9.3. Practical Tips on Validating Data
The following list provides some practical tips on validating data.
Always validate all user input. Whenever you have a public web site on the Internet, you lose the ability to control its users. To stop malicious users from entering bogus data in your system, always validate your users' input using the ASP.NET validation controls.
Always provide useful error messages in your validation controls. Either assign the error message to the ErrorMessage property and leave the Text empty, or use a ValidationSummary control to show a list of error messages.
Consider using the CssClass attribute of the validation controls to move the style definitions for the error messages to a separate CSS file. If you do use the CssClass, don't forget to clear the ForeColor property of the validator or the error message still appears in red.
Whenever you are writing code that sends an e-mail message, consider moving the body of the e-mail to a separate text file. As you saw, reading in the file only takes a single line of code, and it makes your application much easier to maintain. Instead of wading through your code to find the body text, you simply change the template in the App_Data folder and the code picks up the changes automatically.
When storing data in text or XML files, always store them in the App_Data folder that is designed specifically for this purpose. This way, all your data files are nicely packed together. More importantly, by default the web server ...
Get Beginning ASP.NET 3.5: In C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
