I'm using the ASP ChangePassword control. When a user fails to enter their current password correctly I just get a control refresh with all fields cleared, not the changepasswordfailuretext. Googled this and found that you should use ChangePasswordError method to catch this. I put a breakpoint in this method and did not get stop here when the current password was incorrect.
How do I show my users that they have entered their current password incorrectly?
Just ran into this myself and found an answer. If you are customizing the display using ChangePasswordTemplate and SuccessTemplate, you also need to add a control with the id "FailureText". This control gets populated with your configured message in the event of an error:
<asp:Literal ID="FailureText" runat="server" />
http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.changepassword.changepasswordtemplate.aspx
Related
I'm following this walkthrough from Microsoft:
"Walkthrough: Creating a Web Site with Membership and User Login"
http://msdn.microsoft.com/en-us/library/879kf95c(v=vs.100).aspx
My Login control works and authenticates me successfully. It also shows the little validation *'s if I type the password wrong, so it seems like it is validating. However, the ValidationSummary that is associated with this Login control never displays any of the logon errors.
My code is like this. I set the ValidationGroup just like it said in the Walkthrough:
<asp:ValidationSummary ID="ValidationSummary1" runat="server" ValidationGroup="Login1" />
<asp:Login ID="Login1" runat="server"></asp:Login>
Can anyone let me know what I'm missing?
Thanks!
Sandra
The ValidationGroup for the child controls will be set to the UniqueID of the Login control. Since you're using a master page, this will not be the same as the ID. Instead, it will be something like ctl00$Login1.
The simplest workaround is to set the ValidationGroup from the code-behind:
ValidationSummary1.ValidationGroup = Login1.UniqueID;
Alternatively, you can customize the LayoutTemplate and manually specify the ValidationGroup on the child validator controls.
In a web form there are different asp.net validation controls. Is it possible to check a particular validation control is valid ? For example on leaving focus of textbox, first I will check requiredFieldValidatorUserName is valid ? If it is valid then I will check on server using ajax that this user name is not booked already.
Edit:
Explaination: I want to check validity (that input was valid) of a validation control on client side.
Please guide.
All validator controls implement IValidator which contains the IsValid property.
myValidatorControl.IsValid
The best way would be to use a CustomValidator with client side code, as this will display all the error messages, block form submission and also ensure that the validation is repeated at the server side - remember, just because you have client-side validation available, doesn't mean the user's seen it: Always validate your input at the server as well.
Your CustomValidator would then be coded to call the Ajax methods, and would show the error messages correctly to the client:
<asp:Label ID="UserNameLabel" AssociatedControlID="UserName" runat="server">
UserName *:</asp:Label>
<asp:TextBox ID="UserName" runat="server" />
<asp:RequiredFieldValidator ID="UserNameRequired" runat="server"
ControlToValidate="UserName" EnableClientScript="true"
ErrorMessage="You must supply a username!" />
<asp:CustomValidator ID="UserNameCustom" runat="server"
ControlToValidate="UserName"
ClientValidationFunction="CheckExisting"
OnServerValidate="UserNameCustomValidate"
ErrorMessage="Username already taken" />
And your ClientValidationFunction should look something like:
<script type="text/javascript">
function CheckExisting(source, arguments) {
// Pass the arguments.Value to your AJAX call:
if (ajaxCallUserNameTaken(arguments.Value)) {
arguments.IsValid = false;
}
}
</script>
(Obviously, you'll need to write the ajaxCallUserNameTaken method to call your page method/web service/etc.)
Doing it this way will ensure that the validation methods happen as expected; this will get called whenever the user tabs out of the textbox leaving a value (it won't get called if the textbox is empty), and will ensure that the user can't submit the page until they supply a unique value. You'll also want to create the method referenced in OnServerValidate to ensure that the value's good once it hits the server too - this should call the same code that the AJAX endpoint uses to reduce duplication of code, etc.
I was originally going to suggest that you could use the Page_Validators object on the client-side to do some checking in the onBlur event, but I don't really think this is suitable here as it results in more pain:
It assumes that although there might be more than one validator on the page, there's only the RequiredFieldValidator on the control we're checking
The RequiredFieldValidator isn't fired during OnBlur if a user moves out of a control without setting a value - only if they set and clear the value, so even if isvalid is true, you need to check for an empty string!
You could do this by setting the ValidationGroup for the Validator control that you want to treat as separate from the others. Make sure it matches the ValidationGroup of the control it's validating (your username field).
I have just faced the same issue and I Set CausesValidation="true" to the textbox control and it worked. Just give it a try :)
I have been messing around with this around for a bit and found a rather easy (not so efficient) solution to handle this using jQuery.
Use this function to check the validity of your control:
function validateControl() {
return $('#YOUR_VALIDATOR_ID').css("visibility") == "visible"
if you're using Display="Dynamic" on your validator then the function is like so:
function validateControl() {
return return $('#YOUR_VALIDATOR_ID').css("display") == "inline"
Be sure to check the true ID of your validator if you're using a Masterpage, as it will be different than the one in your IDE. Do so by viewing the page source in your browser.
The best solution will be of course to validate your form in some other way, using JavaScript or a CustomValidator that lets you write your own code.
I have details view control in my asp.net web form, which on of its item template gets it is value from database, and show this into a richtextbox :
<FTB:FreeTextBox id="txtDescription" runat="Server" AllowHtmlMode="false" Text='<%# (Eval("Description") )%>'
>
</FTB:FreeTextBox>
but when i click on insert or update button, i get the following error :
A potentially dangerous Request.Form value was detected from the client ....
i tried this :
Text='<%# HttpUtility.HtmlDecode((string)Eval("Description"))%>'
bu it did not work ethier, and i got the error again.
is there any way except turning validateRequest off.
Would you please help me?
No, there isn't a way to get this to work aside from turning Validate Request off. Which isn't a bad thing if you write your database functionality correctly and implement strict custom form validation.
I have a regularexpression validator which validates a valid email. I have two buttons on my form. Submit and undo.
On undo, we are reverting the page state to default
submit has it validationgroup set while undo doesnot have any validationgroup and CausesValidation="false".
Now when i navigate to page and enter invalid emailaddress,i directly click undo. the validator fires and stops my page from posting.however if i press tab and navigate to other control and then click undo,the validator shows error message but posts back and furthur proessing is done.
This is very strange and i want the page to postback without any error message when i click undo.how to achieve it.
<tec:ThemedImageButton runat="server" ID="imgbtnSave" OnClick="imgbtnSave_Click"
ValidationGroup="CustomerGroup"/>
<tec:ThemedImageButton runat="server" ID="imgbtnCancel" CausesValidation="false"
OnClick="imgbtnCancel_Click" />
These are normal image buttons with added themes.CustomerGroup is the validation group for my textbox and regularexpressionvalidator
Are you possibly clicking the undo whilst your focus is still within the email textbox? If so, perhaps the issue is that the initial blur event of the textbox is firing which in turn is calling the email validator and preventing the click / submission.
The first thing to try is to make sure you can enter an invalid email address, move the focus onto a completely different area of the page and then press undo to determine if this is the cause.
Double check your settings.
You might want to check the code behind to make sure you are not overwriting the control settings there. For example, in code, you might have the CausesValidation set to "True" or something like that.
Until you post more information you could do the following in your Undo button:
<asp:Button ID="btnUndo" runat="server" Text="Undo"
OnClientClick="Page_ValidationActive = false;"
OnClick="btnUndo_Click" />
I don't recommend this as it might solve your problem but really doesn't explain what is wired up incorrectly but the Page_ValidationActive = false; will disable all client validation on your page.
Does asp.net have a built in mechanism that can sanitize all textbox input instead of redirecting to the error page?
I have a textbox input where a user can enter a name, but if they try to enter and <> tags the page automatically throws an error. I just want to handle this error in a user friendly way.
You'll want to look at the AntiXSS library for that. It's a dll so it's easy to drop in and start using it.
The download is at CodePlex.
You can use the ASP.NET RegularExpressionValidator control with a pattern like: ^[^<>]*$
<asp:RegularExpressionValidator ID="rev" runat="server"
ControlToValidate="txtBox"
ErrorMessage="The <> tags are not allowed!"
ValidationExpression="[^<>]*" />
<asp:RequiredFieldValidator ID="rfv" runat="server" ControlToValidate="txtBox"
ErrorMessage="Value can't be empty" />
The RequiredFieldValidator is used in conjunction with the RegularExpressionValidator to prevent blank entries. If that textbox is optional, and only needs to be validated when something is entered, then you don't have to use the RequiredFieldValidator.
The benefit of doing it this way is that the error can be handled gracefully and the user can be notified on the same page.
However, if you need to do this for many textboxes and you just want to present something nicer than the error page, you could handle the ValidateRequest error to provide a friendlier message and keep the user on the same page (not just replace it with a custom error page). For more info, check out Kirk Evans' post: Handling ValidateRequest errors within a Page (refer to the section titled Overriding the OnError Method).
Read this for a step-by-step: http://yourtahir.wordpress.com/2008/03/28/aspnet-not-allow-html-in-text-boxserver-error-in-application-a-potentialy-dangerous-requestform-value-was-detected/
You have to do some web.config work.
ASP.net has validation controls
[http://msdn.microsoft.com/en-us/library/7kh55542.aspx][1]
Also there is Mark Down Editor which is a control that strips out html tags etc.