Hi all, Im trying to store text in a textbox to a sql database which I can do fine until I try to use <br /> to give me a line break when it is read back and displayed on another page. My problem is I get the usual 'A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$GridView1$ctl02$TextBox1="...' error.
In more detail, I have a gridview that is edit enabled so I can edit what is already stored in my db and click Update which will update my db data. But as I said above if I try to put HTML into my textbox I get an error.
I have a gridview with this code:
Code:
<asp:GridView ID="GridView1" runat="server" AllowPaging="True"
AllowSorting="True" AutoGenerateColumns="False" DataKeyNames="propertyRef"
DataSourceID="SqlDataSource1">
...
<EditItemTemplate>
<asp:TextBox ID="TextBox1" runat="server" Text='<%# Bind("fullDescription") %>'></asp:TextBox>
</EditItemTemplate>
...
</asp:GridView>
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
...
UpdateCommand="UPDATE [propertysForRentTable] SET [fullDescription] = @fullDescription">
...
<UpdateParameters>
<asp:Parameter Name="fullDescription" Type="String" />
</UpdateParameters>
</asp:SqlDataSource>
and code behind of:
Code:
protected void GridView1_RowUpdating(Object sender, GridViewUpdateEventArgs e)
{
TextBox tbox = GridView1.Rows[e.RowIndex].FindControl("TextBox1") as TextBox;
if (tbox != null)
{
// Console.WriteLine("found it");
e.NewValues["fullDescription"] = System.Web.HttpUtility.HtmlEncode(tbox.Text);
}
}
but i cant seem to add html code to my textbox text and update it in my sql database.
I should add I've tried the 'ValidateRequest=false' and that makes no difference.
Any ideas why not, cheers
Trevor
(SqlServer Express 2010, .Net 4)