Build Your Own ASP.NET 3.5 Website Using C# & VB (42 page)

The VB version is displayed above, but the C# version is identical except for the

Page declaration. Here, we’ve added two RequiredFieldValidator controls, which

force the user to type some data into the referenced controls before the form can be

submitted. Let’s have a closer look at the first RequiredFieldValidator to see that

it does its job. It sets a couple of properties, whose names are fairly descriptive

(ControlToValidate and ErrorMessage):

LearningASP\VB\Login_01.aspx
(excerpt)

ControlToValidate="usernameTextBox"

ErrorMessage="Username is required!"
/>

Load this page and immediately click the
Submit
button without entering text into

either field. The page should display as shown in Figure 6.1
. When we click the
Submit
button, we instantly see the error messages that tell us we forgot to type in

a username and password.

Licensed to [email protected]

Using the Validation Controls

231

Figure 6.1. Validation controls at work

The beauty of ASP.NET validation controls is that they determine whether or not

the browser is capable of supporting client-side validation. If it is, ASP.NET automatically includes the necessary client-side JavaScript; if not, it’s omitted and the form is validated on the server.

ASP.NET and Client-side Validation

In older versions of ASP.NET, these controls demonstrated a tendency to assume

that non-Microsoft browsers, such as Firefox, did not support JavaScript. As

ASP.NET’s client-side validation relies on JavaScript, client-side validation was

not supported in those browsers, and users had to rely on these controls’ serverside validation. However, from version 2.0 on, ASP.NET recognized the JavaScript capabilities of

these browsers, so client-side validation is now available to all modern browsers,

including Opera, Firefox, and others. That said, it’s important not to forget that

JavaScript can be disabled in any browser, so client-side validation cannot be relied

upon—we must always validate any submitted data on the server.

A nice feature of ASP.NET is that we can make it set the focus automatically to the

first input control that causes a validation error. We activate this feature by setting

the SetFocusOnError property of the validation control to True. Our simple example

offers two RequiredFieldValidation controls that we can update. Let’s do that

now:

Licensed to [email protected]

232

Build Your Own ASP.NET 3.5 Web Site Using C# & VB

LearningASP\VB\Login_02.aspx
(excerpt)

Username:

ControlToValidate="usernameTextBox"

ErrorMessage="Username is required!"

SetFocusOnError="True"
/>

Password:

TextMode="Password" />

ControlToValidate="passwordTextBox"

ErrorMessage="Password is required!"

SetFocusOnError="True"
/>

If you make the changes highlighted in bold above, and load the page again, pressing

the
Submit
button when a text box is empty will cause that text box to gain focus.

If both text boxes are empty, the first one will receive focus.

Enforcing Validation on the Server

Validation is critical in circumstances in which users’ submission of invalid data

could harm your application. There are many circumstances where processing bad

input data could have negative effects—for instance, it could produce runtime errors,

or cause bad data to be stored in your database.

To get a clear idea of these implications, let’s add to the login page some server-side

code that uses the data input by the visitor. The typical point at which visitor data

is used in a login page is the Click event handler of the
Submit
button. Add the

OnClick property to the Button control, and give it the value submitButton_Click.

This property mimics what Visual Web Developer would give the control if you

double-clicked the button in Design view:

Licensed to [email protected]

Using the Validation Controls

233

LearningASP\VB\Login_03.aspx
(excerpt)

OnClick="submitButton_Click"
/>

Next, create the submitButton_Click subroutine. You can add this between the

tags, like so:

Visual Basic

LearningASP\VB\Login_03.aspx
(excerpt)

Protected Sub submitButton_Click(s As Object, e As EventArgs)

submitButton.Text = "Clicked"

End Sub

C#

LearningASP\CS\Login_03.aspx
(excerpt)

protected void submitButton_Click(object sender, EventArgs e)

{

submitButton.Text = "Clicked";

}

You can have Visual Web Developer help you generate the method signatures by

switching the form to
Design
view and double-clicking the button.

Now, if you’re trying to submit invalid data using a browser that has JavaScript

enabled, this code will never be executed. However, if you disable your browser’s

JavaScript, you’ll see the label on the Button control change to
Clicked
! Obviously,

this is not an ideal situation—we’ll need to do a little more work to get validation

working on the server side.

Disabling JavaScript in Firefox

To disable JavaScript in Firefox, go to
Tools
>
Options…
, click the
Content
tab, and uncheck the
Enable JavaScript
checkbox.

Licensed to [email protected]