tags:

views:

164

answers:

2
+1  Q: 

Does disabling a .NET control prevent it from posting back

I have a custom made ASP control which is based on a select (drop down menu). If I disable my control by adding the word "disabled" in its html, I start getting null pointer errors when processing the form data.

I figure, either the browser doesn't post back disabled form items or ASP.NET ignores them when processing the form data. I'm not sure which one it is. I'm trying to understand where I'm loosing data.

Thanks for your help.

PS. I realize that there are better way to create and disable controls than manually editing html but there's a context here that doesn't allow me to do otherwise.

+5  A: 

Yes setting control's Enable = false is prevents control's value to be added posted data collection.

you can use readonly attribute instead.

here in MSDN it says :

The Text value of a TextBox control with the ReadOnly property set to true is sent to the server when a postback occurs, but the server does no processing for a read-only text box. This prevents a malicious user from changing a Text value that is read-only. The value of the Text property is preserved in the view state between postbacks unless modified by server-side code.

Also here is the Microsoft's reply to a bug report related to topic.

but if you use in classical way like that it will work : 

txt2.Attributes.Add("readonly", "readonly");
Canavar  2009-02-26 17:35:56
This doesn't work for a select box. The drop down is grayed out but I can still change the values. See: http://www.htmlcodetutorial.com/forms/_SELECT_READONLY.html
Mr Grieves  2009-02-26 17:51:01
The readonly trick doesn't work for me but you've answered my question. I'll just handle the null values. Thanks
Mr Grieves  2009-02-26 17:55:12
I find some resource that explains why it is not worked, and added the tested and working code for textboxes, but I'm not sure about dropdowns.
Canavar  2009-02-26 18:03:53
A: 

It will prevent the control from posting back but remember this web paradigm is a client/server technology. A person could modify the client data (HTML and / or Javascript) and force a postback no matter what you send him.

Therefore don't rely on this for security sensitive operations such as money manipulation and so on.

Always do a check on the server-side too for sensitive operations.

Andrei Rinea  2009-02-26 22:21:32
Yes, I enforce things on the data layer as well. Thanks for the reminder.
Mr Grieves  2009-02-27 16:52:26

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps