current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 1 down vote favorite

I'm new to using c# in asp.net

I was just wondering what the best methods of validation are for when it comes to checking a textbox that has to be number's (and 1 decimal point) only, I've read about ajax but I understand that this only works if the client supports it, so I'm now looking into new methods.

Also do these validation methods have the ability to prevent a event such as a button press from triggering and causing the web application to break?

share|improve this question
3  
Always validate data at client side as well as server side (in code behind). –  Habib May 17 '13 at 12:15
1  
@Freelancer This is because to give 2 level of security. Client validation is prone to get hacked, server validation saves you to open your database to hackers –  Nipun Ambastha May 17 '13 at 12:17
1  
@Freelancer The client side validation is only for the ease of the user, refreshless validation. However, this is not at all secure. Validation should always take place both at the client and server. –  Steve May 17 '13 at 12:18
1  
@Freelancer Everything going at server level puts some overhead however this is recommended if you are having confidential data. But playing with confidential data is more important and this overhead can be ignored. It will be a nightmare if your database is exposed to hackers :( –  Nipun Ambastha May 17 '13 at 12:22
2  
@NipunAmbastha ohh, thanx , from 2mmorow, 2 level validation. Thanx a lot. –  Freelancer May 17 '13 at 12:24

1 Answer 1

up vote 4 down vote accepted

Always validate data at client side as well as server side (in code behind). For example you can use the asp.net provided validation control which will provide you with Client side validation, In server side validation (in C#) you can implement your own logic for data validation. For example in your case you can use double.TryParse to see if the string entered in the TextBox is a valid double number.

The reason to have Both types of validation is:

  • Client may have disabled javascript on the browser.
  • Client's browser doesn't support Javascript (see this question)
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.