Beginning ASP.NET 4.5 in CSharp and VB Opsylum

Recommendations

Info

332 x CHAPTER 9 VALIDATING USER INPUT args.IsValid = False End If C# if (!string.IsNullOrEmpty(PhoneHome.Text) || !string.IsNullOrEmpty(PhoneBusiness.Text) { args.IsValid = true; } else { args.IsValid = false; } By checking the data at the client and at the server, you ensure your system accepts only valid data. Even when the browser doesn’t support JavaScript (possibly because the user turned it off deliberately), your data is still checked at the server. However, it’s important to realize that you still need to check whether the page is valid before you work with the data submitted to it. You do this by checking the IsValid property of the page: VB.NET If Page.IsValid Then ' OK to proceed End if C# if (Page.IsValid) { // OK to proceed } The IsValid property returns True when all the controls in the page or in the active ValidationGroup are valid. By checking the IsValid property on the server before you work with the data, you can be sure that the data is valid according to your validation controls, even if the user turned off JavaScript in the browser, and sent the form to the server without any client-side checks. You see the IsValid property used again later in this chapter, when sending e-mail is discussed. In addition to the validation controls you have seen so far, ASP.NET comes with another validation mechanism, which is discussed next. Understanding Request Validation By design, an ASP.NET page throws an exception whenever one of the controls on a page contains content that looks like HTML tags. For example, you see the error shown in Figure 9-10 when you enter Hello World or alert('Hello World'); as the contents for the comments text box in the contact form.
Gathering Data from the User x 333 FIGURE 9-10 The ASP.NET run time does this to prevent users from entering HTML or JavaScript that can potentially mess with the design or workings of your website or that could lead to security risks. If you’re sure you want to allow your users to enter HTML, you have a few options available. First, you can disable request validation by setting the ValidateRequest attribute in the @ Page directive to False: With this setting set to False, users can enter HTML without causing an error. In previous versions of ASP.NET, this was the only way to enable a user to send HTML to your page. The downside of this solution is that it’s all or nothing. By turning off request validation at the page level, all controls in the page will now accept HTML. This unnecessarily opens up your page for potential abuse. As a good security mechanism, you should allow HTML only for specific fields that you determine explicitly. Fortunately, ASP.NET 4.5 now makes this very easy; the Control class (from which classes such as TextBox inherit) has been extended with a ValidateRequestMode property that controls the check for invalid data. When set to Enabled, the control does not accept HTML; when set to Disabled the control does accept HTML, similar to how ValidateRequest enabled this for all controls in the page. The final value for ValidateRequestMode is Inherit, which gives it the value set by the parent of the control such as a PlaceHolder. This is convenient because you can wrap multiple controls that should accept HTML in a PlaceHolder and then configure the ValidateRequestMode on the container instead of on each individual control. Before you set this property on a control, make sure you really want to allow users to submit HTML in your controls. This opens up your site for Cross Site Scripting attacks when you’re not careful. Depending on the situation, you may need to sanitize the data by removing dangerous pieces of code such as elements. When displaying the data on a page, you could use a Literal control, with its Mode set to Encode in order for the HTML to be encoded and rendered harmless. With this property set, the text is displayed verbatim, without being interpreted as HTML or JavaScript.
Page 3:
BEGINNING ASP.NET 4.5 FOREWORD . .
Page 7 and 8:
BEGINNING ASP.NET 4.5 IN C# AND VB
Page 9:
—To Niek
Page 13:
CREDITS Acquisitions Editor Mary Ja
Page 17 and 18:
CONTENTS FOREWORD INTRODUCTION xxxi
Page 19 and 20:
CONTENTS Working with Files in Your
Page 21 and 22:
CONTENTS Not All Controls Rely on V
Page 23 and 24:
CONTENTS Skins 245 Creating a Skin
Page 25 and 26:
CONTENTS Providing Feedback to User
Page 27 and 28:
CONTENTS Single Item Controls 455 P
Page 29 and 30:
CONTENTS Authentication: How Can Yo
Page 31:
CONTENTS Introducing Bundling and M
Page 35 and 36:
INTRODUCTION TO BUILD EFFECTIVE AND
Page 37 and 38:
INTRODUCTION ‰ Chapter 4, “Work
Page 39 and 40:
INTRODUCTION HOW THIS BOOK IS STRUC
Page 41 and 42:
INTRODUCTION ‰ Code shown for the
Page 43 and 44:
INTRODUCTION FIGURE I-2 The Site fo
Page 45:
BEGINNING ASP.NET 4.5
Page 48 and 49:
2 x CHAPTER 1 GETTING STARTED WITH
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
34 x CHAPTER 2 BUILDING AN ASP.NET
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
66 x CHAPTER 3 DESIGNING YOUR WEB P
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
100 x CHAPTER 3 DESIGNING YOUR WEB
Page 148 and 149:
Page 150 and 151:
Page 153 and 154:
4Working with ASP.NET Server Contro
Page 155 and 156:
Introduction to Server Controls x 1
Page 157 and 158:
Introduction to Server Controls x 1
Page 159 and 160:
A Closer Look at ASP.NET Server Con
Page 161 and 162:
A Closer Look at ASP.NET Server Con
Page 163 and 164:
Types of Controls x 117 FIGURE 4-4
Page 165 and 166:
Types of Controls x 119 The Smart T
Page 167 and 168:
Types of Controls x 121 } DropDownL
Page 169 and 170:
Types of Controls x 123 Container C
Page 171 and 172:
Types of Controls x 125 Note that t
Page 173 and 174:
Types of Controls x 127 FIGURE 4-12
Page 175 and 176:
Types of Controls x 129 FinishButto
Page 177 and 178:
Types of Controls x 131 FileUpload
Page 179 and 180:
Types of Controls x 133 Validation
Page 181 and 182:
The ASP.NET State Engine x 135 serv
Page 183 and 184:
The ASP.NET State Engine x 137 FIGU
Page 185 and 186:
The ASP.NET State Engine x 139 4. A
Page 187 and 188:
Practical Tips on Working with Cont
Page 189:
Summary x 143 ⊲ WHAT YOU LEARNED
Page 192 and 193:
146 x CHAPTER 5 PROGRAMMING YOUR AS
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 232 and 233:
Page 234 and 235:
Page 236 and 237:
Page 238 and 239:
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
Page 250 and 251:
Page 253 and 254:
6Creating Consistent Looking Websit
Page 255 and 256:
Consistent Page Layout with Master
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Using a Centralized Base Page x 219
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Themes x 229 With this exported tem
Page 277 and 278:
Themes x 231 Replace Theme with Sty
Page 279 and 280:
Themes x 233 type="text/css" rel=
Page 281 and 282:
Themes x 235 ASP.NET themes are not
Page 283 and 284:
Themes x 237 FIGURE 6-19 How It Wor
Page 285 and 286:
Themes x 239 VB.NET Dim myCookie As
Page 287 and 288:
Themes x 241 FIGURE 6-21 Within the
Page 289 and 290:
Themes x 243 C# preferredTheme.Valu
Page 291 and 292:
Skins x 245 a cookie called Preferr
Page 293 and 294:
Skins x 247 3. In the Extension box
Page 295 and 296:
Practical Tips on Creating Consiste
Page 297 and 298:
Summary x 251 The imaginary CSS cla
Page 299 and 300:
7Navigation WHAT YOU WILL LEARN IN
Page 301 and 302:
Different Ways to Move Around Your
Page 303 and 304:
Using the Navigation Controls x 257
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Programmatic Redirection x 277 Redi
Page 325 and 326:
Programmatic Redirection x 279 How
Page 327 and 328: Practical Tips on Navigation x 281
Page 329: Summary x 283 ⊲ WHAT YOU LEARNED
Page 332 and 333: 286 x CHAPTER 8 USER CONTROLS advan
Page 334 and 335: 288 x CHAPTER 8 USER CONTROLS TRY I
Page 336 and 337: 290 x CHAPTER 8 USER CONTROLS How I
Page 338 and 339: 292 x CHAPTER 8 USER CONTROLS 4. Sw
Page 340 and 341: 294 x CHAPTER 8 USER CONTROLS Note:
Page 342 and 343: 296 x CHAPTER 8 USER CONTROLS ASP.N
Page 344 and 345: 298 x CHAPTER 8 USER CONTROLS The c
Page 346 and 347: 300 x CHAPTER 8 USER CONTROLS Image
Page 348 and 349: 302 x CHAPTER 8 USER CONTROLS When
Page 350 and 351: 304 x CHAPTER 8 USER CONTROLS If _n
Page 352 and 353: 306 x CHAPTER 8 USER CONTROLS How I
Page 354 and 355: 308 x CHAPTER 8 USER CONTROLS This
Page 356 and 357: 310 x CHAPTER 8 USER CONTROLS ⊲ W
Page 358 and 359: 312 x CHAPTER 9 VALIDATING USER INP
Page 395 and 396: 10 ASP.NET AJAX WHAT YOU WILL LEARN
Page 397 and 398: Using ASP.NET AJAX in Your Projects
Page 409 and 410: Using Web Services and Page Methods
Page 427 and 428: Practical Ajax Tips x 381 How It Wo
Page 429:
Page 432 and 433:
386 x CHAPTER 11 JQUERY Fortunately
Page 434 and 435:
388 x CHAPTER 11 JQUERY FIGURE 11-1
Page 436 and 437:
390 x CHAPTER 11 JQUERY This lists
Page 438 and 439:
392 x CHAPTER 11 JQUERY In addition
Page 440 and 441:
394 x CHAPTER 11 JQUERY COMMON MIST
Page 442 and 443:
396 x CHAPTER 11 JQUERY can apply v
Page 444 and 445:
398 x CHAPTER 11 JQUERY The ID Sele
Page 446 and 447:
400 x CHAPTER 11 JQUERY The first s
Page 448 and 449:
402 x CHAPTER 11 JQUERY In the foll
Page 450 and 451:
404 x CHAPTER 11 JQUERY MODIFYING T
Page 452 and 453:
406 x CHAPTER 11 JQUERY jQuery goes
Page 454 and 455:
408 x CHAPTER 11 JQUERY Common Mist
Page 456 and 457:
410 x CHAPTER 11 JQUERY Now that yo
Page 458 and 459:
412 x CHAPTER 11 JQUERY 8. Open the
Page 460 and 461:
414 x CHAPTER 11 JQUERY As you saw
Page 462 and 463:
416 x CHAPTER 11 JQUERY 7. Save you
Page 464 and 465:
418 x CHAPTER 11 JQUERY look at jQu
Page 466 and 467:
420 x CHAPTER 11 JQUERY ⊲ WHAT YO
Page 468 and 469:
422 x CHAPTER 12 INTRODUCTION TO DA
Page 470 and 471:
Page 472 and 473:
Page 474 and 475:
Page 476 and 477:
Page 478 and 479:
Page 480 and 481:
Page 482 and 483:
Page 484 and 485:
Page 486 and 487:
Page 488 and 489:
Page 490 and 491:
Page 492 and 493:
Page 494 and 495:
Page 496 and 497:
Page 498 and 499:
Page 500 and 501:
454 x CHAPTER 13 DISPLAYING AND UPD
Page 502 and 503:
Page 504 and 505:
Page 506 and 507:
Page 508 and 509:
Page 510 and 511:
Page 512 and 513:
Page 514 and 515:
Page 516 and 517:
Page 518 and 519:
Page 520 and 521:
Page 522 and 523:
Page 524 and 525:
Page 526 and 527:
Page 528 and 529:
Page 530 and 531:
Page 532 and 533:
Page 534 and 535:
Page 536 and 537:
Page 538 and 539:
Page 540 and 541:
Page 543 and 544:
14 LINQ and the ADO.NET Entity Fram
Page 545 and 546:
Introducing LINQ x 499 surprise tha
Page 547 and 548:
Mapping Your Data Model to an Objec
Page 549 and 550:
Page 551 and 552:
Page 553 and 554:
Introducing Query Syntax x 507 and
Page 555 and 556:
Introducing Query Syntax x 509 Wher
Page 557 and 558:
Introducing Query Syntax x 511 Firs
Page 559 and 560:
Introducing Query Syntax x 513 diff
Page 561 and 562:
Introducing Query Syntax x 515 Orde
Page 563 and 564:
Using Server Controls with LINQ Que
Page 565 and 566:
Page 567 and 568:
Page 569 and 570:
Page 571 and 572:
Page 573 and 574:
Page 575 and 576:
Page 577 and 578:
Page 579 and 580:
Page 581 and 582:
Page 583 and 584:
Page 585 and 586:
Page 587 and 588:
Page 589 and 590:
Page 591 and 592:
Page 593 and 594:
Page 595 and 596:
Page 597 and 598:
Summary x 551 model. Combined with
Page 599 and 600:
15 Working with Data — Advanced T
Page 601 and 602:
Formatting Your Controls Using Styl
Page 603 and 604:
Page 605 and 606:
Page 607 and 608:
Page 609 and 610:
Handling Events x 563 background-im
Page 611 and 612:
Handling Events x 565 4. Make sure
Page 613 and 614:
Handling Events x 567 The PreRender
Page 615 and 616:
Handling Events x 569 Button1_Click
Page 617 and 618:
Handling Events x 571 Select Case e
Page 619 and 620:
Handling Events x 573 The RowDataBo
Page 621 and 622:
Handling Events x 575 These classes
Page 623 and 624:
Handling Events x 577 8. Save all y
Page 625 and 626:
Hand-Coding Data Access Code x 579
Page 627 and 628:
Page 629 and 630:
Page 631 and 632:
Page 633 and 634:
Page 635 and 636:
Caching x 589 In all the database e
Page 637 and 638:
Caching x 591 Output Caching With o
Page 639 and 640:
Caching x 593 Programmatic Caching
Page 641 and 642:
Caching x 595 ‰ SummaryLabel ‰
Page 643 and 644:
Caching x 597 } font-style: italic;
Page 645 and 646:
Caching x 599 expiration date, whic
Page 647 and 648:
Summary x 601 EXERCISES 1. Imagine
Page 649 and 650:
16 Security in Your ASP.NET 4.5 Web
Page 651 and 652:
Introducing Security x 605 Authoriz
Page 653 and 654:
Introducing the Login Controls x 60
Page 655 and 656:
Page 657 and 658:
Page 659 and 660:
Page 661 and 662:
Page 663 and 664:
Page 665 and 666:
Page 667 and 668:
Page 669 and 670:
Page 671 and 672:
Page 673 and 674:
The Role Manager x 627 such as the
Page 675 and 676:
The Role Manager x 629 1 . From wit
Page 677 and 678:
The Role Manager x 631 FIGURE 16-19
Page 679 and 680:
The Role Manager x 633 2. Save and
Page 681 and 682:
The Role Manager x 635 Management s
Page 683 and 684:
The Role Manager x 637 Alternativel
Page 685 and 686:
The Role Manager x 639 } } case Lis
Page 687 and 688:
Summary x 641 SUMMARY You can imple
Page 689 and 690:
17 Personalizing Websites WHAT YOU
Page 691 and 692:
Understanding Profile x 645 In the
Page 693 and 694:
Understanding Profile x 647 You can
Page 695 and 696:
Understanding Profile x 649 5. To t
Page 697 and 698:
Understanding Profile x 651 To defi
Page 699 and 700:
Understanding Profile x 653 press t
Page 701 and 702:
Understanding Profile x 655 10. Dou
Page 703 and 704:
Understanding Profile x 657 1. In M
Page 705 and 706:
Understanding Profile x 659 e As Ev
Page 707 and 708:
Understanding Profile x 661 That’
Page 709 and 710:
Understanding Profile x 663 By clic
Page 711 and 712:
Understanding Profile x 665 sent to
Page 713 and 714:
Understanding Profile x 667 5. From
Page 715 and 716:
Understanding Profile x 669 10. Ent
Page 717 and 718:
Other Ways of Dealing with Profile
Page 719 and 720:
Other Ways of Dealing with Profile
Page 721 and 722:
Summary x 675 How It Works Much of
Page 723:
Page 726 and 727:
680 x CHAPTER 18 EXCEPTION HANDLING
Page 728 and 729:
Page 730 and 731:
Page 732 and 733:
Page 734 and 735:
Page 736 and 737:
Page 738 and 739:
Page 740 and 741:
Page 742 and 743:
Page 744 and 745:
Page 746 and 747:
Page 748 and 749:
Page 750 and 751:
Page 752 and 753:
Page 754 and 755:
Page 756 and 757:
Page 758 and 759:
Page 760 and 761:
Page 762 and 763:
Page 764 and 765:
Page 766 and 767:
Page 768 and 769:
Page 770 and 771:
Page 772 and 773:
Page 774 and 775:
Page 776 and 777:
730 x CHAPTER 19 DEPLOYING YOUR WEB
Page 778 and 779:
Page 780 and 781:
Page 782 and 783:
Page 784 and 785:
Page 786 and 787:
Page 788 and 789:
Page 790 and 791:
Page 792 and 793:
Page 794 and 795:
Page 796 and 797:
Page 798 and 799:
Page 800 and 801:
Page 802 and 803:
Page 804 and 805:
Page 806 and 807:
Page 808 and 809:
Page 810 and 811:
Page 812 and 813:
Page 814 and 815:
768 x APPENDIX A EXERCISE ANSWERS E
Page 816 and 817:
770 x APPENDIX A EXERCISE ANSWERS C
Page 818 and 819:
Page 820 and 821:
Page 822 and 823:
Page 824 and 825:
778 x APPENDIX A EXERCISE ANSWERS V
Page 826 and 827:
Page 828 and 829:
Page 830 and 831:
Page 832 and 833:
786 x APPENDIX A EXERCISE ANSWERS D
Page 834 and 835:
788 x APPENDIX A EXERCISE ANSWERS F
Page 836 and 837:
790 x APPENDIX A EXERCISE ANSWERS }
Page 839 and 840:
BConfiguring SQL Server 2012 So far
Page 841 and 842:
Configuring SQL Server 2012 x 795 C
Page 843 and 844:
Configuring SQL Server 2012 x 797 Y
Page 845 and 846:
Configuring SQL Server 2012 x 799 Y
Page 847 and 848:
Configuring SQL Server 2012 x 801 I
Page 849 and 850:
Configuring SQL Server 2012 x 803 t
Page 851:
Configuring Application Services x
Page 854 and 855:
allowAnonymous attribute - ASP.NET
Page 856 and 857:
Basic Settings mode - C# implementi
Page 858 and 859:
ClientID property - complex events
Page 860 and 861:
CreateUserUrl property - data Creat
Page 862 and 863:
decimal data type - DynamicEnableDe
Page 864 and 865:
European cookie law - external styl
Page 866 and 867:
input controls - handling input co
Page 868 and 869:
IIS:ASP.NET - interface IIS:ASP.NET
Page 870 and 871:
Label control - logical operators L
Page 872 and 873:
Microsoft Developer Network - New S
Page 874 and 875:
PageWrapper element- PhotoAlbumId p
Page 876 and 877:
Profile.GetProfile - ReadAllText me
Page 878 and 879:
RoleGroups - server side configurin
Page 880 and 881:
SQL statement - styling installing,
Page 882 and 883:
text strings - types validation con
Page 884 and 885:
validation controls- ViewState coll
Page 886 and 887:
web services - Where clause flow of
Page 888:
Try Safari Books Online FREE for 15
show all

Beginning ASP.NET 4.5 in CSharp and VB Opsylum

Create successful ePaper yourself

Delete template?

Save as template?