469,646 Members | 1,111 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,646 developers. It's quick & easy.

I need validation to fail on an apostrophe entered into a textbox for my regularexpression validator

<asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need

"Chris's mail"

to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.

Can you help?

Many thanks,
Chris

Nov 5 '07 #1
5 4970
Hello ha**********@gmail.com,
<asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need

"Chris's mail"

to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.

Can you help?
The expression must capture what it should be, not what it shouldn't be.
In your case that's quite easy:

^[a-zA-Z0-9 ]+$

any alphanumeric character or space. You can add other allowed characters
in there if needed.

I do wonder why you want to exclude these characters. If it is to prevent
SQL injection or cross site scripting, then adding a regex validator to your
textboxes isn't the best idea to employ.

--
Jesse Houwing
jesse.houwing at sogeti.nl
Nov 5 '07 #2
On 5 Nov, 13:44, Jesse Houwing <jesse.houw...@newsgroup.nospamwrote:
Hello hamsterch...@gmail.com,
<asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need
"Chris's mail"
to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.
Can you help?

The expression must capture what it should be, not what it shouldn't be.
In your case that's quite easy:

^[a-zA-Z0-9 ]+$

any alphanumeric character or space. You can add other allowed characters
in there if needed.

I do wonder why you want to exclude these characters. If it is to prevent
SQL injection or cross site scripting, then adding a regex validator to your
textboxes isn't the best idea to employ.

--
Jesse Houwing
jesse.houwing at sogeti.nl
that is exactly what im trying to do - avoid sql injections - waht
woudl you reccomend fine sir?

BTW thanks for helping

Nov 5 '07 #3
On 5 Nov, 14:46, "hamsterch...@gmail.com" <hamsterch...@gmail.com>
wrote:
On 5 Nov, 13:44, Jesse Houwing <jesse.houw...@newsgroup.nospamwrote:
Hello hamsterch...@gmail.com,
<asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need
"Chris's mail"
to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.
Can you help?
The expression must capture what it should be, not what it shouldn't be.
In your case that's quite easy:
^[a-zA-Z0-9 ]+$
any alphanumeric character or space. You can add other allowed characters
in there if needed.
I do wonder why you want to exclude these characters. If it is to prevent
SQL injection or cross site scripting, then adding a regex validator to your
textboxes isn't the best idea to employ.
--
Jesse Houwing
jesse.houwing at sogeti.nl

that is exactly what im trying to do - avoid sql injections - waht
woudl you reccomend fine sir?

BTW thanks for helping
Excuse my terrible touch typing spelling

Nov 5 '07 #4
Hello ha**********@gmail.com,
On 5 Nov, 14:46, "hamsterch...@gmail.com" <hamsterch...@gmail.com>
wrote:
>On 5 Nov, 13:44, Jesse Houwing <jesse.houw...@newsgroup.nospam>
wrote:
>>Hello hamsterch...@gmail.com,

<asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need
"Chris's mail"

to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.

Can you help?

The expression must capture what it should be, not what it shouldn't
be. In your case that's quite easy:

^[a-zA-Z0-9 ]+$

any alphanumeric character or space. You can add other allowed
characters in there if needed.

I do wonder why you want to exclude these characters. If it is to
prevent SQL injection or cross site scripting, then adding a regex
validator to your textboxes isn't the best idea to employ.

--
Jesse Houwing
jesse.houwing at sogeti.nl
that is exactly what im trying to do - avoid sql injections - waht
woudl you reccomend fine sir?

BTW thanks for helping
Excuse my terrible touch typing spelling

My spelling isn't what it used to be either at times, so you're forgiven :).

The best way to avoid SQL Injection is to use parameterized queries or stored
procedures. That way the SQL engine itself handles the parameters and SQL
injection is near impossible. It also makes your life a lot easier on the
UI side, as there's no need to think up 300 validator messages that make
sense for each text control you need to validate.

so instead of using

string sql = "select * from users where username = '" + usernameVariable
+ "'";
SqlCommand cmd = connection.CreateCommane(sql);
use

string sql = "select * from users where username = @username";
SqlCommand cmd = connection.CreateCommane(sql);
cmd.AddparameterAndValue("@username", usernameVariable);

--
Jesse Houwing
jesse.houwing at sogeti.nl
Nov 5 '07 #5
On 5 Nov, 16:56, Jesse Houwing <jesse.houw...@newsgroup.nospamwrote:
Hello hamsterch...@gmail.com,
On 5 Nov, 14:46, "hamsterch...@gmail.com" <hamsterch...@gmail.com>
wrote:
On 5 Nov, 13:44, Jesse Houwing <jesse.houw...@newsgroup.nospam>
wrote:
>Hello hamsterch...@gmail.com,
>><asp:RegularExpressionValidator id="valRegEx" runat="server"
ControlToValidate="textbox1"
ValidationExpression=" "
ErrorMessage="* Please only enter alphanumeric values and make sure
you are not entering in any apostrophes."
display="dynamic">*
I need
"Chris's mail"
>>to fail the above validation - which I believe means I need the
regular expression to return a no match on the above line.
>>Can you help?
>The expression must capture what it should be, not what it shouldn't
be. In your case that's quite easy:
>^[a-zA-Z0-9 ]+$
>any alphanumeric character or space. You can add other allowed
characters in there if needed.
>I do wonder why you want to exclude these characters. If it is to
prevent SQL injection or cross site scripting, then adding a regex
validator to your textboxes isn't the best idea to employ.
>--
Jesse Houwing
jesse.houwing at sogeti.nl
that is exactly what im trying to do - avoid sql injections - waht
woudl you reccomend fine sir?
BTW thanks for helping
Excuse my terrible touch typing spelling

My spelling isn't what it used to be either at times, so you're forgiven :).

The best way to avoid SQL Injection is to use parameterized queries or stored
procedures. That way the SQL engine itself handles the parameters and SQL
injection is near impossible. It also makes your life a lot easier on the
UI side, as there's no need to think up 300 validator messages that make
sense for each text control you need to validate.

so instead of using

string sql = "select * from users where username = '" + usernameVariable
+ "'";
SqlCommand cmd = connection.CreateCommane(sql);

use

string sql = "select * from users where username = @username";
SqlCommand cmd = connection.CreateCommane(sql);
cmd.AddparameterAndValue("@username", usernameVariable);

--
Jesse Houwing
jesse.houwing at sogeti.nl
thanks = )

Nov 5 '07 #6

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by A.M | last post: by
2 posts views Thread by Murphy | last post: by
3 posts views Thread by VB Programmer | last post: by
4 posts views Thread by Terry Olsen | last post: by
1 post views Thread by Microsoft News Group | last post: by
2 posts views Thread by DaveyP | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.