0

I have this static method here:

public static string ParseStringForSpecialChars(string stringToParse)
{
    const string regexItem = "[^a-zA-Z0-9 ]";

    string stringToReturn = Regex.Replace(stringToParse, regexItem, @"\$%&'");

    return stringToReturn;
}

This method works fine as it stops many strings from being harmful to my application. I suppose there's a better way to do things, but that's not the point of my post.

Right now what I want is to get all values from any textboxes in a javascript that would call this method and then send the data to the controller.

Say that I have this view:

@using MyApp.Utilities
@model List<MyApp.Models.CustomerObj>

@{
    ViewBag.Title = "Customer Index";
}

<h2>Customer Index</h2>

<p>
    @Html.ActionLink("Create New", "Create")
    @using (Html.BeginForm())
    {
        <p>
            Name: @Html.TextBox("customerName") <br/>
            Address: @Html.TextBox("customerAddress") City: @Html.TextBox("customerCity") <br/>
             <br />
            Postal Code: @Html.TextBox("customerPC")<br/>
            Phone Number: @Html.TextBox("customerPhone") Fax Number: @Html.TextBox("customerFax")<br />
            Mail: @Html.TextBox("customerEmail")  <br/>
            <input type="submit" value="Filter" style="float:right">
        </p>
    }
</p>

How could I proceed to do what I want to do? Can anyone offers me suggestion how to proceed? I would like a flexible workaround since the view you have right now will change and I would need this method to be appliable everywhere.

Thank you.

Improve this question
5
  • 2
    Either you do a client-side validation that is equivalent to your static method (a js regex), or have that method as a custom validator and apply it as data annotations for your string properties. Commented May 2, 2013 at 14:54
  • So if I understand well, I could use Data Annotations to avoid people typing special characters, for example? Commented May 2, 2013 at 14:56
  • Because another way that I add was to parse each values when I got them in the controller before using them, but I found out that this could become cumbersome because I would need to do it everywhere, and so I though that there might be a better way to do it, hence the question Commented May 2, 2013 at 14:57
  • The more I read your second proposal, the more I'm interested and I'd like to know how to do that. Commented May 2, 2013 at 15:00
  • I had a second look at your sanitation code, I feel that it can be done via regex. Take a look at @scott-pascoe's answer it might do it, "it might" as I'm no regex expert. Have a look at this it does not show regex validation but shows how you do validation through data annotations. You do a custom validator if your logic is complex enough that it can't be done with existing validation attributes. Commented May 3, 2013 at 0:54

1 Answer 1

Reset to default
1

Have you considered adding a Data Annotation to your model like this:

[RegularExpression(@"^\$?\d+(\.(\d{2}))?$")]

This was captured from: http://www.asp.net/mvc/tutorials/older-versions/models-%28data%29/validation-with-the-data-annotation-validators-cs

Of course, the downside to this is that you would have to add it to all properties in your model that you want it to apply to. You might be able to use remote validation and fire it off via javascript. Otherwise, you will be stuck with doing it on the client side. (But that's not that difficult to do anyway.)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.