Solved

ASP.Net Application - Handling XML Special Characters

Posted on 2011-02-19
3
1,158 Views
Last Modified: 2012-08-13
Hi,

I have an Asp.Net application that allows the user to insert in to an XML document. Before the insertion is made, I must first ensure that the 'primary key' is unique. To do this, I have a asp:CustomValidator that calls a function called ValidateUniqueCategory. (See attached code)

In this code, I get the value of the relevant textbox (sender.ControlToValidate).

This works well if there are no special characters present, however if the user enters special charaters (', ", <, >, &) in to SenderControl.Text it fails. How can I handle this?

Possibilities:

Using a CDATA section? Please explain if this will work

Declaring GalleryXPath as something other than String? There are many other types that sound useful but I haven't been able to get them to work. Types such as: XmlText, XmlCDataSection etc.

Thank you in advance
Ben
Protected Sub ValidateUniqueCategory(ByVal sender As Object, ByVal Args As ServerValidateEventArgs)

Dim GalleryXml As New XmlDocument()
Dim GalleryXmlDirectory As String = "/Flash/Gallery/"
Dim GalleryXmlFilename As String = "Gallery.xml"
Dim GalleryXmlPath As String = Server.MapPath(GalleryXmlDirectory + GalleryXmlFilename)

        GalleryXml.Load(GalleryXmlPath)

        Dim Gallery As XmlNode = GalleryXml.DocumentElement
        Dim GalleryXPath As String = ""
        Dim SenderControl As TextBox

        SenderControl = CType(Master.FindControl("MasterMainContent").FindControl(sender.ControlToValidate), TextBox)

        If Not SenderControl Is Nothing Then
            GalleryXPath = "/Gallery/Category[@Name='" & SenderControl.Text & "']"
        End If

        Dim GalleryNode As XmlNode = Gallery.SelectSingleNode(GalleryXPath)

        If Not GalleryNode Is Nothing Then
            Args.IsValid = False
            Exit Sub
        End If

    End Sub

Open in new window

0
Comment
Question by:Beircheart
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Expert Comment

by:wdfdo1986
ID: 34933229
0
 

Accepted Solution

by:
Beircheart earned 0 total points
ID: 34947583
Hi wdfdo,

While I appreciate your reply, I must be honest that I find it very frustrating to be just handed links that a very quick Google will return... I've obviously tried that already as there is no way I'm going to put the time in to posting a fairly thorough question and then wait for a response as opposed to googling the key words of this question...

Anyway, I'd come across those links before and neither of them were any good to me. I think the reason they were not helpful is because I'm trying to Escape the special characters of an XML attribute. Going by a few different forums I've read, I believe (But am open to correction) that special characters are not allowed in an attribute. Therefore, I've decided to use an <asp:RegularExpressionValidator> to disallow any special characters. This is a perfectly good solution for my needs. Here it is in case anyone can use it:

<asp:RegularExpressionValidator ID="CategoryTitleTxtRegExValidator" ControlToValidate="CategoryTitleTxt"
                ValidationGroup="AddCategoryGroup" ForeColor="Red" ValidationExpression="^[0-9a-zA-Z ]+$"
                ErrorMessage="Alpha-Numeric Value Required" Display="Dynamic" runat="server" />

WAIT!! HERE'S ANOTHER POSSIBLE SOLUTION:

(That's for anyone who had given up on an actual solution as opposed to a workaround)

I also found a command that will escape special character automatically:

Try using:

System.Security.SecurityElement.Escape(CategoryDropDown.SelectedValue)

If CategoryDropDown.SelectedValue equals "Cats&"

It should return "Cats&amp;"

All the best
Ben
0
 

Author Closing Comment

by:Beircheart
ID: 34986596
Explained in my previous post
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASP.NET Calendar Control 5 54
CURL sending XML without spaces PHP 5 74
SQL Server XML Select sub tables 4 66
Javascript function 3 21
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Many times as a report developer I've been asked to display normalized data such as three rows with values Jack, Joe, and Bob as a single comma-separated string such as 'Jack, Joe, Bob', and vice versa.  Here's how to do it. 

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question