Solved

How to save submit .net control containing script/html contents

Posted on 2009-07-07
3
276 Views
Last Modified: 2013-11-07
How can I save string data from a .net html control into a database using the stock html controls (textbox, textarea, etc)?  The controls error out when I submit the page and the contents of the control contain html markup ( <br> tags, etc.).  Ideally, I would like to be able to craft and save and HTML form and associated input controls from a webpage using a textarea or something like that. I understand why .NET does not allow this by default (for good reason), but is there a way around it using just stock .NET html controls. If not, does anyone know of a third party control (such as freetextbox) that can be made to allow this?

using asp.net 1.1

Thanks!
0
Comment
Question by:jkwasson
  • 2
3 Comments
 
LVL 18

Accepted Solution

by:
carlnorrbom earned 500 total points
ID: 24802181
Hi,

I would suggest using "Server.HtmlEncode(YourInputString)" when inserting it into the database. This will convert the < > and other characters into the html equivalents such as &lt, &gt etc. Then, when retrieving the data from the database, simply do a Server.HtmlDecode(YourInputString) to convert the characters back.

/Carl.
0
 
LVL 5

Author Comment

by:jkwasson
ID: 24805110
Thanks. I also found the page directive ValidateRequest, which will disable the checking for script in a submitted control. I think that, along with my own validation and the htmlencode you mentioned is going to work. Thanks for your help!
0
 
LVL 18

Expert Comment

by:carlnorrbom
ID: 24805706
Hi,

I would not recommend disabling ValidateRequest as there are methods that allow you to perform this without turning off the request validation. Good luck with Your project!

/Carl.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now