Syed Anjam
Reputation: 1
How to store HTML tags in SQL 2008 Simple (taking HTML code as input in textbox and stored it in database)
Error:
A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$htmlCode="table style="backgr...")
Code:
SqlConnection n_con = new SqlConnection(constring);
n_con.Open();
string N_Query = "update imageAd set code = '"+textbox1.text+"' where id = '" + id + "'";
SqlCommand N_cmd = new SqlCommand(N_Query, n_con);
N_cmd.ExecuteNonQuery();
Upvotes: 0
Views: 89
Answers (1)
jafarbtech
Reputation: 7013
Set validateRequest="false" in the <%@ Page ... %> directive in your .aspx
In .NET 4 you may need to do a little more. Sometimes it's necessary to also add <httpRuntime requestValidationMode="2.0" /> to web.config
Note : But this will cause script injection and Sql injection attacks possible in that page. Thats why it shows "A potentially dangerous". To prevent it use Lbel1.Text = Server.HtmlEncode(TextBox1.Text) when you displaying the html which u got input from this page. you can negotiate it if you are using in admin side of the webpage
Upvotes: 2
Related Questions
- Storing HTML in SQL Server
- How can I save my Textbox content in a database? Textbox is programmed in HTML and CSS
- How do I insert html tags/script to sql as a text?
- how to store and retrieve the HTML text Editor contents to SQL Server DB in ASP.net C#
- How to save HTML Tags and its attributes in sql table?
- User input text saving to sql server
- Store and read HTML in database with ASP.NET MVC?
- How to save HTML data in Sql Server
- Storing HTML formatted text in database
- how to save html to a database field