Solved

ASP.Net Application - Handling XML Special Characters

Posted on 2011-02-19
3
1,152 Views
Last Modified: 2012-08-13
Hi,

I have an Asp.Net application that allows the user to insert in to an XML document. Before the insertion is made, I must first ensure that the 'primary key' is unique. To do this, I have a asp:CustomValidator that calls a function called ValidateUniqueCategory. (See attached code)

In this code, I get the value of the relevant textbox (sender.ControlToValidate).

This works well if there are no special characters present, however if the user enters special charaters (', ", <, >, &) in to SenderControl.Text it fails. How can I handle this?

Possibilities:

Using a CDATA section? Please explain if this will work

Declaring GalleryXPath as something other than String? There are many other types that sound useful but I haven't been able to get them to work. Types such as: XmlText, XmlCDataSection etc.

Thank you in advance
Ben
Protected Sub ValidateUniqueCategory(ByVal sender As Object, ByVal Args As ServerValidateEventArgs)

Dim GalleryXml As New XmlDocument()
Dim GalleryXmlDirectory As String = "/Flash/Gallery/"
Dim GalleryXmlFilename As String = "Gallery.xml"
Dim GalleryXmlPath As String = Server.MapPath(GalleryXmlDirectory + GalleryXmlFilename)

        GalleryXml.Load(GalleryXmlPath)

        Dim Gallery As XmlNode = GalleryXml.DocumentElement
        Dim GalleryXPath As String = ""
        Dim SenderControl As TextBox

        SenderControl = CType(Master.FindControl("MasterMainContent").FindControl(sender.ControlToValidate), TextBox)

        If Not SenderControl Is Nothing Then
            GalleryXPath = "/Gallery/Category[@Name='" & SenderControl.Text & "']"
        End If

        Dim GalleryNode As XmlNode = Gallery.SelectSingleNode(GalleryXPath)

        If Not GalleryNode Is Nothing Then
            Args.IsValid = False
            Exit Sub
        End If

    End Sub

Open in new window

0
Comment
Question by:Beircheart
  • 2
3 Comments
 
LVL 7

Expert Comment

by:wdfdo1986
ID: 34933229
0
 

Accepted Solution

by:
Beircheart earned 0 total points
ID: 34947583
Hi wdfdo,

While I appreciate your reply, I must be honest that I find it very frustrating to be just handed links that a very quick Google will return... I've obviously tried that already as there is no way I'm going to put the time in to posting a fairly thorough question and then wait for a response as opposed to googling the key words of this question...

Anyway, I'd come across those links before and neither of them were any good to me. I think the reason they were not helpful is because I'm trying to Escape the special characters of an XML attribute. Going by a few different forums I've read, I believe (But am open to correction) that special characters are not allowed in an attribute. Therefore, I've decided to use an <asp:RegularExpressionValidator> to disallow any special characters. This is a perfectly good solution for my needs. Here it is in case anyone can use it:

<asp:RegularExpressionValidator ID="CategoryTitleTxtRegExValidator" ControlToValidate="CategoryTitleTxt"
                ValidationGroup="AddCategoryGroup" ForeColor="Red" ValidationExpression="^[0-9a-zA-Z ]+$"
                ErrorMessage="Alpha-Numeric Value Required" Display="Dynamic" runat="server" />

WAIT!! HERE'S ANOTHER POSSIBLE SOLUTION:

(That's for anyone who had given up on an actual solution as opposed to a workaround)

I also found a command that will escape special character automatically:

Try using:

System.Security.SecurityElement.Escape(CategoryDropDown.SelectedValue)

If CategoryDropDown.SelectedValue equals "Cats&"

It should return "Cats&amp;"

All the best
Ben
0
 

Author Closing Comment

by:Beircheart
ID: 34986596
Explained in my previous post
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Syntax Error 2 46
MS Access MSXML2 DomDocument.Load and XMLHTTP.Send Not Sending utf-8 Char Format Correctly 3 42
Run time Error 4 34
SQL Exceptions 3 39
Today is the age of broadband.  More and more people are going this route determined to experience the web and it’s multitude of services as quickly and painlessly as possible. Coupled with the move to broadband, people are experiencing the web via …
The Client Need Led Us to RSS I recently had an investment company ask me how they might notify their constituents about their newsworthy publications.  Probably you would think "Facebook" or "Twitter" but this is an interesting client.  Their cons…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now