="post" action="/Controller/YourAction">
<input type="text" name="row" value="1" />
<input type="text" name="row" value="2" />
<input type="text" name="row" value="3" />
<input type="text" name="row" value="4" />
<input type="text" name="row" value="5" />
<input type="text" name="row" value="6" />
<input type="submit" />
</form>
all that you need to do is declare this inside your Controller
public ActionResult YourAction(int[] row)
{
//put your code here
}
and you will have all the values inside the row array
You may take a look at the following blog post which explains how to achieve exactly that. It uses a custom helper (Html.BeginCollectionItem) which allows to use non sequential as collection indexes instead of numbers which makes adding/deleting new items much easier.
im confused, the w3c validation service seems to be saying that asp.net cannot legally render a hidden field inside a form tag on the page, have a look at this ...
http://validator.w3.org/check?uri=http%3a%2f%2fmotcombegarage%2eco%2euk%2f
from what i can tell it seems to be saying that the following code sample is invalid markup WTF !!!
<html>
<head> ... header stuff ... </head>
<body>
<form method="post" action="" id="ctl01">
<div class="aspNetHidden">
<input type="hidden" name="ctl09_HiddenField" id="ctl09_HiddenField" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTY1NzEyODQ1M2RkJPtW5VtaL7LPuSxnn1JM1yVnOeGAovb8b4b3KShHy4M=" />
<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWAwKt17cxAr+s9MgFAqjXzJsHz7KyzLpZjYtTK89blY7GgKAElK/5syvVNn4h7rVehcQ=" />
</div>
... other code ...
</form>
</body>
</html>
This presents 2 problems for me if the code is in fact invalid:
This code is generated by the .net framework for handling postbacks so editing it could be a problem
i have no idea what the valid context for a form field should be (lolz)
Is this a bug or have i done something wrong ???
EDIT:
As pointed out by Peter O below I added the missing div tag in my markup ... comparing this to the markup that the validator uses shows that this div whilst present in the markup is apparently not worth validating ... so that kinda changes the question to ... why is it ignoring that div ? ...
Seems a bit odd that you can't put an input tag inside a form tag directly though ... surely thats the point of a form tag, to contain input tags ??
The only way I've seemed to get rid of the message, following the code on your homepage, is to assign a value to the first hidden input
<div class="aspNetHidden">
<input type="hidden" name="ctl09_HiddenField" id="ctl09_HiddenField" value="toverton" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTY1NzEyODQ1M2RkJPtW5VtaL7LPuSxnn1JM1yVnOeGAovb8b4b3KShHy4M=" />
</div>
In all liklihood, this is most likely a bug.
The INPUT elements should be placed within a DIV element, like this:
<form ... >
<div>
<input type="hidden" ... />
<input type="hidden" ... />
<input type="hidden" ... />
</div>
</form>