HttpUtility.HtmlEncode() do not work in asp.net TextBox control? - asp.net

My code below:
Test.aspx:
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<input type="text" value="<%=HttpUtility.HtmlEncode(ab)%>" runat="server"/>
</form>
</body>
</html>
Test.cs:
public partial class Test: System.Web.UI.Page
{
public string ab;
protected void Page_Load(object sender, EventArgs e)
{
ab = "<script>alert('111');</script>";
}
}
After running the test.aspx page,the textbox value is <%=HttpUtility.HtmlEncode(ab)%>
But remove the runat="server" string show correct!

When you do a runat="server" on a control, it becomes a server control instead of a traditional HTML tag, so the attributes are dealt with on the server. Unfortunately, that means the inline script tags don't always do what you want them to do.
You can do a few things. Either leave off the runat="server" like you said, which makes it render exactly as you want, or set the value in the code:
myTextBox.Value = "whatever";
You can also use data binding, but it's kind of ugly:
<input id="myTextBox" runat="server" type="text"
value='<%# HttpUtility.HtmlEncode("someString") %>' />
protected void Page_Load(object sender, EventArgs e) {
myTextBox.DataBind();
}

Related

asp LinkButton inside html Button tag

I have some Html code that contains the button tag "<button></button>".
I have noticed that if I place a linkbutton inside this element, the postback of the linkbutton will never occur.
So this is not working :
<button><asp:LinkButton ID="lnkExample" OnClick="lnkExampleBtn_Click"runat="server">Text</asp:LinkButton></button>
The server method "lnkExampleBtn_Click" will never be launched.
How come the postback doesn't work ?
Is there a way to have a linkbutton work inside the "button" tag ?
I also tried putting an href element with javascript _doPostback specific method, but that is not working either.
I've tried to reproduce your case.
Here's code behind:
public partial class Test : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnTest_Click(object sender, EventArgs e)
{
lblTest.Text = "Test";
}
protected void btnTest2_Click(object sender, EventArgs e)
{
lblTest.Text = "Test2";
}
}
And here's aspx:
<%# Page Language="C#" AutoEventWireup="true" CodeBehind="Test.aspx.cs" Inherits="WebApplication1.Test" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:LinkButton ID="btnTest" runat="server" OnClick="btnTest_Click">Test</asp:LinkButton>
<button><asp:LinkButton ID="btnTest2" runat="server" OnClick="btnTest2_Click">Test2</asp:LinkButton></button>
<button>test</button>
<asp:Label ID="lblTest" runat="server"></asp:Label>
</div>
</form>
</body>
</html>
What I found is - it depends on browser. In Chrome it's possible to place LinkButton inside tags. In Firefox and IE 10 it's not.
The reason why it's not working is simple - it's not allowed by the HTML 5 standard. You just can't embed a link inside a button.
http://www.w3.org/TR/2011/WD-html5-20110525/the-button-element.html#the-button-element
Link inside a button not working in Firefox

Best way to display Dynamic Content (From Database) in ASP.NET Web Page

I want to display my database table's one row content like as below frame. Table have Photo and description column. I also want two buttons like mentioned in image for some action. my database table have around 100 plus records. so in my web page I want to display 100 frame like below at runtime because it's possible that in future this record may goes up to 1000.
I am new in Web Application development. Anyone suggest me best GUI control to achive my goal with ASP.NET. Any tutorial or sample link will be great help.
Thanks.
First you create a user control with that design as I see here.
Then you use this user control inside a repeater and pass the database parameters to the user control to make the correct render. Additional you can use and DataView the same way.
working example
The custom control:
<%# Control Language="C#" AutoEventWireup="true" CodeFile="ShowData.ascx.cs" Inherits="Dokimes_StackOverFlow_ShowData" %>
<asp:Literal runat="server" ID="txtTheID" EnableViewState="false" />
<asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="Button" />
<hr /><br />
and the code behind:
public partial class Dokimes_StackOverFlow_ShowData : System.Web.UI.UserControl
{
public int cValueID = -1;
protected void Page_Load(object sender, EventArgs e)
{
txtTheID.Text = cValueID.ToString();
}
protected void Button1_Click(object sender, EventArgs e)
{
}
}
and the main page that is use it:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Repeater ID="Repeater1" runat="server">
<ItemTemplate>
<uc1:ShowData ID="ShowData1" runat="server" cValueID="<%# GetID(Container.DataItem) %>" />
</ItemTemplate>
</asp:Repeater>
</div>
</form>
</body>
</html>
and the code behind
public partial class Dokimes_StackOverFlow_ShowRepeatedData : System.Web.UI.Page
{
List<int> oMainIds = new List<int>();
override protected void OnInit(EventArgs e)
{
for (int i = 0; i < 10; i++)
{
oMainIds.Add(i);
}
Repeater1.DataSource = oMainIds;
Repeater1.DataBind();
base.OnInit(e);
}
protected void Page_Load(object sender, EventArgs e)
{
}
public int GetID(object oItem)
{
return (int)oItem;
}
}
You can use listview control because it supports custom formatting. repeater is the second option but listview has more features than repeater.

ASP Data-binded dropdown list without autopostback

I have a simple form with a dropdown list binded to a string array (as a simple example). The form is submitted when the user clicks a button.
I want to query the selected item in the list. I read the SelectedValue member of the dropdownlist which always contains the default item no matter what I select in the form.
I can't use autopostback on the list as in my production environment the form is displayed in dynamic div using jquery.
If I remove the binding and add the list items in the asp file using ListItems tags, than it magically works.
My sample asp code:
<%# Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<br />
<asp:DropDownList ID="DropDownList1" runat="server">
</asp:DropDownList>
<br />
<asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" />
</div>
</form>
</body>
</html>
And the code-behind file:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
string[] items = { "bindItem1", "bindItem2", "bindItem3" };
DropDownList1.DataSource = items;
DropDownList1.DataBind();
}
protected void Button1_Click(object sender, EventArgs e)
{
string text = TextBox1.Text;
string item = DropDownList1.SelectedValue;
}
}
In the page_load do the databinding only if Page.IsPostBack==False.
if (!IsPostBack)
{
//do the data binding
}
Your code now on every page load, will bind the data again and again, so the selected value is "not" changing.

click of asp:button takes control to form action

<form id="form1" action="Detail.aspx" runat="server">
<input type="submit" id="save" name="Submit" value="Save and Add"/>
<asp:Button ID="Exit" runat="server" Text="Exit" onclick="Exit_Click" />
</form>
CodeBehind
protected void Exit_Click(object sender, EventArgs e)
{
Response.Redirect("Show.aspx");
}
When I click the Exit Button the response is not going to Show.aspx.It goes to Details.aspx.I am unable to understand why the control is not passing to Show.aspx;
I have added a new page to my site that matches what you are describing, and it seems to work exactly as you wish it to:
In the code behind:
using System;
namespace MyProduct.Web.Pages
{
public partial class Details : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
Response.Write("If this text is visible then it works...");
}
}
protected void Exit_Click(object sender, EventArgs e)
{
Response.Redirect("Show.aspx");
}
}
}
In the markup:
<%# Page Language="C#" AutoEventWireup="true" CodeBehind="Details.aspx.cs" Inherits="MyProduct.Web.Pages.Details" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" action="Details.aspx" runat="server">
<input type="submit" id="save" name="Submit" value="Save and Add"/>
<asp:Button ID="Exit" runat="server" Text="Exit" onclick="Exit_Click" />
</form>
</body>
</html>
If i click "Save and Add" button then i remain on the same page (Details.aspx) and i see the text "If this text is visible then it works..."
If i click the "Exit" button then i am taken to a page called Show.aspx
Be sure that you have AutoEventWireup="true" in the top of your aspx page. This might be why you are not hitting the Exit_Click handler.
I hope this helps
clicking on a button in a form submits the form, take look at http://www.w3schools.com/aspnet/aspnet_forms.asp
Please use this method: Response.redirect(Server.MapPath("Show.aspx"));
The Show.aspx may into a folder in your website so you should write the explicit path of the page like "/Home/Customer/Show.aspx" but in Asp.Net you can use the Server.Mappath method to let the server serch the location of the file for you, that is to say, this method return the explicit path of the page.

cannot change GridView Caption

It seems to be impossible to change GridView .Caption after it has been set once.
Once I set caption and then change it within postbacks, in the code all seem to be ok, on page PreRender, GridView PreRender and wherever
I have no idea what to do - on page (and GridView also) PreRender event while debugging the .Caption is proper, but it renders with old caption anyway
Page seems to be render with set-once caption although I changed it.
I even tried to place it to updatePanel and update it, but it didn't help.
Can anybody suggest the reason?
thanks in advance.
Seems to be working here in this example, can you post your code?
<%# Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
System.Collections.Generic.List<int> Values = new System.Collections.Generic.List<int> { 1, 2, 3, 4, 5, 6, 7 };
grdTest.DataSource = Values;
grdTest.DataBind();
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
grdTest.Caption = "test grid " + DateTime.Now.ToString();
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView ID="grdTest" Caption="test grid" runat="server">
<Columns>
<asp:TemplateField>
<ItemTemplate>
hello
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
<asp:Button ID="btnSubmit" runat="server" onclick="btnSubmit_Click" Text="Submit" />
</div>
</form>
</body>
</html>

Resources