Solved

ASP.Net Application - Handling XML Special Characters

Posted on 2011-02-19
3
1,157 Views
Last Modified: 2012-08-13
Hi,

I have an Asp.Net application that allows the user to insert in to an XML document. Before the insertion is made, I must first ensure that the 'primary key' is unique. To do this, I have a asp:CustomValidator that calls a function called ValidateUniqueCategory. (See attached code)

In this code, I get the value of the relevant textbox (sender.ControlToValidate).

This works well if there are no special characters present, however if the user enters special charaters (', ", <, >, &) in to SenderControl.Text it fails. How can I handle this?

Possibilities:

Using a CDATA section? Please explain if this will work

Declaring GalleryXPath as something other than String? There are many other types that sound useful but I haven't been able to get them to work. Types such as: XmlText, XmlCDataSection etc.

Thank you in advance
Ben
Protected Sub ValidateUniqueCategory(ByVal sender As Object, ByVal Args As ServerValidateEventArgs)

Dim GalleryXml As New XmlDocument()
Dim GalleryXmlDirectory As String = "/Flash/Gallery/"
Dim GalleryXmlFilename As String = "Gallery.xml"
Dim GalleryXmlPath As String = Server.MapPath(GalleryXmlDirectory + GalleryXmlFilename)

        GalleryXml.Load(GalleryXmlPath)

        Dim Gallery As XmlNode = GalleryXml.DocumentElement
        Dim GalleryXPath As String = ""
        Dim SenderControl As TextBox

        SenderControl = CType(Master.FindControl("MasterMainContent").FindControl(sender.ControlToValidate), TextBox)

        If Not SenderControl Is Nothing Then
            GalleryXPath = "/Gallery/Category[@Name='" & SenderControl.Text & "']"
        End If

        Dim GalleryNode As XmlNode = Gallery.SelectSingleNode(GalleryXPath)

        If Not GalleryNode Is Nothing Then
            Args.IsValid = False
            Exit Sub
        End If

    End Sub

Open in new window

0
Comment
Question by:Beircheart
  • 2
3 Comments
 
LVL 7

Expert Comment

by:wdfdo1986
ID: 34933229
0
 

Accepted Solution

by:
Beircheart earned 0 total points
ID: 34947583
Hi wdfdo,

While I appreciate your reply, I must be honest that I find it very frustrating to be just handed links that a very quick Google will return... I've obviously tried that already as there is no way I'm going to put the time in to posting a fairly thorough question and then wait for a response as opposed to googling the key words of this question...

Anyway, I'd come across those links before and neither of them were any good to me. I think the reason they were not helpful is because I'm trying to Escape the special characters of an XML attribute. Going by a few different forums I've read, I believe (But am open to correction) that special characters are not allowed in an attribute. Therefore, I've decided to use an <asp:RegularExpressionValidator> to disallow any special characters. This is a perfectly good solution for my needs. Here it is in case anyone can use it:

<asp:RegularExpressionValidator ID="CategoryTitleTxtRegExValidator" ControlToValidate="CategoryTitleTxt"
                ValidationGroup="AddCategoryGroup" ForeColor="Red" ValidationExpression="^[0-9a-zA-Z ]+$"
                ErrorMessage="Alpha-Numeric Value Required" Display="Dynamic" runat="server" />

WAIT!! HERE'S ANOTHER POSSIBLE SOLUTION:

(That's for anyone who had given up on an actual solution as opposed to a workaround)

I also found a command that will escape special character automatically:

Try using:

System.Security.SecurityElement.Escape(CategoryDropDown.SelectedValue)

If CategoryDropDown.SelectedValue equals "Cats&"

It should return "Cats&amp;"

All the best
Ben
0
 

Author Closing Comment

by:Beircheart
ID: 34986596
Explained in my previous post
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
Browsing the questions asked to the Experts of this forum, you will be amazed to see how many times people are headaching about monster regular expressions (regex) to select that specific part of some HTML or XML file they want to extract. The examp…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question