473,402 Members | 2,055 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > validation

Join Bytes to post your question to a community of 473,402 software developers and data experts.

Validation

Hi,

How can I securely validate the Id's I receive with QueryString ?

This is what I do now:

if ( Request.QueryString["ID"].ToString() != string.Empty ) {
m_TaskID = int.Parse(Request.QueryString["ID"].ToString() );
mystuff();
}

With this I only validate that I'm receiving something, but hao can I
check the value received is int ?

TIA
Nov 19 '05 #1
2 3567
The parse will fail if it isn't an int, so you could wrap it in a try catch
block to determine if it is an int.

string id = Request.QueryString["ID"];

if ( id != null && id.Length != 0 )
{
try
{
int m_TaskID = Int32.Parse( id );
mystuff(); //this will only execute when the parse happens
correctly.
}
catch( FormatException )
{
//it is not an int
}
}

Commentary:
Request.Querystring[] might return null, so you can not safely call
..ToString() on it. Also, it returns a string already, so there is no need
to call .ToString() on it.

Also I never check a string to String.Empty. It is much faster to check the
property .Length to 0.

Now in version 2.0, there will be a method call .TryParse() that will return
true or false for you and save you the exception trap, but that isn't slated
this summer 05

HTH,

bill

"Franck Diastein" <fd*******@euskaltel.net> wrote in message
news:OW**************@TK2MSFTNGP15.phx.gbl...
Hi,

How can I securely validate the Id's I receive with QueryString ?

This is what I do now:

if ( Request.QueryString["ID"].ToString() != string.Empty ) {
m_TaskID = int.Parse(Request.QueryString["ID"].ToString() );
mystuff();
}

With this I only validate that I'm receiving something, but hao can I
check the value received is int ?

TIA

Nov 19 '05 #2
Yes - A bit awkward to use try/catch for regular logic flow but thats the way
its got to be done in .net 1.x

2.0 has int32.TryParse which will retrun a bool if it is a int

"William F. Robertson, Jr." wrote:
The parse will fail if it isn't an int, so you could wrap it in a try catch
block to determine if it is an int.

string id = Request.QueryString["ID"];

if ( id != null && id.Length != 0 )
{
try
{
int m_TaskID = Int32.Parse( id );
mystuff(); //this will only execute when the parse happens
correctly.
}
catch( FormatException )
{
//it is not an int
}
}

Commentary:
Request.Querystring[] might return null, so you can not safely call
..ToString() on it. Also, it returns a string already, so there is no need
to call .ToString() on it.

Also I never check a string to String.Empty. It is much faster to check the
property .Length to 0.

Now in version 2.0, there will be a method call .TryParse() that will return
true or false for you and save you the exception trap, but that isn't slated
this summer 05

HTH,

bill

"Franck Diastein" <fd*******@euskaltel.net> wrote in message
news:OW**************@TK2MSFTNGP15.phx.gbl...
Hi,

How can I securely validate the Id's I receive with QueryString ?

This is what I do now:

if ( Request.QueryString["ID"].ToString() != string.Empty ) {
m_TaskID = int.Parse(Request.QueryString["ID"].ToString() );
mystuff();
}

With this I only validate that I'm receiving something, but hao can I
check the value received is int ?

TIA


Nov 19 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

21
Automated Form Validation?
by: Stefan Richter | last post by:
Hi, after coding for days on stupid form validations - Like: strings (min / max length), numbers(min / max value), money(min / max value), postcodes(min / max value), telefon numbers, email...
PHP
2
post-schema/application validation
by: wumingshi | last post by:
Hi, When validating an XML instance, sometimes the schema is not enough to expression the validation rules. Additional validation rules may be expressed in an application-specific way. For...
.NET Framework
4
button attributes disable validation
by: Tim Meagher | last post by:
I am trying to use both validation controls and to add submit button attributes, but when I add the button attributes, the javascript fpr the validation controls is no longer created for the page. ...
.NET Framework
14
ASP.NET Web Forms Validation Controls are Server-Side or Client-Side Validation?
by: Matt | last post by:
I want to know if ASP.NET Web Forms Validation Controls are Server-Side or Client-Side form validation? Since I think each validator control can select either 1) JavaScript based error dialog or 2)...
ASP.NET
6
validation controls
by: Stephen | last post by:
Hi, the validation controls dont work on Netscape or Mozilla and only on Internet Explorer why? How do i correct this problem? Thanks
ASP.NET
7
Required Validation Error in IE.
by: Ryan Ternier | last post by:
We're running a site that has required field validation on the login page. It works fine on our development / test machines. However, when I upload this site to our live server i get this error. ...
ASP.NET
5
Datagrid add/insert row validation issue
by: Chris | last post by:
Based upon some prevoius postings on what to do for adding a 'add' row to a datagrid I utilize the footer to create the 'add' row. The only issue is that I have it sharing the 'UpDate_Command' and...
ASP.NET
4
Update button in datagrid causing validation elsewhere on page
by: David Colliver | last post by:
Hi all, I am having a slight problem that hopefully, someone can help me fix. I have a form on a page. Many items on the form have validation controls attached. Also on this form are...
ASP.NET
2
Shouldn't server validation always occur when CausesValidation is true??
by: dustbort | last post by:
I recently had a problem where my required field validator stopped working. But, the page still posted back and tried to insert a record into the database without performing server-side validation....
ASP.NET
6
validation doesn't fire
by: Jon Paal | last post by:
validation doesn't fire what's missing ????? /////// ---- code -----/////////////////////////// Sub btnSubmit_Click(sender As Object, e As System.Web.UI.ImageClickEventArgs) 'Handles...
ASP.NET
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!