What About ASP.NET AJAX?
To validate on the server, though, you need to post back the page. Refreshing real-world pages may be problematic from a user perspective due to possible flickering and latency. ASP.NET AJAX and out-of-band, lightweight postbacks may offer the best of both worldsserver-side validation and easy postbacks.
The simplest way to add AJAX capabilities to validators is wrapping the form in an UpdatePanel control. For example, the fragment of a page in Listing 1
needs only the following changes to be AJAX-ified:
The UpdatePanel control is installed as part of the ASP.NET AJAX Extensions framework. It wraps any block of traditional ASP.NET 2.0 markup and makes sure that any postbacks that originates from that markup are handled out-of-band and without fully refreshing the page. Only the wrapped markup is refreshed over the postbackeverything else in the page is left intact. From where does the postback originate?
UpdatePanel intercepts any classic postbacks that originate from any of the contained controls or from controls designated as triggers. To illustrate, consider the link button that submits the contents of the form in Listing 1
. You can choose to put it inside or outside the updatable panel. If included in the panel, each click on the button is captured and served with an AJAX-style postback. If not included, a click on the button originates a traditional postback with a full page refresh. However, you can either declaratively or programmatically choose to define the button as a trigger for the updatable panel. In this case, whenever a user clicks the button the panel is updated, even if the button is placed outside the panel:
<asp:UpdatePanel runat="server" ID="UpdatePanel1">
Wrapped up in this way, a page can perform server-side validation without fully refreshing the page, which results in a significantly better user experience. Also, in this way the observable behavior of the page is the same whether you enable client validation or not.
Input data is a serious thing for all applications and for Web applications in particular. Most of the issues are solved if you could ensure that data you receive is strongly typed and its contents verified on a character basis. On the Web, most of the input arrives as a plain string. Mapping the string to the right type and stripping off undesired characters is up to you. ASP.NET validators do help, but they provide mostly a first barrier against patently wrong data. More is needed and designed in the perspective of the application. For this reason, a validation layer that serves the business logic layer strongly typed (and clean) data is essential for any serious application.
The theme of validating input data is cross-platform and cross-version. However, the advent of ASP.NET AJAX helps in making the user interface a bit more responsive and prompt to signal any incongruous data to the end user. Aside from this, all input is evil. It's up to youthe developerto demonstrate the opposite.