Link to home
Create AccountLog in
Avatar of HawaiiDragon
HawaiiDragon

asked on

inserting data to a sql table and getting Potentially dangerous Request error

This is a new error to me!!!
A potentially dangerous Request.Form value was detected from the client (txtbody=" <div>              T...").
So I have this dll that sends email messages out and when I try to pass my string into it I get this error. It goes out as an html message and I have never seen this before due to the fact that I have never passed a string into it before. Can someone out there tell me what the bleep I am doing wrong?
public void preprecieveemailstuff()
        {

           

            ParkSendEmail recievestuff = new ParkSendEmail();
            recievestuff.bolHTML = true;
            recievestuff.strSubject = txtsub.Text;
            recievestuff.strFromEmail = txtfromemail.Text;
            recievestuff.strToEmail = txtfromemail.Text + ";" + txtccemail.Text + ";" + txtbcc.Text;
           
            string tottaler = tbotheramount.Text + tbneeds.Text.ToString();
           

            /// start the translation
            /// 

            string strBaseEmail = txtbody.Text;
            strBaseEmail = strBaseEmail.Replace("#FirstName#", tbfname.Text);
           strBaseEmail =strBaseEmail.Replace("#LastName#", tblname.Text);
            strBaseEmail =strBaseEmail.Replace("#Address#", tbaddress.Text);
            strBaseEmail =strBaseEmail.Replace("#city#", tbcity.Text);
            strBaseEmail =strBaseEmail.Replace("#state#", tbstate.Text);
            strBaseEmail =strBaseEmail.Replace("#zip#", tbzip.Text);
            strBaseEmail =strBaseEmail.Replace("#homephone#", tbphone.Text);
            strBaseEmail =strBaseEmail.Replace("#email#", tbemail.Text);
            strBaseEmail =strBaseEmail.Replace("#yeargrad#", tbgradyear.Text);
            strBaseEmail =strBaseEmail.Replace("#ParkID#", tbparkid.Text);
            strBaseEmail =strBaseEmail.Replace("#total#", tottaler );
           
            if (cbnotifiyparkwill.Checked == true)
            {
                strBaseEmail = strBaseEmail.Replace("#Will#", "<p>Included in the will.</p>");
            }
            else
            {
                strBaseEmail = strBaseEmail.Replace("#Will#","");
            }

            if (cbneeds.Checked == true)
            {
             strBaseEmail =strBaseEmail.Replace( "#NeedsGreatest#", "Where Parks needs are the greatest." );
            
            }

            else
            {
             strBaseEmail =strBaseEmail.Replace("#NeedsGreatest#","" );
            }
               
            if (tbneeds.Text != "")
            {
            strBaseEmail =strBaseEmail.Replace("#NeedsAmmount#", tbneeds.Text );
            }
            else
            {
             strBaseEmail =strBaseEmail.Replace("#NeedsAmmount#", "");
            }
            
            if (tbotherspecify.Text != "")
            {
             strBaseEmail =strBaseEmail.Replace("#otherspecifics#", tbotherspecify.Text);
            }
            else
            {
            strBaseEmail =strBaseEmail.Replace("#otherspecifics#", "" );
            }

           if (tbotheramount.Text != "")
           {
           strBaseEmail =strBaseEmail.Replace("#otherammount#",tbotheramount.Text );
           }
           else
           {
           strBaseEmail =strBaseEmail.Replace("#otherammount#", "");
           }
           
            if (cbsecurites.Checked == true)
            {
            strBaseEmail =strBaseEmail.Replace("#securities#", "I would like to provide a gift of securities" );
            }
            else
            {
            strBaseEmail =strBaseEmail.Replace("#securities#","" );
            }

            if (cblifetimeincome.Checked == true)
            {
            strBaseEmail =strBaseEmail.Replace("#lifetimeincome#","I would like to provide a gift of a lifetime income." );
            }
            else
            {
             strBaseEmail =strBaseEmail.Replace("#lifetimeincome#","" );
            }
            
            if (cbmajorgiftopp.Checked == true)
            {
             strBaseEmail =strBaseEmail.Replace("#majorgift#", "I would like to provide a Major Gift and my area of intrest is" );
             strBaseEmail =strBaseEmail.Replace("#areaofintrest#", tbintrest.Text );
            }
            else
            {
             strBaseEmail =strBaseEmail.Replace("#majorgift#","" ); 
                strBaseEmail =strBaseEmail.Replace("#areaofintrest#","" );
            }
            
          if (cbplates.Checked == true)
          {
          strBaseEmail =strBaseEmail.Replace("#plates#", "I want a license plate form");
          }
            else
          {
           strBaseEmail =strBaseEmail.Replace("#plates#", "");
          }
            
           
           if (cbmatchingGifts.Checked == true)
           {
            strBaseEmail =strBaseEmail.Replace("#MGC#", "I/my spouce works for a matching gift company." );
            strBaseEmail =strBaseEmail.Replace("#MGCName# ", TBMGC.Text );
           }
            else
           {
            strBaseEmail =strBaseEmail.Replace("#MGC#","" );
            strBaseEmail =strBaseEmail.Replace("#MGCName#","" );
           }
            
            if (cbinmemory.Checked == true)
            {
              strBaseEmail =strBaseEmail.Replace("#inmemory#", "In gift is in memory of " );
             strBaseEmail =strBaseEmail.Replace("#inmemorydetail#", tbmemorydetail.Text );
            }

            else
            {
              strBaseEmail =strBaseEmail.Replace("#inmemory#","" );
            strBaseEmail =strBaseEmail.Replace("#inmemorydetail#","" );  
            }

            if (cbhonorof.Checked == true)
            {
            strBaseEmail =strBaseEmail.Replace("#inhonor#","This gift is in honor of " );
            strBaseEmail =strBaseEmail.Replace("#inhonordetails#", tbhonordetail.Text);  
            }

            else

            {
             strBaseEmail =strBaseEmail.Replace("#inhonor#","" );
            strBaseEmail =strBaseEmail.Replace("#inhonordetails#","" );
            }

            if (cbpiece.Checked == true)
            {
            strBaseEmail =strBaseEmail.Replace("#PieceofPark#", "I'll be a 'Piece of Park' with a payroll deduction of $25 per month for 1 year ($300)");
            strBaseEmail =strBaseEmail.Replace("#startingdatechoice#", rbldatesdeduction.SelectedValue);
            strBaseEmail =strBaseEmail.Replace("#startingdatedetails#", tbempdate.Text);
            }
            
          else
            {
             strBaseEmail =strBaseEmail.Replace("#PieceofPark#","" );
            strBaseEmail =strBaseEmail.Replace("#startingdatechoice#", "");
            strBaseEmail =strBaseEmail.Replace("#startingdatedetails#","" );
            }
          
           if (cbfactors.Checked == true)
           {
             strBaseEmail =strBaseEmail.Replace("#explainfactors#", "I would like explain the factors behind my donation.");
            strBaseEmail =strBaseEmail.Replace("#explainchoice#", dltfactors.Text);
            strBaseEmail =strBaseEmail.Replace("#explanationdetails#", tbdonationfactors.Text);
           
           }
           
            else
           {            
             strBaseEmail =strBaseEmail.Replace("#explainfactors#", "");
            strBaseEmail =strBaseEmail.Replace("#explainchoice#", "");
            strBaseEmail =strBaseEmail.Replace("#explanationdetails#", "");
           }
           strBaseEmail = strBaseEmail.Replace("#Reason#", ddlreason.Text);
           recievestuff.strBodyEmail = strBaseEmail;
           recievestuff.intPriority = 35;
           recievestuff.strProgramSending = "WWWGiving";
           recievestuff.funSendEmail();

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Gorkem Yuksel
Gorkem Yuksel
Flag of Canada image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of HawaiiDragon
HawaiiDragon

ASKER

super fast solution!!!