Page 68 - DCAP312_WEB_TECHNOLOGIES

Page 68 - DCAP312_WEB_TECHNOLOGIES_II

P. 68

Web Technologies-II

Notes <asp:TextBox ID= “txtcity” runat= “server” Width= “230px”>
</asp:TextBox>
</td>
</tr>
<tr>
<td class= “style1”>State</td>
<td class= “style2”>
<asp: TextBox ID=“txtstate” runat=“server” Width= “230px”>
</asp: TextBox>
</td>
</tr>
<tr>
<td class= “style1”></td>
<td class= “style2”></td>
</tr>
<tr>
<td class= “style1”></td>
<td ID= “displayrow” runat= “server” class= “style2”>
</td>
</tr>
</table>
</div>
<asp: Button ID= “Button1” runat= “server”
Onclick= “Button1_Click” Text= “Click”/>
</form>
</body>
</html>
The code behind the button control:
protected void Button1_Click(object sender, EventArgs e)
{
string str = ““;
str += txtname.Text + “<br/>“;
str += txtstreet.Text + “<br/>“;
str += txtcity.Text + “<br/>“;
str += txtstate.Text + “<br/>“;
displayrow.InnerHtml = str;
}
Text is not HTML encoded before it is displayed in the LinkButton control.
This makes it possible to embed script within HTML tags in the text. If the
values for the control come from user input, be sure to validate the values to
help prevent security vulnerabilities.

62 LOVELY PROFESSIONAL UNIVERSITY

63 64 65 66 67 68 69 70 71 72 73