DevExpress Asp.net Control validation kicks in unexpectedly - asp.net

I am using latest DevEx Asp.net controls. In one of my pages, I have a form with AspxLabels and AspxTextBoxes. In certain textboxes I have a required field validation. I also have 2 check boxes on the page when clicked they populate certain textboxes with data from server.
Here is when the problem occurs.
When any of the check boxes are clicked, I make all textboxes that would be populated from server set to empty string. Then I set the data.
If one of the required fields already has some data, then setting it to empty string when checkbox is checked causes client side validation to kick in and server call to get the data is not done.
Does anyone have any idea how to approach and solve this problem?

Based on your description (aspx would make it more clear) you should set ValidationSettings.ValidateOnLeave to false and validate editor manually.
Here is sample from devex code central article:
<input type="button" value="Validate" onclick="tbTextBox2.Validate();" />
<dx:ASPxTextBox ID="tbTextBox2" runat="server" ClientInstanceName="tbTextBox2">
<ValidationSettings ValidateOnLeave="False">
<RequiredField IsRequired="True" ErrorText="Field is required." />
</ValidationSettings>
</dx:ASPxTextBox>
For various ways of validating form editor(s) on client side read How to raise validation on the client side.

Related

EnableViewState="false" does not work and Why asp.net view sate automatically decoded and stored in browser

I used asp.net text-box and set
EnableViewState="false"
then i run my code and enter some sample texts and i enforced the post-back (which means click the button )then Textbox control retain the value .
what i am wrong in my code ?
How can i disable view-state ?
<asp:TextBox ID="TextBox1" EnableViewState="false" runat="server"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" />
Then i have another one doubt.
Why asp.net view sate automatically decoded and stored in browser. I read some articles the article says it’s a security purpose.
The user gives her/his information and he will use the particular browser and maintain the browser then why view sate is encoded. Is another reasons to decode the view state ?
Well regarding your first question this can be confusing at the beginning. Textbox are simply classes that implement the IPostBackDataHandler interface.
A nice explation can be found here-- http://www.codeproject.com/Articles/378180/View-State-for-TextBox-and-other-controls-that-imp
Regarding your second question about the encryption of viewstate, then you must know the user accessing the page is not only one who can view the viewstate. Pages are posted back on un encrypted channels also, so any body looking over the wire has access to it. Also the user can never be trusted.
My advice to you is to get in details about the view state on msdn. It will help you in long run.

Server side validation

I am having an issue with the requiredfieldvalidator control not working on an ASP.net page. I have completed the attributes of that field properly, but when I test it, the postback is allowed to happen even if the field in question is blank.
So I want to do server side validation instead. What is the best way to do that? In the event that caused the postback? Also, if I find out the field is blank, how do I get the user back to the screen with all other values they placed on other fields intact and a message saying "This field cannot be blank".
EDIT:
This is the code:
<asp:TextBox ID="fName" TabIndex="1" runat="server" Width="221px" CausesValidation="True"></asp:TextBox>
<asp:RequiredFieldValidator ID="FNameRequiredFieldValidator" runat="server" ControlToValidate="fName" InitialValue="" ErrorMessage="Filter Name cannot be blank." ToolTip="Filter Name cannot be blank.">*</asp:RequiredFieldValidator>
You need to provide the markup for your Button / Link control as well.
The 'CausesValidation' attribute is not supposed to be used on TextBox controls.
The button you click needs to have that attribute set to "True".
Please provide that markup and then I can advise on the alternate server side validation.
To enable Client-side Validation, set the EnableClientScript="true" on the RequiredFieldValidator.
You should also always validate on the server side too. But the RequiredFieldValidator doesn't let you do any special-handling server-side. Just check if Page.IsValid(). This will return false if the field is not supplied.
If you want to do custom validation, use a CustomValidator.

Why are hidden fields considered client side state management?

According to MSDN and the MCTS self-paced training, asp.net can use Hidden fields for client-side state management. The book material goes on to say view-state is more secure than hidden fields because the data is encrypted.
I must be missing something here. I setup a Label and made it hidden. I can store data in this hidden label and it won't even be sent to the client browser. This not only works like server side state (note the runat=server), but this seems more secure than view-state because there's no need for encryption as the client can't even see the field.
<asp:Label ID="Label1" Visible="false" runat="server">secret info</asp:Label>
Contrast this with an HTML input field. Here, the client state info makes sense.
<input id="Text2" type="text" style="visibility:hidden;" value="secret 99" />
So what's the deal?
When you create a label in .net and set it's visibility to Hidden, it does not render to the client and its data is stored in viewstate.
Therefore, it is not "more" secure than viewstate as it is using viewstate to maintain the data.
Regarding hidden fields, there are four kinds: First up is the regular HTML one which is simply an input of type hidden. This has no visible rendering although it is in the html. It also has no viewstate properties. It is declared as:
<input id="MyId" type='hidden' value='whatever' />
The second one is a regular input with a css property marking it as hidden: If CSS is disabled or otherwise overriden then the control would be visible to the user. Other than that its pretty close to the same thing as a type='hidden'.
<input id='MyId' type='text' value='whatever' style='visibility:hidden' />
The third one is the .Net hidden field. This does has viewstate storage, but it also causes a regular hidden field to be generated in the html.
<asp:HiddenField id='MyId' runat='server' value='whatever' />
And, the fourth one is a regular .net text box that is marked as not-visible.
<asp:TextBox id='MyId' runat='server' Text='whatever' Visible='False' />
The .net ones will cause data to be placed in viewstate. The HTML ones do not. If you set Visible=False on a .Net control then it is not rendered to the client however it's data is typically stored in viewstate.
There are other ways of throwing data into the page, but they are derivations of the above.
Generally speaking if you have a value that your javascript code needs but you don't need to display it to the client then you use a hidden field (html or .net). If you have a secret value then typically you don't want this to go to the client side if at all possible. And that means even keeping it out of viewstate. As a side note, don't depend on viewstate "security' there are tools out there which will easily decrypt it.
A field which is not displayed is not a hidden field (even though it is "hidden").
Hidden fields are <input type="hidden" name="somename" value="somevalue" /> fields. And those can be manipulated by users.

Can I make any ASP.NET/HTML element into form-data that posts back to the server?

I am using Javascript to alter the innerHTML attribute of a <td> and I need to get that info back in the form submittal. The <td> corrosponds to an <asp:TableCell> on the server-side, where the Text attribute is set to an initial value.
The user cannot enter the value in this particular field. Instead, its value is set by me (via client-side script) based on actions that the user performs. But this field is useless to me if I can't see its value on the server-side as well.
I'd like to avoid using a read-only textbox, because those are difficult to resize dynamically. Can an <asp:Label> be used as form data? Is there any way to achive this without letting the user manually enter the data? Or is there a simpler way to store a string as a variable somewhere and send it back as form-data?
You can only read data entered by user in any of html input elemnets, whatever you user sets them manually or you do it via javascript. You can use <asp:HiddenField runat="server" ID="somId" /> and set its value according to user actions on page.
Add <input type="hidden" runat="server" id="myTDvalue"> to your form. Set that value via clientside script. Read it on the postback.

How do you reenable a validation control w/o it simultaneously performing an immediate validation?

When I called this function to enable a validator from client javascript:
`ValidatorEnable(document.getElementById('<%=valPassportOtherText.ClientID%>'), true); //enable` validation control
the required validation control immediately performed it validation, found the value in the associated text box blank and set focus to the textbox (because SetFocusOnError was set to true). As a result, the side effect was that focus was shifted to the control that was associated with the Validation control, i teh example, txtSpecifyOccupation.
<asp:TextBox ID="txtSpecifyOccupation" runat="server" AutoCompleteType="Disabled"
CssClass="DefaultTextBox DefaultWidth" MaxLength="24" Rows="2"></asp:TextBox>
<asp:RequiredFieldValidator ID="valSpecifyOccupation" runat="server" ControlToValidate="txtSpecifyOccupation"
ErrorMessage="1.14b Please specify your <b>Occupation</b>"
SetFocusOnError="True"> Required</asp:RequiredFieldValidator>
Perhaps there is a way to enable the (required) validator without having it simultaneously perform the validation (at least until the user has tabbed off of it?)
I'd like validation of the txtSpecifyOccupation textbox to occur only on a Page submit or when the user has tabbed of the required txtSpecifyoccupation textbox.
How can I achieve this?
Don't call the ValidatorEnable method. Instead, get a reference to teh validation control and simply set its "enabled" property as desired.
To clear the validation control's error text, set the innerText property to "".

Resources