This document discusses XML validation using an XML schema (XSD) file. It provides an example of using an XmlReader with validation enabled to validate an XML file against an XSD schema. The example loads an XML file, validates it using a schema at a given URI, and handles any validation errors, displaying status messages. It demonstrates how to automatically generate an XSD from an XML file in Visual Studio to define the XML structure.
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
XML Chapter 12: Introduction to XML in .NET
1. Chapter'12
~'-:~~ :;:I I ~
dJ
;..,,1.,0ltt ·"'
UnitV
C:vrXML
r-~ I
Chapter Outline
12.1 Introduction: XML: Extensible Markup Language
12.2 XML Basics
12.3 The XML Classes
12.4 XML Validation
12.5 XML Display and Transforms
12.6 Questions
~ , -
L::~ ~l J~~~!_!J:._~~J/t:_ )
=It is a very widely used format for exchanging data, mainly because it's easy readable for
both humans and machines.
=XML is designed as an all-purpose format for organizing data.
=Amarkup language is used to provide information about a document.
=Tags are added to the document to provide the extra information.
=HTML tags tell abrowser how to display the document.
=XML tags give areader some idea what some of the data means.
_;_--~->~~.t ,,r,~ - .-. :/Sffl·.
---__,;::;...;;:....,;.;.£..,;:=~............-..;......._...:,.
When creating your own XML document, you need to remember only a few rules:
=XML documents must start with an XML declaration like <?xml version="1.0"?>.
=XML elements are composed of a start tag (like <Name>) and an end tag (like </Name>).
=Content is placed between the start and end tags. If you include a start tag, you must also
include a corresponding end tag.
= Whitespace between elements is ignored.
You can use only valid characters in the content for an element. You can't enter special
characters, such as the angle brackets (<>) and the ampersand (&), as content.
XML elements are case sensitive, so <ID> and <id> are completely different elements.
2. XML 317
:> All elements must be nested in a root element
:> Every element must be fully enclosed. In other words, when you open a subelement, you
need to close it before you can close the parent.
Example
<?xml version="1.0" encoding="utf-S" ?>
<address>
<name>
<first>Haider</first>
<last>Zaidi</last>
</name>
<email>haiderzaidi20@gmail.com</email>
<phone>8898253962</phone>
<birthday>
<year>1988</year>
<month>04</month>
<day>03</day>
</birthday>
</address>
XML File Tree
year day
:> .NET provides a rich set of classes for XML manipulation in several namespaces that start
with System.Xml.
:> NET provides seven namespace:
using System.Xml;
using System.Xml.Scherna;
using System.Xml.Linq;
/
"--
3. )
)
1n9
318
using System.Xml.Resolvers;
,, using System.Xml.Serialization;
using System.Xml.XPath;
using System.Xml.Xsl;
The SystemXml namespace contains major XML classes. This namespace contai·ns tnan
classes to read and write XML documents. Y
12.3.1 The XML TextWriter
One of the simplest ways to create or read any XML document is to use the ba .
XmITextWriter and XmlTextReader classes. sic
These classes work like their StreamWriter and StreamReader relatives, except th t th
write and read XML documents instead ofordinary text files. . a ey
Example: The following code creates an xmI file with the name Employee.
using System;
using System.Text;
using System.Xml;
namespace ConsoleApplication3
{
class Program
static void Main(stringO args)
{
XmlWriter xmlWriter =XmlWriter.Create("Employee.xml");
xmlWriter.WriteStartDocument();
xmlWriter.WriteStartElement("Employees");
xmlWriter.WriteStartElement("Employee");
xmlWriter.WriteAttributeString("age", "29");
xmlWriter.WriteString("Haider Zaidi");
xmlWriter.WriteEndElement();
xmlWriter.WriteStartElement("Employee");
xmlWriter.WriteAttributeString("age", "48");
xmlWriter.WriteString("Arif Patel");
xmlWriter.WriteEndDocument();
4. ..,
l
)(r/lL 319
lJl)IWriter.WriteStartElement: Writes out a start tag with the specified local name.
xmtWriter.WriteElementString: Writes an element containing a string value.
lllllWriter.WriteEndDocument: Closes any open elements or attributes and puts the writer
k I
.0 the Start state.
bac
lJl)IWriter.WriteAttributeString: This method writes out the attribute with a user defined
espace prefix and associates it with the given namespace.
naJJl
12.3.2 XMLTextReader
:> With Xm!TextReader we parse XML data. This type acts upon a string containing XML
markup. We use the XmlTextReader constructor and develop a custom parser for XML data.
This is an efficient approach to XML parsing.
:> The Xm!Reader class is an abstract bases classes and contains methods and properties to
read adocument. The Read method reads a node in the stream.
:> I'm using books.xml to read and display its data through XmlTextReader. This file comes
with VS.NET samples (https://msdn.microsoftcom/en-
us/Iibrary/ms762271(v=vs.85).aspx ).
Example
using System;
using System.Text;
using System.Xml;
namespace ConsoleApplication1
class Program
static void args)
{// Create an isntance of XmlTextReader and call Read method to read the file
XmlTextReader textReader = new XmlTextReader("C:books.xml");
textReader.Read();
// If the node has value
while (textReader.Read())
{
II Move to fist element
textReader.MoveToElement();
Console.WriteLine("XmlTextReader Properties Test");
Console.WriteLine("===- =======");
// Read this element's properties and display them on console
Console.WriteLine("Name:" + textReader.Name);
Console.WriteLine("Base URI:" + textReader.BaseURI);
Console.WriteLine("Local Name:•+ textReader.LocalName);
5. N@1i%i@NAl+®'11
111D
Console.Writeline("Attribute Count:" +textReader.AttributeCount.ToString());
Console.Writeline("Depth:" +textReader.Depth.ToString());
Console.Writeline("Line Number:"+ textReader.LineNumber.ToString());
Console.Writeline("Node Type:" +textReader.NodeType.ToString());
Console.Writeline("Attribute Count:" + textReader.Value.ToString());
Console.Read();
file:.///C
:/USffl/N203TX/App0atall.ocal/Temporary ProJects/Consoli!Application1/bin:'Debu~ConsoleAppliotion1.EXE
•11un1111
--------=====------
ame:9enre ·
Base URI:file:///C:/books.xml
Local Name:genre
Attribute Count:0
Depth:2
Line Number:6
Node Type:EndElement
Attribute Count:
X
mlTextReader. Properties Test
-------------------
Name:
Base URI:file:///C:/books.xml
ocal Name:
Attribute Count:0
Depth:2
Line Number:6
Node Type:Whitespace
Attribute Count:
i•(·
12.2.3 Reading an XML Document
-
The XDocurnent makes it easy to read and navigate XML content. You can use the static
XDocurnent.Load() method to read XML documents from a file, URI, or stream, and you can use the
static XDocurnent.Parse() method to load XML content from a string.
Useful Methods for XElement and XDocurnent.
Method Description
Attributes() Gets the collection ofXAttribute objects for this element.
Attribute() Gets the XAttribute with the specific name.
Elements() Gets the collection ofXElement objects that are contained by this element. (This
is the top level only-these elements may in tum contain more elements.)
Optionally, you can specify an element name, and only those elements will be
retrieved. -
Element() Gets the single XElement contained by this element that has a specific name (or
null ifthere's no match). Ifthere is more than one matching element, this method
gets just the first one. -
6. • ru
Descendants() Gets the collection ofXElement objects that are contained by this element and
(optionally) have the name you specify. Unlike the Elements() method, this
method goes through all the layers ofthe document and finds elements at any
level of the hierarchy.
Nodes() Gets all the XNode objects contained by this element. This includes elements and
other content, such as comments. However, unlike the XmlTextReader class, the
XDocument does not consider attributes to be nodes.
~cendantNodes() Gets all the XNode object contained by this element. This method is like
Descendants() in that it drills down through all the layers ofnested elements.
These methods give you added flexibility to filter outjust the elements that interest you.
Example
Employee.xml
':'?xml version="1 .0" encoding="utf-8" ?>
<Employees>
<Employee>
<FirstName>ZAIDl</FirstName>
<Age>30</Age>
<Dept>Computer Science</Dept>
</Employee>
<Employee>
<FirstName>SAIF</FirstName>
<Age>30</Age>
<Dept>lnformation Technology</Dept>
</Employee>
<Employee>
<FirstName>ARIF</FirstName>
<Age>48</Age>
<Dept>Engineering</Dept>
</Employee>
<Employee>
<FirstName>SOHRABH</FirstName>
<Age>30</Age>
<Dept>M.Sc - IT</Dept>
</Employee>
</Employees>
Default.aspx :
10. XML 325
Example
<%@ Page Language="C#" AutoEventWireup="true"
lnherits="XmlValidalion" %>
<html xmlns="http://www.w3.org/1999/xhtm1" >
<head runat="server">
<title>Xml Validation</title>
</head>
<body>
<form id="form1• runat="server">
<div class="Box">
<asp:RadioButton id="optValid"
runat="server"
Text="Use Data.xml"
Checked="True"
GroupName="Valid">
</asp:RadioButton>
<asp:button id="crndValidate"
runat="server''
Text="Validate XML"
OnClick="cmdValidate_Click">
</asp:button>
</div>
<div>
CodeFile="Default.aspx.cs"
<asp:Label id="lblStatus" runat="server" EnableViewState="False"></asp:Label>
</div>
</form>
</body>
</html>
File: Default.aspx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.LIi;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
11. ng
32
using System.Web.UI.HtmlControls;
using System.Xml.Schema;
using System.IC;
using System.Xml;
public partial class XmlValidation : System.Web.UI.Page
{
protected void crndVal'date_Click(object sender, EventArgs e)
{
string filePath ="Data.xml";
lblStatus.Text ="";
XmlReaderSettings settings =new XmlReaderSettings();
settings.Schemas.Add("yourURI",Request.PhysicalApplicationPath +"Data.xsd");
settings.ValidationType= ValidationType.Schema;
settings.ValidationEventHandler += new ValidationEventHandler(ValidateHandler);
FileStream fs =new FileStream(filePath, FileMode.Open);
XmlReader r=XmlReader.Create(fs, settings);
while (r.Read())
{
l
ls.Close();
lblStatus.Text += "<br />Complete.";
}
public void ValidateHandler(Object sender, ValidationEventArgs e)
{
}
}
lblStatus.Text +="Error:"+ a.Message +"<br />';
File: Data.xml
<?xml version='1.0' encoding='utf-8' ?>
<EmployeeDetails>
<FirstName>ZAIDl</FirstName>
12. )(ML 327
.:MiddleName>ZARl</MiddleName>
<LastName>HAIDER~/LastName>
<Emai11d>haid~rzaidi20@gmail.com</Emailld>
.:Mobile>8898253962</Mobile>
-=:Address>B/503, Jogeshwari , Mumbai</Address>
<Blke>Yamaha FZS</Bike>
</EmployeeDetails>
File: Oata.xsd
Open the existing XML.
Go to XML menu.
·Select "Create schema"- option.
Your XSD will be created automatically.
<?xml version="1.0" encoding="utf-8"?>
<xs:schema. attributeFormDefault="unqualified"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="EmployeeDetails">
<xs:complexType>
<xs:sequence>
<xs:element name="FirstName" type="xs:string" />
<xs:element name="MiddleName" type="xs:string" />
<xs:element name="LastName" type="xs:string" />
<xs:element name="Emailld" type="xs:string" />
<xs:element name="Mobile" type="xs:unsignedLong"/>
<xs:element name="Address" type="xs:string" />
<xs:element name="Bike" type="xs:string" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>
t)l:s
·xMl,Display and:rrahsf-9~
1''.lS
elementFormDefault="qualified"
Another standard associated with XML is XSL Transformations (XSL'I). XSLT allows you to
create style sheets that can extract a portion of a large XML document or transform an XML document
into another type of XML document. An even more popular use of XSLT is to convert an XML
document into an HTML document that can be displayed in a browser.
XSLT is easy to use from the point of view of the .NET class library. All you need to understand
is how to create an XslCompiledTransform object (found in the Sys'tem.Xml.Xsl namespace). You use
13. wuuJiq
£ M%iiHMGPi+
its Load() method to specify a style sheet and its Transfonn() method to output the result to a fit
srreant e or
There are two main components in XSLT that helps transformations, XSLT Proces~o
formatter. First, the XSLT processor takes two inputs, a XML document and a XSLT sty! r ~
nd
XSL
XSLTprocessor starts from the root node and then it goes for the root node's children. Th:s ;et. lbe
searches the stylesheet element to see if any template element and other XSLT elements p ocessor
As per the defined XSLT rules it fetches data from the XML document and generates a are! defined.
. resu ts tr .
XML formal The XML formatter takes mput as a result tree and generates the final end ee 111
HTML. text other XML format. products as
The XML Web Control
The XML control is used to display an XML document or the results ofan XSL Tra ti
ns onn
Note: At least one of the XML Document properties must be set or no XML doc ·
ument ·
displayed. ts
. eoreit'
You can also specify an XSLT document that will fonnat the XML document b ti
written to the output. You can format the XML document with the Transfonn pro e
18
the TransfonnSource property. P rty or
Example
XML File: XMLFiJe.xml
<?xml version='1.0" encoding='utf-8' ?>
<breakfast_meru>
<food>
<name>Biriyani</name>
<price>$10.60</price>
<description>Rice with chicken</description>
<calories>650</calories>
</food>
<food>
<name>Juice</name>
<price>$4.20</price>
<description>Frult juices like mango, banana, apple</description>
<calories>200</calories>
</food>
</breakfast menu>
14. XML 329
XSLTFile
XSLTFile.xslt
'°:?xml version="1.0" encoding="iso-8859-1"?>
1 ....
' t 11;,
<html xsl:version="1.0"
xmlns="http://www.w3.org/1999/xhtml">
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
<body style="font-family:Arial;font-size:12pt;background-color:#EEEEEE">
<xsl:for-each select="breakfast_menu/food">
<div style="background-color:teal;color:white;padding:4px">
<span style="font-weight:bold">
<xsl:value-of select="name"/>
</span>
- <xsl:value-of select="price"/>
</div>
<div style="margin-left:20px;margin-bottom:1em;font-size:1Opt">
<xsl:value-of select="description"/>
<span style="font-style:italic">
<xsl:value-of select="calories"/> -
(calories per serving)
</span>
</div>
</xsl:for-each>
</body>
</html>
.... Xmn I
.., Use this <OfltnH to perfonn XSl trlmfonns.
{' · •
LaHI
Webforml.aspx source code
- ,e,•
Without XML Control
r.
_,,•-·.r,• :,-..
"Xlxxl
... . ..'.'./'!,'./
<%@ Page Language="C#"
lnherits="Webform1" %>
AutoEventWlreup="true" CodeFile="Webform1.aspx.cs"
17. DD
&l¼i,H+MW?i+Wi,,hm!
Xml1 .TransformSource =Server.MapPath("XSLTFile.xslt");
}
protected void Button2_Click(object sender, EventArgs e)
{
Xml1.Visible =false;
Label1.Visible =true;
JI Getting file path
string strXSLTFile =Server.MapPath("XSLTFile.xslt");
string strXMLFile =Server.MapPath("XMLFile.xml");
II Creating XSLCompiled object
XslCompiledTransform objXSLTransform = new XslCompiledTransform();
objXSLTransform.Load(strXSLTFile);
II Creating StringBuilder object to hold html data and creates TextWriter object to hold data f
XslCompiled.Transform method rom
StringBuilder htrnlOu1put = new StringBuilder();
TextWriter htrnlWriter =new StringWriter(htmlOutput);
II Creating XmlReader object to read XML content
XmlReader reader= XmlReader.Create(strXMLFile);
II Call Transform() method to create html string and write in TextWriter object.
objXSLTransform.Transform(reader, null, htmlWriter);
Label1.Text =htmlOutput.ToString();
// Closing xmlreader object
reader.Close();
,