This document discusses validating user input in ASP.NET applications. It describes using validation controls on both the client-side using JavaScript and server-side using C# to check fields for errors like empty values, values outside a specified range, or values that do not match a regular expression. The key validation controls covered are RequiredFieldValidator, RangeValidator, RegularExpressionValidator, CompareValidator, and CustomValidator. It emphasizes best practices of using both client-side and server-side validation for security and usability.

1. ASP.NET
Validating user input
Validating user input on the
client and/or server side
By-Guddu Kumar

2. Goals
Check validity of data from the end user
How
Check user input on the client side or on the server
side
Examples
Is the name TextBox empty?
Does the email TextBox contain a structurally valid
email address?

3.  Verifies that a control value is correctly
entered by the user
 Blocks the processing of a page until all
controls are valid
 Avoids spoofing
or the addition of
malicious code

4. Client-side validation
 Done in the browser
 Uses JavaScript
 Users can disable
JavaScript!
 Different browsers →
different JavaScript
versions
 Does not require HTTP
request + response
Server-side validation
 Done on the server
 Uses C#
 Requires HTTP request
+ response

5.  Best practice
 Client-side validation and server-side
validation
 Client-side saves time
 No HTTP request/response
 Server-side
 Provides security
 JavaScript not disable

6. ASP.NET performs browser detection
• Client supports JavaScript
• Use client-side validation + server-side validation
• Client does not support JavaScript
• Use server-side validation

7.  RequiredFieldValidator
Input field cannot be empty
 CompareValidator
Compare between user inputs using =, >, etc.
 RangeValidator
Minimum < input < maximum
 RegularExpressionValidator
Check the entry matches a pattern defined by the regular expression
 CustomValidator
Make your own validator
 ValidationSummary
Displays all error messages from validators in one spot

8.  ControlToValidate
The control to be validated
 ErrorMessage
The message used in the ValidationSummary
 Text
The error message used in the validation control
 CssClass
Style appearance of the messages

9. • Validation happens because of an event
• Example: button click event
• Can be turned of (for some buttons in a form)
• <asp:Button ID=“Button1” runat=“server”
Text=“Submit” CausesValidation=“false” >
• Client-side validation can be turned off
• Only server-side validation in effect
• <asp:RequiredFieldValidator …
EnableClientScript=“false”>

11.  The RequiredFieldValidator control ensures that the required field is not
empty. It is generally tied to a text box to force input into the text box.
The syntax for the control:
<asp:RequiredFieldValidator ID="rfvcandidate"
runat="server" ControlToValidate="ddlcandidate"
ErrorMessage="Please choose a candidate"
InitialValue="Please choose a candidate">
</asp:RequiredFieldValidator>

12.  Can have multiple validation controls on a
single input control
 Only the RequiredFieldValidator checks
empty controls

13.  The RangeValidator control verifies that the input value falls within a
predetermined range.
 It has three specific properties:
The syntax for the control:
<asp:RangeValidator ID="rvclass"
runat="server"
ControlToValidate="txtclass"
ErrorMessage="Enter your class (6 - 12)"
MaximumValue="12"
MinimumValue="6" Type="Integer">
</asp:RangeValidator>

14.  The CompareValidator control compares a value in one control with a fixed
value, or, a value in another control.
 It has the following specific properties:
The basic syntax for the control:
<asp:CompareValidator ID="CompareValidator1"
runat="server"
ErrorMessage="CompareValidator">
</asp:CompareValidator>

15.  The RegularExpressionValidator allows validating the input text by matching
against a pattern against a regular expression. The regular expression is set
in the ValidationExpression property.
 The following table summarizes the commonly used syntax constructs for
regular expressions:
A class of characters could be specified that can be matched, called the
metacharacters.

16. Quantifiers could be added to specify number of times a character could
appear.

17.  The CustomValidator control allows writing application specific custom
validation routines for both the client side and the server side validation.
 The server side validation routine should be written in any .Net language,
like C# or VB.Net.
The basic syntax for the control:
<asp:CustomValidator ID="CustomValidator1" runat="server"
ClientValidationFunction=.cvf_func.
ErrorMessage="CustomValidator"></asp:CustomValidator>

18.  The ValidationSummary control does not perform any validation but shows a
summary of all errors in the page. The summary displays the values of the
ErrorMessage property of all validation controls that failed validation.
 Using Page.IsValid property we can check for page errors. When there are no
errors IsValid returns true and user can proceed to next page.
if (Page.IsValid)
{ //validation complete proceed }
The syntax for the control:
<asp:ValidationSummary ID="ValidationSummary1" runat="server"
DisplayMode = "BulletList" ShowSummary = "true"
HeaderText="Errors:" />

19.  Create an ASP.NET Web Form
with TextBox and Button
controls
 Add a RequiredFieldValidator
control
 Add a RangeValidator control
 Add a
RegularExpressionValidator
control

20. The Following showing the Illustration of Validation controls:

23. Thank You