(untagged)

Validate Input in ASP.NET MVC

Mishra Sourabh

0.00/5 (No votes)

2 Apr 2014

This tip explains how to submit your form with HTML content in MVC.

Introduction

When you develop an app, sometimes your requirements could be that you want to send HTML values from view to the controller. Sometimes, we use HTML Editors to save some information into the database. By default, ASP.NET MVC doesn't allow a user to submit the HTML content. So let's see how to submit your form with HTML content.

Using the Code

Open Visual Studio, then select "New Project", then select ASP.NET MVC 4 Application.
Provide a project name, then click OK.
Select Internet Application, then click OK.

Create a New Model.

ValidateModel.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace ValidateInputDemo.Models
{
    public class ValidateModel
    {
        public string description { get; set; }
    }
}

Add a new method to your Controller.

HomeController.cs

public ActionResult ValidateInput()
{
    return View();
}
[HttpPost]
public ActionResult  ValidateInput(string description)
{
    ValidateModel validateInputModel = new ValidateModel();
    validateInputModel.description = description;
    return View(validateInputModel);
}

ValidateInput.cshtml

@model ValidateInputDemo.Models.ValidateModel
@{
       ViewBag.Title = "ValidateInput";
}
@using (@Html.BeginForm("ValidateInput","Home", 
FormMethod.Post, new { @id = "form1", @enctype = "multipart/form-data" }))
{
    <label id="lblDescription">Description

     @Html.TextAreaFor(m=>m.description, new {@id="txtDescription",@name="description" })

    <input type="submit" id="bttn_Submit" />
}

You can see in the code above, there is a text area and a submit button, have a look in the browser. Press F5.

You can see in the preceding screen, if you type something into the description and press Submit then nothing happens.

Now check the following example. Add HTML content into text area.

You will get the error above. This error comes because this is the security from ASP.NET MVC. For applications, a user cannot send HTML values to the controller, but sometimes we want to send values to the controller.

For resolving this issue, we have the ValidateInput(false) attribute. Just put this into your controller and have a look.

[HttpPost]
[ValidateInput(false)]
public ActionResult  ValidateInput(string description)
{
   ValidateModel validateInputModel = new ValidateModel();
   validateInputModel.description = description;
   return View(validateInputModel);
}

Now press F5. After filling in the HTML attribute press the submit button, you will never get an error. So when you want to work with HTML attributes in your app text area or textboxes, don't forget to use validateinpute(false) in your ActionMethod.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here