A potentially dangerous Request.Form value was detected from the client

Server Error in '/' Application.

 

A potentially dangerous Request.Form value was detected from the client (txtCode="<br/>").

Description: Request Validation has detected a potentially dangerous client input value, and processing of
the request has been aborted. This value may indicate an attempt to compromise the security of your application,
such as a cross-site scripting attack. To allow pages to override application request validation settings, set the
requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0".

Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request
validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section.
However, it is strongly recommended that your application explicitly check all inputs in this case. For more
information, see http://go.microsoft.com/fwlink/?LinkId=153133.

Exception Details:System.Web.HttpRequestValidationException: A potentially dangerous Request.Form
value was detected from the client (txtCode="<br/>").
 
You have to do little modification to you application to get this fixed.

  1. Add <httpRuntime requestValidationMode="2.0" /> in your application web.config
       under <system.web>.
       <system.web>
        <httpRuntime  requestValidationMode="2.0"/>
  2. Add RequestValidation="false" on your page or in web.config <pages>
       attribute.
    <%@ Page Language="C#" AutoEventWireup="true" ValidateRequest = "false"
     
    or
    to work this for whole application do in web.config as:
    <system.web>
        <httpRuntime  requestValidationMode="2.0"/>
        <pages validateRequest ="false"></pages>

IN clause With Linq To Sql

There is no direct equivalent in LINQ. Instead you can use contains () or any other trick to implement them. Here's an example that uses Conains ().:

String [] s = new String [5];
s [0] = "34";
s [1] = "12";
s [2] = "55";
s [3] = "4";
s [4] = "61";
 
var = RESULT1 from the day context.TableName
                        where s.Contains (d.fieldname)
                        select d;

Eg:

int[] productList = new int[] { 1, 2, 3, 4 };   

var myProducts = from p in db.Products

                 where productList.Contains(p.ProductID)

                select p;

Start with the Order (pretend my order is ID=44):

AdventureWorks.DB db=new DB();

var itemQuery = from orders in db.SalesOrder

              where orders.SalesOrderID == 44

              select orders.ProductID;

Next we need to get the products, but only those that are in the cart. We do this by using our first query, inside the second:

var myProducts = from p in db.Products

                where itemQuery.Contains(p.ProductID)

                select p;

Securing ASP.Net pages - ASP.NET - Forms Authentication

ASP.Net has a built-in feature called forms authentication which allows developers to easily get certain areas of a website. In this post I will create a simple authentication example using C # and ASP.Net 4.0 (still in beta after the posting date).
The security settings with ASP.Net is configured from the web.config file. This is a standard ASCII file, an XML format, which is at the root of the web application. This is a sample web.config file:

<configuration>
    
<system.web>
        
<authentication mode="Forms">
            
<forms name ="TestAuthCookie" loginUrl="login.aspx" timeout="30">
                
<credentials passwordFormat="Clear">
                    
<username="user1"password="pass1"/>
                    
<username="user2"password="pass2"/>
               
</authentication>
        
<authorization>
            
<denyusers="?"/>
       
</authorization>
        
<compilation targetFramework="4.0"/>
        
<pages controlRenderingCompatibilityVersion="3.5"clientIDMode="AutoID"/>
    

</system.web>
 </configuration>

 
The first line is the standard for a web.config file and not related to security.
 
The following section specifies that you are configuring security for this web application. First, set the authentication mode to use a cookie in this specific example. You can specify a unique name for your cookie. This section also specifies the page or URL that contains the authentication code (login.aspx in this case) and the duration of the authentication cookie should be stored.
The next two lines specify the user names and passwords are valid for this web application. As far as I know there is no limit on the number of user accounts can be placed in the web.config, but if there were a large number - or if they change frequently - it might be best to put this information in an external file as a database or an XML file instead (I'll show this in a future article).
Now that we've identified some accounts valid login is necessary to specify in reality we want to password protect. For this example I decided to password protect the entire site from the root, so the optional attribute is not used. We have established the authority to deny all unauthenticated users (deny users ="?").
That's all it takes to file config.web. If someone tries to access the page and the user is not authenticated and will be redirected to login.aspx page.
This is only half the process required however. Now we have to create the login.aspx page to actually authenticate the user for our application.
Here is the complete source code for the login.aspx page shows:

<% @ Page Language = "C #" AutoEventWireup = "true" CodeFile = "login.aspx.cs"%>
 
DOCTYPE html PUBLIC "- / / W3C / / DTD XHTML 1.0 Transitional / / EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title> </title>
<head>
<body>
  <form  id="Form1" runat="server">
    <div>
        Username:
    <asp:TextBox    ID="txtUsername" <asp:TextBox runat="server"> 
        <br />
        Password:
   <asp:TextBox    ID="txtPassword" <asp:TextBox runat="server">
        <br />
       <asp:Button Text="Login" onclick="Button1_Click" ID="Button1"  runat="server" />
        <br />
        <br />
       <asp:Label runat="server" ID="lblStatus" Text="Please  login"> </asp:Label>
    </div>
    </form>
</body>
</html>
using System;
using System.Web.UI.WebControls;
using System.Web.Security;
 
public partial class Default3: System.Web.UI.Page
{
    protected void Button1_Click (object sender, EventArgs e)
    {
        if (FormsAuthentication.Authenticate (txtUsername.Text, txtPassword.Text))
        {
            lblStatus.Text = ("Welcome" + txtUsername.Text);
            FormsAuthentication.RedirectFromLoginPage (txtUsername.Text, true);
        }
        more
        {
            lblStatus.Text = "Invalid login";
        }
 
    }
}

Dynamically add controls to footer row using RowTemplate

Create a Class that inherits ITemplate and add controls the container ; you want to add.
Assign the object of that class to ASPxGridView's Templates.FooterRow property as:

ASPxGridView1.Templates.FooterRow = new CustomFooterRowTemplate();
And the code snippet of the template class is below:
public class CustomFooterRowTemplate: ITemplate
{            
     void ITemplate.InstantiateIn(Control container)
     {
         Button button = new Button();
         button.Text = "Test"; 
         container.Controls.Add(button);
     }
}

have an idea from this and you can add more controls and even you can use their event handler in the custom template except using on the RowCommand event.