« Stored Procedures
fgetcsv »

ASP.NET Regular Expression Validator Control

ASP.NET Regular Expression Validator Control

Regular expressions are a good way to validate text fields such as names, addresses, phone numbers, and other user information. You can use them to constrain input, apply formatting rules, and check lengths. To validate input captured with server controls, you can use the RegularExpressionValidator control. To validate other forms of input, such as query strings, cookies, and HTML control input, you can use the System.Text.RegularExpressions.Regex class.

Using Regular Expression Validator Control 

If you capture input by using server controls, you can use the RegularExpressionValidator control to validate that input. You can use regular expressions to restrict the range of valid characters, to strip unwanted characters, and to perform length and format checks. You can constrain the input format by defining patterns that the input must match.

To validate a servers control’s input by using a RegularExpressionValidator control

  1. Add a RegularExpressionValidator control to your page.
  2. Set the ControlToValidate property to indicate which control to validate.
  3. Set the ValidationExpression property to an appropriate regular expression.
  4. Set the ErrorMessage property to define the message to display if the validation fails.

The following example shows a RegularExpressionValidator control used to validate a name field.

<%@ language="C#" %>
<form id="form1" runat="server">
<asp:TextBox ID="txtUserName" runat="server"/>
<asp:Button ID="btnSubmit" runat="server" Text="Submit" />
<asp:RegularExpressionValidator ID="RegExpUserName" runat="server"
ErrorMessage="This expression does not validate."
ControlToValidate="txtUserName"
ValidationExpression="^[a-zA-Z'.s]{1,40}$" />
</form>

The regular expression used in the preceding code example constrains an input name field to alphabetic characters (lowercase and uppercase), space characters, the single quotation mark (or apostrophe) for names such as O’Dell, and the period or dot character. In addition, the field length is constrained to 40 characters.

Using ^ and $

Enclosing the expression in the caret (^) and dollar sign ($)markers ensures that the expression consists of the desired content and nothing else. A ^ matches the position at the beginning of the input string and a $ matches the position at the end of the input string. If you omit these markers, an attacker could affix malicious input to the beginning or end of valid content and bypass your filter.

This entry was posted on Wednesday, December 27th, 2006 at 9:35 am and is filed under dot net c# development. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.

All material @ copyrighted by chrisranjana.com. If you want to link to this article you are welcome to do so. Unauthorized publication is strictly prohibited. This developer tutorial website contains articles by Php programmers , Software developers, Mysql programmers and asp c# programmers. This website also contains ajax tutorials and advanced mysql sql stored procedures and functions tutorials and sample codes.