inserting data to a sql table and getting Potentially dangerous Request error
This is a new error to me!!!
A potentially dangerous Request.Form value was detected from the client (txtbody=" <div> T...").
So I have this dll that sends email messages out and when I try to pass my string into it I get this error. It goes out as an html message and I have never seen this before due to the fact that I have never passed a string into it before. Can someone out there tell me what the bleep I am doing wrong?
public void preprecieveemailstuff() { ParkSendEmail recievestuff = new ParkSendEmail(); recievestuff.bolHTML = true; recievestuff.strSubject = txtsub.Text; recievestuff.strFromEmail = txtfromemail.Text; recievestuff.strToEmail = txtfromemail.Text + ";" + txtccemail.Text + ";" + txtbcc.Text; string tottaler = tbotheramount.Text + tbneeds.Text.ToString(); /// start the translation /// string strBaseEmail = txtbody.Text; strBaseEmail = strBaseEmail.Replace("#FirstName#", tbfname.Text); strBaseEmail =strBaseEmail.Replace("#LastName#", tblname.Text); strBaseEmail =strBaseEmail.Replace("#Address#", tbaddress.Text); strBaseEmail =strBaseEmail.Replace("#city#", tbcity.Text); strBaseEmail =strBaseEmail.Replace("#state#", tbstate.Text); strBaseEmail =strBaseEmail.Replace("#zip#", tbzip.Text); strBaseEmail =strBaseEmail.Replace("#homephone#", tbphone.Text); strBaseEmail =strBaseEmail.Replace("#email#", tbemail.Text); strBaseEmail =strBaseEmail.Replace("#yeargrad#", tbgradyear.Text); strBaseEmail =strBaseEmail.Replace("#ParkID#", tbparkid.Text); strBaseEmail =strBaseEmail.Replace("#total#", tottaler ); if (cbnotifiyparkwill.Checked == true) { strBaseEmail = strBaseEmail.Replace("#Will#", "<p>Included in the will.</p>"); } else { strBaseEmail = strBaseEmail.Replace("#Will#",""); } if (cbneeds.Checked == true) { strBaseEmail =strBaseEmail.Replace( "#NeedsGreatest#", "Where Parks needs are the greatest." ); } else { strBaseEmail =strBaseEmail.Replace("#NeedsGreatest#","" ); } if (tbneeds.Text != "") { strBaseEmail =strBaseEmail.Replace("#NeedsAmmount#", tbneeds.Text ); } else { strBaseEmail =strBaseEmail.Replace("#NeedsAmmount#", ""); } if (tbotherspecify.Text != "") { strBaseEmail =strBaseEmail.Replace("#otherspecifics#", tbotherspecify.Text); } else { strBaseEmail =strBaseEmail.Replace("#otherspecifics#", "" ); } if (tbotheramount.Text != "") { strBaseEmail =strBaseEmail.Replace("#otherammount#",tbotheramount.Text ); } else { strBaseEmail =strBaseEmail.Replace("#otherammount#", ""); } if (cbsecurites.Checked == true) { strBaseEmail =strBaseEmail.Replace("#securities#", "I would like to provide a gift of securities" ); } else { strBaseEmail =strBaseEmail.Replace("#securities#","" ); } if (cblifetimeincome.Checked == true) { strBaseEmail =strBaseEmail.Replace("#lifetimeincome#","I would like to provide a gift of a lifetime income." ); } else { strBaseEmail =strBaseEmail.Replace("#lifetimeincome#","" ); } if (cbmajorgiftopp.Checked == true) { strBaseEmail =strBaseEmail.Replace("#majorgift#", "I would like to provide a Major Gift and my area of intrest is" ); strBaseEmail =strBaseEmail.Replace("#areaofintrest#", tbintrest.Text ); } else { strBaseEmail =strBaseEmail.Replace("#majorgift#","" ); strBaseEmail =strBaseEmail.Replace("#areaofintrest#","" ); } if (cbplates.Checked == true) { strBaseEmail =strBaseEmail.Replace("#plates#", "I want a license plate form"); } else { strBaseEmail =strBaseEmail.Replace("#plates#", ""); } if (cbmatchingGifts.Checked == true) { strBaseEmail =strBaseEmail.Replace("#MGC#", "I/my spouce works for a matching gift company." ); strBaseEmail =strBaseEmail.Replace("#MGCName# ", TBMGC.Text ); } else { strBaseEmail =strBaseEmail.Replace("#MGC#","" ); strBaseEmail =strBaseEmail.Replace("#MGCName#","" ); } if (cbinmemory.Checked == true) { strBaseEmail =strBaseEmail.Replace("#inmemory#", "In gift is in memory of " ); strBaseEmail =strBaseEmail.Replace("#inmemorydetail#", tbmemorydetail.Text ); } else { strBaseEmail =strBaseEmail.Replace("#inmemory#","" ); strBaseEmail =strBaseEmail.Replace("#inmemorydetail#","" ); } if (cbhonorof.Checked == true) { strBaseEmail =strBaseEmail.Replace("#inhonor#","This gift is in honor of " ); strBaseEmail =strBaseEmail.Replace("#inhonordetails#", tbhonordetail.Text); } else { strBaseEmail =strBaseEmail.Replace("#inhonor#","" ); strBaseEmail =strBaseEmail.Replace("#inhonordetails#","" ); } if (cbpiece.Checked == true) { strBaseEmail =strBaseEmail.Replace("#PieceofPark#", "I'll be a 'Piece of Park' with a payroll deduction of $25 per month for 1 year ($300)"); strBaseEmail =strBaseEmail.Replace("#startingdatechoice#", rbldatesdeduction.SelectedValue); strBaseEmail =strBaseEmail.Replace("#startingdatedetails#", tbempdate.Text); } else { strBaseEmail =strBaseEmail.Replace("#PieceofPark#","" ); strBaseEmail =strBaseEmail.Replace("#startingdatechoice#", ""); strBaseEmail =strBaseEmail.Replace("#startingdatedetails#","" ); } if (cbfactors.Checked == true) { strBaseEmail =strBaseEmail.Replace("#explainfactors#", "I would like explain the factors behind my donation."); strBaseEmail =strBaseEmail.Replace("#explainchoice#", dltfactors.Text); strBaseEmail =strBaseEmail.Replace("#explanationdetails#", tbdonationfactors.Text); } else { strBaseEmail =strBaseEmail.Replace("#explainfactors#", ""); strBaseEmail =strBaseEmail.Replace("#explainchoice#", ""); strBaseEmail =strBaseEmail.Replace("#explanationdetails#", ""); } strBaseEmail = strBaseEmail.Replace("#Reason#", ddlreason.Text); recievestuff.strBodyEmail = strBaseEmail; recievestuff.intPriority = 35; recievestuff.strProgramSending = "WWWGiving"; recievestuff.funSendEmail();