Hello everyone, I want to extend my TextBox in ASP.NET 2.0 to perform 3 additional tasks based on a public property. I want to accomplish: 1- ability to validate zip code 2- ability to validate email address 3- automatically making user input sql injection proof. I have so many pages on my site where I am validating textbox input for these things, that it would really just make it easier if I had an extended TextBox that I could just choose a property and drop it on the page. When using textbox input for a sql statement, typically you can do this to disallow people from closing your statement and dropping your tables or worse: TextBox1.Text.Replace("'", "''") To validate a zip code, I have a worker class that I call from all these pages that does this: public class IsValidZip { public bool validatezip(string _zip) { bool returnbool = true; if (_zip.Length < 5) { returnbool = false; } try { Convert.ToInt32(_zip); } catch { returnbool = false; } return returnbool; } } If anyone has the code available for an extended textbox that can perform these tasks automatically, let me know. Cheers!
If you have Visual Studio 2005 then just make it like following: Means, the final source view of the page will look as follows: <%@ Page Language="VB" validateRequest="true" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox> <asp:RegularExpressionValidator ID="ZIPRegularExpressionValidator" runat="server" ControlToValidate="TextBox1" ErrorMessage="Enter valid ZIP code !" ValidationExpression="\d{5}(-\d{4})?">*</asp:RegularExpressionValidator> <asp:RegularExpressionValidator ID="EMAILRegularExpressionValidator" runat="server" ControlToValidate="TextBox1" ErrorMessage="Enter valid email address !" ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*">*</asp:RegularExpressionValidator> <asp:ValidationSummary ID="ValidationSummary1" runat="server" /> <br /> <asp:Button ID="Button1" runat="server" Text="Submit" /> </div> </form> </body> </html> Code (markup): Notice the validateRequest in the page directive; Request validation detects a potentially dangerous client input value, and processing of the request will be aborted. The rest validations you will figure out very easy reading the code above. Means they are RegularExpressionValidator's with appropriate "ValidationExpression" HTH Regards