Validate multiple Panels

  • Thread starter Thread starter Brybot
  • Start date Start date
B

Brybot

I have a form that i've split up into multiple asp:panels, each panel
has a number of validators which work correctly.

At on the last panel, i want to commit the data collected to a
database. I figured since all the panel data is still being sent
through the postbacks, instead of using Sessions, or HttpContext, I
could just take the values from the textboxes.

This all works fine, except for security. I realized that I could
inject new values into the POST data. Once a page has been validated,
its not validated again before committing to the database, in essence,
making the validators on the other panels useless.

To fix this, before committing, I would get a list of all the
validators on the page, re-validate each, and if all of them were
still valid, commit. That way any injected POST variables would
become invalid and the commit would not happen. Code:

foreach (IValidator validator in Page.Validators)
{
validator.Validate();
if (!validator.IsValid)
return;
}

This gets a list of all the validators across all the panels, but
Validate() does not update the IsValid property and the injected
variables are allowed through. ... How come Validate() is not
updating? Testing, if I set a textbox.text = "" after it initally
validates, the textboxes custom validator which checks for length > 5
validates to true, even though it is not.

Any help would be greatly appreciated!
 
the validators only update themselves. to test if valid the page does
the same loop you do.

you could make one custom validator that does the loop, then
Page.IsValid would call this one.

-- bruce (sqlwork.com)
 
the validators only update themselves. to test if valid the page does
the same loop you do.

you could make one custom validator that does the loop, then
Page.IsValid would call this one.

-- bruce (sqlwork.com)
Click to expand...

Thanks Bruce, that is essentially what I am doing, more specifically,
my problem is that validator.Validate() is not actually re-
validating. Even if the validator should no longer validate,
validator.isValid stays true.
 
Thanks Bruce, that is essentially what I am doing, more specifically,
my problem is that validator.Validate() is not actually re-
validating. Even if the validator should no longer validate,
validator.isValid stays true.
Click to expand...

Heres a code snippet:

private void Button1_Click(object sender, System.EventArgs e)
{
this.TextBoxVar.Text = "";
this.CustomValidatorCheckLength.IsValid = false;
Page.Validate();
if (Page.IsValid)
Response.Write("Valid");
}

private void CustomValidatorCheckLength_ServerValidate(object source,
System.Web.UI.WebControls.ServerValidateEventArgs args)
{
if (this.TextBoxVar.Text.Length > 5)
args.IsValid = true;
else
args.IsValid = false;
}

If I enter a value of length greater then 5 then submit form, this
always evaluates to true, even when I specifically set it so that it
should not validate...
 
Heres a code snippet:

private void Button1_Click(object sender, System.EventArgs e)
{
this.TextBoxVar.Text = "";
this.CustomValidatorCheckLength.IsValid = false;
Page.Validate();
if (Page.IsValid)
Response.Write("Valid");

}

private void CustomValidatorCheckLength_ServerValidate(object source,
System.Web.UI.WebControls.ServerValidateEventArgs args)
{
if (this.TextBoxVar.Text.Length > 5)
args.IsValid = true;
else
args.IsValid = false;

}

If I enter a value of length greater then 5 then submit form, this
always evaluates to true, even when I specifically set it so that it
should not validate...
Click to expand...

Whew! Figured it out.

Even though I am looping through each Validator, the panel it is in
has to be set to visible=true for the validator to be forced to run.
Therefore, as in the above Button1 Click event, if I add
this.panelX.Visible = true; for each panel that contains a validator,
they we re-validate.

Awesome!
 
Back
Top