Re: date validation

Discussion in 'ASP .Net' started by Andrew Morton, Jul 3, 2008.

  1. Mark Rae [MVP] wrote:
    > There is, generally speaking, no need to use server-side validation
    > for data entry as this can be just as easily accomplished client-side
    > - the obvious exception to this is when data needs to be validated
    > against server-side resources e.g. a database etc...


    Surely you should mention the caveat about protecting against malicious
    users who might bypass the client-side validation for the purposes of SQL
    injection, XSS, or just plain invalid data?

    Andrew
     
    Andrew Morton, Jul 3, 2008
    #1
    1. Advertising

  2. Mark Rae [MVP] wrote:
    > As for invalid dates specifically, they can be avoided completely by
    > using a calendar control, the premise being that if users can't
    > actually type a date into a field they can't type an invalid date
    > into a field...


    I was writing about malicious users in particular, who will have
    tools/browser add-ons to alter the data en route from the browser to the
    server or enter data directly into hidden fields - or does ASP.NET validate
    the raw data in some way?

    Andrew
     
    Andrew Morton, Jul 3, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Matt
    Replies:
    1
    Views:
    610
    Matthew Speed
    Nov 8, 2003
  2. Peter Grison

    Date, date date date....

    Peter Grison, May 28, 2004, in forum: Java
    Replies:
    10
    Views:
    3,285
    Michael Borgwardt
    May 30, 2004
  3. Matt
    Replies:
    2
    Views:
    521
    Pete Becker
    Nov 8, 2003
  4. Matt
    Replies:
    3
    Views:
    726
    Richard Heathfield
    Nov 8, 2003
  5. Matt
    Replies:
    11
    Views:
    408
    Aaron Bertrand [MVP]
    Nov 8, 2003
Loading...

Share This Page