Should I always call Page.IsValid?

Question

I know to never trust user input, since undesirable input could be compromise the application\'s integrity in some way, be it accidental or intentional; however, is there a

Answer 1

You can check the validity of a Page by checking the Page.IsValid property, your purpose to check the Page.IsValid might vary like

• If you have Validators which has the EnableClientScript property set to false
• If you have a server side validated Validator.
• Before performing a critical operation in a PostBack event handler body like Save, Delete, Authenticate...
• Do/display different things depending on the validity of page...
• Any thing you can think of...

So when/where can you call Page.IsValid

1. If the page is in post back
2. If the post back is caused by an input control with the CausesValidation property set to true.
3. After a call is made to the Page.Validate, i.e after the Page.Load event.

You can check Page.IsValid in the page life cycle if the place/time invoked satisfies the above criteria; otherwise the Page.IsValid will result in the System.Web.HttpException being thrown.

You should use Page.IsValid where it makes sense; like in the postback event handlers of input controls(with CausesValidation=true) and require the state of the page to be valid to perform their task correctly. (if you have server side validated validators or validators with client side validation switched off it becomes a MUST).

   protected void btnSave_Click(object sender, EventArgs e)
    {
       //Note that there might be ServerSideValidation which evaluated to false.
       if (!Page.IsValid)  
         return;

       CurrentEntity.Save();
    }

Finally note that Page.IsValid only checks for validation errors in the validator controls on your page, it all depends on what your validator controls do.