Automatic Insert/Update of the value in textbox fails when I put in the HTML document in the textbox

2 posts, 0 answers
  1. Yuriy
    Yuriy avatar
    13 posts
    Member since:
    Jul 2011

    Posted 23 Feb 2012 Link to this post

    Hi,

    I have RadGrid with automatic Insert/Update. Everything is working just fine, the problems start occurring, when I try to save html document using the textbox, giving me "server error".  See below my asp markup and the doc I try to save.

    Thanks,
    Yuriy



    <telerik:RadGrid ID="RadGrid2" runat="server" AllowAutomaticDeletes="True" AllowAutomaticInserts="True"
                        AllowAutomaticUpdates="True" AutoGenerateColumns="False" CellSpacing="0" DataSourceID="ServiceType"
                        GridLines="None" ShowStatusBar="True" AllowPaging="True">
                        <PagerStyle AlwaysVisible="true" Mode="NumericPages" />
                        <ClientSettings>
                            <DataBinding>
                                <DataService Type="OData" />
                            </DataBinding>
                            <Selecting AllowRowSelect="True" />
                        </ClientSettings>
                        <MasterTableView CommandItemDisplay="Top" DataKeyNames="ServiceTypeID"
                            DataSourceID="ServiceType" Width="100%" Name="ServiceType"
                            AllowPaging="False">
                            <DetailTables>
    ..................
     <telerik:GridTemplateColumn DataField="MaterialDescription" FilterControlAltText="Filter MaterialDescription column"
                                                            HeaderText="Description" UniqueName="ChildMaterialDescription">
                                                            <EditItemTemplate>
                                                                <asp:TextBox ID="MaterialDescriptionTextBox" runat="server" Text='<%# Bind("MaterialDescription") %>'
                                                                    Height="100px" TextMode="MultiLine" Width="300px" Wrap="True"></asp:TextBox>
                                                            </EditItemTemplate>
                                                            <ItemTemplate>
                                                                <asp:Label ID="MaterialDescriptionLabel" runat="server" Text='<%# Eval("MaterialDescription") %>'></asp:Label>
                                                            </ItemTemplate>
    .........................
      
     <asp:SqlDataSource ID="ChildMaterialItems" runat="server" ConnectionString="<%$ ConnectionStrings:KPortal %>"
             
        SelectCommand="SELECT Materials.ParentMaterialID, Materials.MaterialID, Materials.MaterialDescription, Materials.MaterialName, Materials.MaterialPictureID, MaterialPictures.PictureCategory + ' - ' + MaterialPictures.PictureDescription AS PictureDescription, Materials.PricedItem, Materials.MaterialCategoryID, Materials.OrderID, Materials.Value, Materials.UnitID, Materials.InternalCode, Materials.UnitType FROM Materials INNER JOIN MaterialPictures ON Materials.MaterialPictureID = MaterialPictures.MaterialPictureID WHERE (Materials.ParentMaterialID = @ParentMaterialID)
    order by Materials.OrderID" DeleteCommand="Exec DeleteMaterials @MaterialID"
            InsertCommand="Exec InsertMaterial
    @MaterialDescription=@MaterialDescription,
    @MaterialPictureID = @MaterialPictureID,
    @ParentMaterialID = @ParentMaterialID,
    @MaterialName = @MaterialName,
    @PricedItem = @PricedItem,
    @InternalCode = @InternalCode ,
    @Value = @Value,
    @UnitType = @UnitType,
    @UnitID = @UnitID,
    @OrderID = @OrderID"
            UpdateCommand="
    Update Materials
    Set
    MaterialDescription = @MaterialDescription,
    MaterialPictureID = @MaterialPictureID,
    MaterialName = @MaterialName,
    PricedItem = @PricedItem,
    InternalCode = @InternalCode,
    Value = @Value,
    UnitType = @UnitType,
    UnitID = @UnitID,
    OrderID = @OrderID
    Where MaterialID =@MaterialID
    ">
            <DeleteParameters>
                <asp:Parameter Name="MaterialID" />
            </DeleteParameters>
            <InsertParameters>
                <asp:Parameter Name="MaterialDescription" />
                <asp:Parameter Name="MaterialPictureID" />
                <asp:Parameter Name="ParentMaterialID" />
                <asp:Parameter Name="MaterialName" />
                <asp:Parameter Name="PricedItem" />
                <asp:Parameter Name="InternalCode" />
                <asp:Parameter Name="Value" />
                <asp:Parameter Name="UnitType" />
                <asp:Parameter Name="UnitID" />
                <asp:Parameter Name="OrderID" />
            </InsertParameters>
            <SelectParameters>
                <asp:ControlParameter ControlID="RadGrid2" Name="ParentMaterialID"
                    PropertyName="SelectedValue" />
            </SelectParameters>
            <UpdateParameters>
                <asp:Parameter Name="MaterialDescription" />
                <asp:Parameter Name="MaterialPictureID" />
                <asp:Parameter Name="MaterialName" />
                <asp:Parameter Name="PricedItem" />
                <asp:Parameter Name="InternalCode" />
                <asp:Parameter Name="Value" />
                <asp:Parameter Name="UnitType" />
                <asp:Parameter Name="UnitID" />
                <asp:Parameter Name="OrderID" />
                <asp:Parameter Name="MaterialID" />
            </UpdateParameters>
        </asp:SqlDataSource>

     
    I am trying to save in the column above the following text:
     
    <body>
      
        <p style="text-align: left">
            <img alt="Priceology"  src="{WebSiteAddress}/Pics/Pricology640.jpg" /></p>
            <div>
              
                Dear {CompanyUserName},<br />
                <br />
                Please be advised that there is an update to {Service} project that you are
                working on.<br />
                <br />
                The status of the <b>"{ProjectName}"</b> project have been updated to
                <b>"{ProjectStatus}"</b>.
                <br />
                <br />
                Please visit the link below to see the details:e the details:<br />
                <br />
                 <a href="{ManufacturerProjectLink}">Priceolgy projects</a><br />
                <br />
                Regards,<br />
                Priceology Team</div>
    </body>
    </html>

  2. Iana Tsolova
    Admin
    Iana Tsolova avatar
    3376 posts
    Member since:
    Sep 2012

    Posted 24 Feb 2012 Link to this post

    Hello Yuriy,

    You cannot enter HTML in a textbox. This is not allowed for security purposes. You can try using our HTML Editor intead:
    http://demos.telerik.com/aspnet-ajax/editor/examples/overview/defaultcs.aspx

    Kind regards,
    Iana Tsolova
    the Telerik team

    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.

Back to Top