For the ASP.NET validator controls, I want to use both client-side validation for the user experience and server-side validation to guard against hackers. ASP.NET documentation leads me to believe that if EnableClientScript="True" then there will be no server-side validation if client-side validation is possible for the user agent. To get server-side validation, the documentation says use EnableClientScript="False", which bypasses client-side validation altogether.
ASP。NET validator控件,我希望使用用户体验的客户端验证和服务器端验证来防范黑客。ASP。NET文档使我相信,如果EnableClientScript="True",那么如果客户端验证对用户代理是可行的,那么服务器端验证将不会存在。要获得服务器端验证,文档说要使用EnableClientScript="False",它完全绕过客户端验证。
Am I misunderstanding how the validator controls work? I ask because it seems obvious that many developers would want both client and server side validation together, and I find it hard to believe both together is not possible with one of the standard validation controls.
我是否误解了验证器控件的工作方式?我这样问,是因为很明显,许多开发人员都希望客户端和服务器端同时进行验证,我发现很难相信,使用标准的验证控件,两者都不可能实现。
If I am understanding the ASP.NET documentation correctly, then I can find only two options:
如果我理解ASP。NET文档正确,那么我只能找到两个选项:
-
Use two validator controls exactly the same except for their ID and EnableClientScript properties. Obviously ugly for maintaining two controls almost the same.
除了ID和EnableClientScript属性之外,使用两个验证器控件完全相同。显然,维护两个控件很难看。
-
Write some code behind to check if postback then invoke the Validate method on the validator group. Why write code behind if there a way to be automatic from the control?
在后面写一些代码来检查回发,然后在validator组上调用Validate方法。如果有一种方法可以自动从控件编写代码,为什么还要在后面编写代码呢?
Is there a way to do so using a single validator control with no code behind?
是否有一种方法可以使用一个没有代码的验证器控件来实现这一点?
Thanks in advance for your input.
感谢您的输入。
4 个解决方案
#1
3
The server-side validation will always occur, so you don't have to worry about it. The only way around that would be to use the CustomValidator or create your own validator class from BaseValidator that don't do anything server-side.
服务器端验证总是会发生,所以您不必为此担心。唯一的解决方法是使用CustomValidator或者从BaseValidator创建您自己的验证器类,这个类不做任何服务器端工作。
By default, server-side validation occurs after Page_Load() and before any triggered events (e.g. button click). In your Page_Load(), however, you can force a Page.Validate(). After validation has occurred you can check the Page.IsValid property.
默认情况下,服务器端验证发生在Page_Load()之后和任何触发事件(例如单击按钮)之前。但是,在Page_Load()中,您可以强制执行Page.Validate()。验证完成后,您可以检查页面。IsValid财产。
I recommend you read ASP.NET Validation in Depth. Also, it's not what you asked for, but it is fundamental that you understand the page lifecycle and ViewState (if you're not using MVC). Almost everything you will encounter makes use of it.
我建议你阅读ASP。净验证深度。此外,这不是您所要求的,但是理解页面生命周期和ViewState(如果不使用MVC)是非常重要的。几乎你遇到的每件事都会用到它。
#2
0
You are misunderstanding how the validators work. You always get server validation, bit client validation is optional. The only exception to this is the custom validator where you do not have to do anything server side if you don't want to.
您误解了验证器的工作方式。您总是得到服务器验证,位客户端验证是可选的。唯一的例外是自定义验证器,如果不愿意,您不需要在服务器端执行任何操作。
#3
0
use an asp validator in your markup, then on postback do the following:
在您的标记中使用一个asp验证器,然后在回发中执行以下操作:
Page.Validate()
if(Page.isValid)
{
// Validation passed
}
#4
0
According to this Microsoft source, "the Web Forms page framework always performs validation on the server, even if the validation has already been performed on the client."
根据这个Microsoft源代码,“Web表单页面框架总是在服务器上执行验证,即使验证已经在客户机上执行过。”
There is a lot more information there about how to implement the validation controls in ASP.Net 2.0. Presumably, the basic behavior has not changed in subsequent ASP.Net releases.
这里有很多关于如何在ASP中实现验证控件的信息。Net 2.0。可能,在随后的ASP中,基本行为没有改变。净释放。
#1
3
The server-side validation will always occur, so you don't have to worry about it. The only way around that would be to use the CustomValidator or create your own validator class from BaseValidator that don't do anything server-side.
服务器端验证总是会发生,所以您不必为此担心。唯一的解决方法是使用CustomValidator或者从BaseValidator创建您自己的验证器类,这个类不做任何服务器端工作。
By default, server-side validation occurs after Page_Load() and before any triggered events (e.g. button click). In your Page_Load(), however, you can force a Page.Validate(). After validation has occurred you can check the Page.IsValid property.
默认情况下,服务器端验证发生在Page_Load()之后和任何触发事件(例如单击按钮)之前。但是,在Page_Load()中,您可以强制执行Page.Validate()。验证完成后,您可以检查页面。IsValid财产。
I recommend you read ASP.NET Validation in Depth. Also, it's not what you asked for, but it is fundamental that you understand the page lifecycle and ViewState (if you're not using MVC). Almost everything you will encounter makes use of it.
我建议你阅读ASP。净验证深度。此外,这不是您所要求的,但是理解页面生命周期和ViewState(如果不使用MVC)是非常重要的。几乎你遇到的每件事都会用到它。
#2
0
You are misunderstanding how the validators work. You always get server validation, bit client validation is optional. The only exception to this is the custom validator where you do not have to do anything server side if you don't want to.
您误解了验证器的工作方式。您总是得到服务器验证,位客户端验证是可选的。唯一的例外是自定义验证器,如果不愿意,您不需要在服务器端执行任何操作。
#3
0
use an asp validator in your markup, then on postback do the following:
在您的标记中使用一个asp验证器,然后在回发中执行以下操作:
Page.Validate()
if(Page.isValid)
{
// Validation passed
}
#4
0
According to this Microsoft source, "the Web Forms page framework always performs validation on the server, even if the validation has already been performed on the client."
根据这个Microsoft源代码,“Web表单页面框架总是在服务器上执行验证,即使验证已经在客户机上执行过。”
There is a lot more information there about how to implement the validation controls in ASP.Net 2.0. Presumably, the basic behavior has not changed in subsequent ASP.Net releases.
这里有很多关于如何在ASP中实现验证控件的信息。Net 2.0。可能,在随后的ASP中,基本行为没有改变。净释放。