Search Results

Search found 54096 results on 2164 pages for 'asp net webforms'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 127/2164 | < Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >

  • A potentially dangerous Request.Form value was detected: Dealing with these errors proactively, or a

    - by Albert
    I'm noticing this error more and more in my error logs. I've read through the questions here talking about this error, but they don't address what I would like to do (see below). I'm considering three options, in the order of preference: 1) When submitting a form (I use formviews almost exclusively, if that helps), if potentially dangerous characters are detected, automatically strip them out and submit. 2) When submitting a form, if potentially dangerous characters are detected, alert the user and let them fix it before trying again. 3) After the exception is generated, deal with it and alert the user. I'm hoping one of the first two options might be able to do somewhat globally...I know for the 3rd I'd have to alter a TON of Try-Catch blocks I already have in place. Doable, but labor intensive. I'd rather be proactive about it if at all possible and avoid the exception all together. Perhaps one approach to #1 would be to write a block of code that could loop through all text entry fields in a formview, during the insert/update event, and strip the characters out. I'm ok with that, but I'd rather not have to heavily alter all my Insert/Update events to accomplish this. Or maybe I just create a different class to do the text checking/deleting, and only insert 1 line of code in each Insert/Update event. If anyone can come up with some example code of any of these approaches that would be a help. Thanks for any ideas or information. I'm definitely open to other solutions too; these are only the 3 that came to mind. I can say that I don't want to turn request validation off though.

    Read the article

  • What does the MS Ajax Framework use location.hash for?

    - by DDaviesBrackett
    I've noticed that the MS ajax framework touches the action of the default form during Sys.Application.initialize, appending location.hash to it. This is interfering with other code in my app that expects different behaviour. What does the framework do with that? It refers to the values it puts on the hash as 'state', but how do I find out what it's communicating and from where?

    Read the article

  • Getting data from child controls loaded programmatically

    - by Farinha
    I've created 2 controls to manipulate a data object: 1 for viewing and another for editing. On one page I load the "view" User Control and pass data to it this way: ViewControl control = (ViewControl)LoadControl("ViewControl.ascx"); control.dataToView = dataObject; this.container.Controls.Add(control); That's all fine and inside the control I can grab that data and display it. Now I'm trying to follow a similar approach for editing. I have a different User Control for this (with some textboxes for editing) to which I pass the original data the same way I did for the view: EditControl control = (EditControl)LoadControl("EditControl.ascx"); control.dataToEdit = dataObject; this.container.Controls.Add(control); Which also works fine. The problem now is getting to this data. When the user clicks a button I need to fetch the data that was edited and do stuff with it. What's happening is that because the controls are being added programmatically, the data that the user changed doesn't seem to be accessible anywhere. Is there a solution for this? Or is this way of trying to keep things separated and possibly re-usable not possible? Thanks in advance.

    Read the article

  • Is there an easier way to do Classic ASP "relative path"?

    - by Alex.Piechowski
    Right now, I'm having trouble. First of all I have a page, let's call it "http://blah.com/login". That obviously goes strait to "index.asp" A line of Main.asp: <!--#include file="resource/menu.asp"--> Page top includes all of what I need for my menu... so: Part of resource/menu.htm: <div id="colortab" class="ddcolortabs"> <ul> <li><a href="main.asp" title="Main" rel="dropmain"><span>Main</span></a></li> ... </ul> </div> <!--Main drop down menu --> <div id="dropmain" class="dropmenudiv_a"> <a href="main/announcements.asp">Announcements</a> <a href="main/contacts.asp">Contact Information</a> <a href="main/MeetingPlans.asp">Meeting Plan</a> <a href="main/photos.asp">Photo Gallery</a> <a href="main/events.asp">Upcoming Events</a> </div> Let's say I click on the "announcements" (http://blah.com/login/main/announcements.asp) link... Now I'm at the announcements page! But wait, I include the same menu file. Guess what happens: I get sent to "http://blah.com/login/main/main/announcements.asp Which doesn't exist... My solution: Make a menu_sub.asp include for any subpages. But wait a second... this WORKS, but it gets REALLY REALLY messy... What can I do to use just one main "menu.asp" instead of "menu_sub.asp"? using "/main/announcements.asp" WON'T be an option because this is a web application that will be on different directories per server. Any ideas? PLEASE

    Read the article

  • immplementing security with session variables, how it is insecure

    - by haansi
    Hello, I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]) I do authentications. Please guide me how it is insecure ? I heard such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc. Please guide me on this thanks

    Read the article

  • ADO.NET Data Service -- non .NET consumers

    - by SwampyFox
    Has anyone come across an example of a non .Net consumer of an ADO.NET Data Service? I am on the second day of looking at what Astoria is and how it can be used. I am also trying to answer why would I use this instead of a web service? After getting my examples running, I kind get the RESTful approach to getting data out the system. And, plugging it into a .net client is incredibly easy. But, then I wondered how a non-.NET consumer would go about it. Any ideas (pointers) definitely appreciated...

    Read the article

  • very simple WebForm with masterpage

    - by Ryan
    I use method=get to send my data from one webform to the other. But I don't want to have in the URL querry things like: Search.aspx?_EVENTTARGET=&_EVENTARGUMENT=&_VIEWSTATE=%2FwEPDwUKLTYwODIwNTg5MQ9kFgJmD2QWAgIDDxYCHgZtZXRob2QFA2dldGRkGOirvzjoAxt%2BfOb915%2FpsYZXmAxLZZdpnK6UW7A9%2Fk83D&_PREVIOUSPAGE=cog5Yzt_1GerH9r2ERTIPbLWMCwMFYteZjmDYCbBO3vobCG4C_mWM7GZMNuBesyAjw77cvuNKl_aSUYzeajiW6W0CjI0tLB6ikjcM4t5Kbg1&__EVENTVALIDATION=%2FwEWAgKYsPjPDQKY24%2FQBBH4CPejKl3spy0A%2BtpMxb%2BCGVGJf73dYtmaEnIFF4IR&name=Amy&state=24&ctl00%24MainContent%24submit=Searchbut i only want the name and the state to be in the Get querry like: ?name=Amy&state=24 <configuration> <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" /> </authentication> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> </system.web> <system.webServer> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> </configuration>

    Read the article

  • How to Check .Net 2.0 assembly for Calls to .Net 3.5

    - by Paul Farry
    I've found an issue I believe where an assembly is making a call to a .Net3.5 method in a .Net2.0 only environment. (None on the .Net service packs nor .Net 3.5 is installed) I'd like to know if there are any programs that I can run like FXCop to check an assembly for adherence to only making method calls that are available in .Net 2.0 without the 3.5 extensions that were added. I've been bitten by this before and I'd like to have a way to check assemblies so that before they are released they can be checked to prevent these kinds of issues. Please don't say require .Net 3.5 because whilst I'd like to go to this, it's just not possible at this point.

    Read the article

  • IIS doesn't send two responses to the same client at the same time (only for ASP)

    - by dr. evil
    I've got 2 ASP pages. I do a request to the first page from Firefox (which takes 30 seconds to process on server-side), and during the execution of 30 seconds I do another request from Firefox to the second page (takes less than 1 second in server-side), but it does come after 31 second. Because it waits first requests to finish. When I request to the first page from Firefox and then request the second page from IE it's just instant. So basically ASP - IIS 6 somehow limiting every client to one request (long processing request) at a time. I need to get around this problem in my .NET client application. This is tested in 3 different systems. If you want to test you can try the ASP scripts at the end. This behaviour is same in a long SQL execution or just in a time consuming ASP operation. Note: It's not about HTTP Keep Alive It's not about persistent connection limit (we tried to increase this in firefox and in .NET with Net.ServicePointManager.DefaultConnectionLimit) It's not about User Agent This doesn't happen in ASP.NET so I assume it's something to the with ASP.dll I'm trying to solve this on the client not the server. I don't have direct control over the server it's a 3rd party solution. Is there any way to get around this? Sample ASP Code: First ASP: <% Set cnn = Server.CreateObject("Adodb.Connection") cnn.Open "Provider=sqloledb;Data Source=.;Initial Catalog=master;User Id=sa;Password=;" cnn.Execute("WAITFOR DELAY '0:0:30'") cnn.Close %> Second ASP: <% Response.Write "bla bla" %>

    Read the article

  • implementing security with session variables, how it is insecure

    - by haansi
    I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]). Please help me understand how this could be insecure. I've heard that such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc. Please guide me on this.

    Read the article

  • Can I automatically attach to the lifecycle of ANY server-enabled HTML tag?

    - by Deane
    If a "server-enabled" HTML tag is in a Web form, like this -- <p runat="server"/> -- is there any way for me to attach to its rendering? I assume once they have runat="server", they must have a lifecycle of some kind. I'd like to attach some code to the rendering of any HTML tag so enabled. So, whenever a template author puts runat="server" on a tag, I can catch the PreRender (or anything else) and execute some code. Possible?

    Read the article

  • Textarea (asp:Textbox TextMode="Multiline") overlapping buttons

    - by Gogster
    Hi all, I'm having this problem with form buttons overlapping an asp:Texbox with TextMode set to multi-line: Here is the code: <asp:Panel ID="pnlGiftStep" Visible="false" runat="server"> <img src="/images/shopping-cart/form-separator.png" alt="separator" /> <div class="form-title">GIFT OPTIONS</div> <div class="row"> <asp:TextBox ID="txtGiftName" Height="31" Width="323" BorderStyle="None" Font-Names="Arial" Font-Size="116.7%" runat="server"></asp:TextBox> <cc1:TextBoxWatermarkExtender ID="wmeGiftName" TargetControlID="txtGiftName" WatermarkText="Gift Name" WatermarkCssClass="watermark" runat="server"></cc1:TextBoxWatermarkExtender> </div> <br class="clear" /> <div class="row"> <asp:TextBox ID="txtGiftMessage" Rows="5" Width="323" BorderStyle="None" Font-Names="Arial" TextMode="MultiLine" Font-Size="116.7%" runat="server"></asp:TextBox> <cc1:TextBoxWatermarkExtender ID="wmeGiftMessage" TargetControlID="txtGiftMessage" WatermarkText="Gift Message" WatermarkCssClass="watermark" runat="server"></cc1:TextBoxWatermarkExtender> </div> <br class="clear" /> <div class="button-row"> <asp:ImageButton ID="imbShippingDetails" ImageUrl="/images/shopping-cart/ship-details-btn.png" OnClick="ReturnToShipping" ValidationGroup="shipping" runat="server" /> <asp:ImageButton ID="imbPayDetails" ImageUrl="/images/shopping-cart/pay-details-btn.png" ValidationGroup="pay" runat="server" /> </div> <br class="clear" /> </asp:Panel> Here is the CSS: .row { float:left; height:40px; } .button-row { float:left; width:323px; text-align:right; } Any ideas how I can stop this? Thanks.

    Read the article

  • Using Forms authentication with remote auth system?

    - by chobo
    I am working on a website that uses a remote websites database to check for authentication (they are both share some database tables, but are separate website...) Right now I check the username and password against the remote websites account / member table, if there is a match I create a session. Questions: Is this secure? On authenticated pages I just check if a session of a specific type exists.Is it possible for someone to create an empty session or something that could bypass this? Is it possible to use Forms authentication with this setup? Right now if a user is authenticated I just get an object back with the username, email and id.

    Read the article

  • How to model localized items

    - by tweir
    I'm currently designing a e-commerce solution. One of the primary requirements is for the store to support localized item details. The same store must be able to support multiple languages via the user's language selection and/or browser preference. I have two tables: Item (id, sku, price, ...) ItemDetails (item_id, language, title, ...) For each Item, there will be multiple rows corresponding to the item, where the (item_id,language) pair will be unique. I would like to model this as: class Item { public string sku; public double price; public ItemDetails Details; } Based on the user's session, I would like the items returned to have the Details object corresponds to the user's selected language (from their session). What are some approaches for representing this?

    Read the article

  • Uniquely identifying mobile devices over a network for webforms

    - by Eric
    I'm designing a system for mobile devices that can be assigned only to one job at a time. So I need to be able to know which mobile device is being used by accessing it's own unique static IP address or its device ID. I don't want to assign an ID myself for every machine that comes in which is why a static IP would work great. However, in trying to retrieve the client ip address I'm retrieving the wireless router's ip or some other ip which is not the mobile device's ip. I want to store that ip in a table and control which jobs are assigned to it. How can I accomplish this? I've tried the following but I'm getting the wireless ip: var hostEntry = Dns.GetHostEntry(Dns.GetHostName()); var ip = ( from addr in hostEntry.AddressList where addr.AddressFamily.ToString() == "InterNetwork" select addr.ToString() ).FirstOrDefault(); I'd rather not set a cookie if there exists a better alternative. TIA!

    Read the article

  • Disallow typing of few of characters e.g.'<', '>' in all input textboxes using jquery

    - by Ismail
    How do I achieve this:- When user types character like 'abcd' and then '>'(an invalid character for my application), I want to set the text back to 'abcd'. Better if we can cancel the input itself as we do in winforms application. This should happen when user is typing and not on a click of button. I want this to be applied on all text boxes in my web page. This will be easy if the solution is jQuery based. May be something which will start like this. $("input[type='text']")

    Read the article

  • I seem to have found a major flaw with MSDN Help???

    - by aperture8
    It seems MSDN Help sometimes does not tell you a memeber of a class (which can be a property or a method) is overloaded. For example DetailsViewInsertEventArgs.Values property link text. It says it's a ReadOnly property which is wrong! In fact one of the overloaded Values property is ReadOnly but another one can be used to set some values! So by reading MSDN you have no way to know you can set some values with this property! That's a shame! What's your opinion? I'm only a beginner.

    Read the article

  • Defining Views Based On Selection

    - by Wayne
    Well the title isn't very descriptive but I'm not exactly sure how to explain but here goes! I have a web application (can use either MVC or standard web forms) which a user signs in to. If the user has signed up for more than one product they will have the option to switch between them. For the sakes of this example lets say User1 signs in and has access to Product1, Product2 and Product3. Now, each product will be very different and offer different functionally. What I want is the main view to be focused around the product they have selected and not redirected to a sub domain. What I don't want to have to do is get them to go to www.mysite.com/product1 or www.mysite.com/product2 but simply www.mysite.com regardless of the product they have selected and have the site render the views etc for that product. Wow does any of that make any sense? I was thinking mabe the use of sessions or something and URL rewriting? Are there any sample apps out there that make use of the same kind of functionallity that I could take a look at? Thanks for any help I appreciate it!

    Read the article

  • CSV file download ignored in ie8/9

    - by JBB
    I have some code in a button click event which gets a csv string from a hidden input and writes it to the response as a CSV file. This work fine in Chrome, Firefox, ie7, ie9 in quirks mode. However it does not work in ie8 or ie9 default. Looking at this in fiddler the csv is being written to the response but the another get request is being made immediately after and the page reloads. No file saving dialog appears. protected void btnCsvHidden_Click(object sender, EventArgs e) { var csv = csvString.Value; var filename = "Reporting"; Response.Clear(); Response.ClearHeaders(); Response.AddHeader("Cache-Control", "no-store, no-cache"); Response.AddHeader("content-disposition", "attachment; filename=\"" + filename + ".csv\""); Response.ContentType = "text/csv"; Response.Write(csv); Response.End(); }

    Read the article

  • Exam 71-515: TS: Web Applications Development with Microsoft .NET Framework 4

    - by Ricardo Peres
    I took the 71-515 exam today. 85 questions, 240 minutes. Here are some notes: Great number of jQuery questions, mostly having to do with AJAX Lots of MVC 2 questions also A number of classic ASP.NET web forms, of which only a few were related with the new 4 features Some Entity Framework Some plain old JavaScript, like, changing an image dynamically I think I did OK. As with my previous exam, I still don't know if I passed or not, will have to wait for the end of the beta period.

    Read the article

  • IIS can't load Oracle.Web assembly (for ASP.NET membership provider)

    - by Konamiman
    I am trying to configure an IIS web site to use an Oracle database for ASP.NET membership, but I can't get it to work. IIS doesn't seem to be able to load the assembly containing the Oracle membership provider. That's what I have so far: An Oracle 10g database online and with all the tables for ASP.NET membership created. Windows 2008 R2 Standard with the web server role installed, including support for ASP.NET. Oracle 11g Release 2 ODAC 11.2.0.1.2 installed. The installed components are: Oracle data provider for .NET, Oracle providers for ASP.NET, Oracle instant client. The default web site on IIS (I am using that for testing) has the following web.config file: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.web> <membership defaultProvider="OracleMembershipProvider"> <providers> <remove name="SqlMembershipProvider" /> <add name="OracleMembershipProvider" type="Oracle.Web.Security.OracleMembershipProvider, Oracle.Web, Version=2.112.1.2, Culture=neutral, PublicKeyToken=89b483f429c47342" connectionStringName="OracleServer" /> </providers> </membership> </system.web> </configuration> (Additional attributes on the "add" element omitted for brevity. Also, the connection string is defined for the whole server.) The Oracle.Web.dll file is on the GAC. That's the relevant part of the C:\Windows\Assembly folder: The web site application pool is configured for .NET 2.0, and has 32-bit applications enabled. I have allowed untrusted providers in the IIS' administration.config file (just for the sake of testing, I'll explicitly add the assembly to the trusted providers list later). With all of this setup in place, when I click on the ".NET Users" icon on the IIS manager, I get a warning about the provider having too much privileges, and when I accept I get the following message: There was an error while performing this operation. Details: Could not load file or assembly 'Oracle.Web, Version=2.112.1.2, Culture=neutral, PublicKeyToken=89b483f429c47342' or one of its dependencies. The system cannot find the file specified. So, what am I missing? How can I get the Oracle membership provider to work? Thank you! UPDATE: It seems that the problem is not with IIS itself, but with the IIS administrator only. When using the web site configuration tool provided by Visual Studio, everything works fine.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >