使用xval进行C＃mvc2客户端表单验证，防止发布

I'm using xval to use client side validation in my asp.net mvc2 web-application. Despite the errors it's giving when I enter text in a numeric field, it still tries to post the form to the database. The incorrect values are being replaced by 0 and saved to the database. But instead it shouldn't even be possible to try and submit the form. Can anyone help me out here?

我正在使用xval在我的asp.net mvc2 web应用程序中使用客户端验证。尽管我在数字字段中输入文本时会出现错误,但它仍然会尝试将表单发布到数据库中。错误的值将被替换为0并保存到数据库中。但相反,甚至不可能尝试提交表格。有人可以帮我从这里出去吗?

I've set the attributes as below:

我已将属性设置如下:

[Property]
[ShowColumnInCrud(true, label = "FromPriceInCents")]
[Required]
//[Range(1, Int32.MaxValue)]
public virtual Int32 FromPriceInCents{ get; set; }

The controller catching the request looks as below; I'm getting no errors in this part.

捕获请求的控制器如下所示;我在这部分没有错误。

[AcceptVerbs(HttpVerbs.Post)]
[Transaction]
[ValidateInput(false)]
public override ActionResult Create()
{
  //some foo happens
}

My view looks like below:

我的观点如下:

<div class="label"><label for="Price">FromPrice</label></div>
<div class="field">
<%= Html.TextBox("FromPriceInCents")%>
<%= Html.ValidationMessage("product.FromPriceInCents")%></div>

And at the end of the view i have the following rule which in html code generates the correct validation rules

在视图的最后,我有以下规则,在html代码中生成正确的验证规则

<%= Html.ClientSideValidation<Product>("Product") %>

I hope someone can helps me out with this issue, thanks in advance!

我希望有人可以帮助我解决这个问题,提前谢谢!

EDIT: 19th April I just found out that there is a normal button with being used instead of an input type="Button" Could this be the issue?

编辑:4月19日我刚刚发现有一个正常的按钮被使用而不是输入类型=“按钮”这可能是问题吗?

<button class="save" type="submit" name="save"><span>Opslaan</span></button>

3 个解决方案

#1

Maybe this could help:

也许这可以帮助:

How to use the jQuery Validation plugin with metadata, jQuery Forms and xVal together?

如何将jQuery Validation插件与元数据,jQuery Forms和xVal一起使用?

#2

My first and main concern here would be: why is your app saving the values in the database in the first place? While xVal is a good way to make the application user friendly, you still HAVE to do server side validation. If you don't validate your data on the server - you have a masive security hole! Try checking if the ModelState.IsValid in your controller before saving the values.

我的第一个主要关注点是:为什么你的应用程序首先在数据库中保存值?虽然xVal是使应用程序用户友好的好方法,但您仍然需要进行服务器端验证。如果您没有在服务器上验证您的数据 - 您有一个安全漏洞!在保存值之前,请尝试检查控制器中的ModelState.IsValid。

Now, from what I see you're registering the xVal validation using

现在,从我看到你正在使用注册xVal验证

<%= Html.ClientSideValidation<Product>("Product") %>

The way it works is it enables client side validation for all controls prefixed with "Product". Your textbox on the other hand has an id of FromPriceInCents

它的工作方式是它为所有以“Product”为前缀的控件启用客户端验证。另一方面,您的文本框的ID为FromPriceInCents

So the solution here would be to do this:

所以这里的解决方案是这样做:

<%= Html.TextBox("FromPriceInCents")%>
<%= Html.ValidationMessage("FromPriceInCents")%>

<%= Html.ClientSideValidation<Product>() %>

UPD3 I updated the post. Fixed the code so that the prefix is not used.

UPD3我更新了帖子。修复了代码,以便不使用前缀。

Also, I compiled a working solution that contains a working solution. List, Edit, Create page, string and int properties, and xVal validation.

此外,我编译了一个包含工作解决方案的工作解决方案。列表,编辑,创建页面,字符串和int属性以及xVal验证。

public class Product
{
    [ScaffoldColumn(false)]
    public int Id { get; set; }

    [Required]
    [Range(1,50)]
    public int PriceInCents { get; set; }

    [Required]
    [StringLength(50)]
    public string Name { get; set; }
}

and on the view

并在视图上

<%= Html.TextBoxFor(model => model.PriceInCents) %>
<%= Html.ValidationMessageFor(model => model.PriceInCents) %>

Here's the download link.. Check it out and tell me if it works http://www.flexlabs.org/download/xValTest

这是下载链接..检查一下,告诉我它是否有效http://www.flexlabs.org/download/xValTest

#3

Why do you have the Range attribute commented out? With the properties you have specified as long as anything is entered in the textbox it should pass client side validation.

为什么要注释掉Range属性?使用您指定的属性,只要在文本框中输入任何内容,它就应该通过客户端验证。

#1