ASP.NET Validation Server Controls

Understanding Validation:

Validation is a set of rules that you apply to the data you collect. These rules can be many or few and enforced either strictly or in a lax manner: It really depends on you. No perfect validation process exists because some users may find a way cheat to some degree, no matter what rules you establish. The trick is to find the right balance of the fewest rules and the proper strictness, without compromising the usability of the application.

The data you collect for validation comes from the Web forms you provide in your applications. Web forms are made up of different types of HTML elements that are constructed using raw HTML form elements, ASP.NET HTML server controls, or ASP.NET Web Form server controls.

Remember that you have no way to validate the truthfulness of the information you collect; instead, you apply rules that respond to such questions as

  • Is something entered in the text box?
  • Is the data entered in the text box in the form of an e-mail address?

Notice from these questions that you can apply more than a single validation rule to an HTML form element.  In fact, you can apply as many rules to a single element as you want. Applying more rules to elements increases the strictness of the validation applied to the data.

If you are new to Web application development, you might not be aware of the difference between client-side and server-side validation. Suppose that the end user clicks the Submit button on a form after filling out some information. What happens in ASP.NET is that this form is packaged in a request and sent to the server where the application resides. At this point in the request/response cycle, you can run validation checks on the information submitted. If you do this, it is called server-side validation because it occurs on the server.

On the other hand, it is also possible to supply a script (usually in the form of JavaScript) in the page that is posted to the end user’s browser to perform validations on the data entered in the form before the form is posted back to the originating server. If this is the case, client-side validation has occurred.  Client-side validation is quick and responsive for the end user. It is something end users expect of the forms that they work with. If something is wrong with the form, using client-side validation ensures that the end user knows this as soon as possible.

The more secure form of validation is server-side validation. Server-side validation means that the validation checks are performed on the server instead of on the client. It is more secure because these checks cannot be easily bypassed. Instead, the form data values are checked using server code (C# or VB) on the server. If the form isn’t valid, the page is posted back to the client as invalid. Although it is more secure, server-side validation can be slow. It is sluggish simply because the page has to be posted to a remote location and checked. Your end user might not be the happiest surfer in the world if, after waiting 20 seconds for a form to post, he is told his e-mail address isn’t in the correct format.

The best approach is always to perform client-side validation first and then, after the form passes and is posted to the server, to perform the validation checks again using server-side validation This approach provides the best of both worlds. It is secure because hackers can’t simply bypass the validation. They may bypass the client-side validation, but they quickly find that their form data is checked once again on the server after it is posted. This validation technique is also highly effective — giving you both the quickness and snappiness of client-side validation.

ASP.NET Validation Server Controls:

ASP.NET not only introduces form validations as server controls, but it also makes these controls rather smart. As stated earlier, one of the tasks of classic ASP developers was to determine where to perform form validation — either on the client or on the server. The ASP.NET validation server controls eliminate this dilemma because ASP.NET performs browser detection when generating the ASP.NET page and makes decisions based on the information it gleans.

This means that if the browser can support the JavaScript that ASP.NET can send its way, the validation occurs on the client-side. If the client cannot support the JavaScript meant for client-side validation, this JavaScript is omitted and the validation occurs on the server.

Presently, six validation controls are available to you in ASP.NET 2.0. No new validation server controls have been added to ASP.NET since the initial release of the technology, but the ASP.NET 2.0 validation server controls do have some new features, such as validation groups and new JavaScript capabilities. The available validation server controls include:

  • RequiredFieldValidator
  • CompareValidator
  • RangeValidator
  • RegularExpressionValidator
  • CustomValidator
  • ValidationSummary

Working with ASP.NET validation server controls is no different from working with any other ASP.NET server controls. Each of these controls allows you to drag and drop it onto a design surface or to work with it directly from the code of your ASP.NET page. These controls can also be modified so that they appear exactly as you wish.

The following table describes the functionality of each of the available validation server controls.

Validation Server Control Description
RequiredFieldValidator Ensures that the user does not skip a form entry field
CompareValidator Allows for comparisons between the user’s input and another item using a comparison operator (equals, greater than, less than, and so on)
RangeValidator Checks the user’s input based upon a lower- and upper- level range of numbers or characters
RegularExpressionValidator Checks that the user’s entry matches a pattern defined by a regular expression. This is a good control to use to check e-mail addresses and phone numbers.
CustomValidator Checks the user’s entry using custom-coded validation logic
ValidationSummary Displays all the error messages from the validators in one specific spot on the page

Validation Causes

Validation doesn’t just happen; it occurs in response to an event. In most cases, it is a button click event. The Button, LinkButton, and ImageButton server controls all have the capability to cause a page’s form validation to initiate.

If you have multiple buttons on an ASP.NET page, and you don’t want each and every button to initiate the form validation, you can set the CausesValidation property to False for all the buttons you want to ignore the validation process:

<asp:Button ID="Button1" Runat="server" Text="Cancel" CausesValidation="False" />

Other Related Posts:


ASP.NET Validation Server Controls

The RequiredFieldValidator Server Control in

Validating Drop-Down Lists with the RequiredFieldValidator Control

The CompareValidator Server Control in

The RangeValidator Server Control in

The RegularExpressionValidator Server Control in

The CustomValidator Server Control in

The ValidationSummary Server Control in


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s