While using ASP.NET controls, for example
<h1 id="header" runat="server">text</h1>
if we want to change the text of the header we can do it probably by two properties InnerHTML and InnerText. I want to know what is the basic difference between the two properties?
InnerHtml lets you enter HTML code directly, InnerText formats everything you put in there for it to be taken as plain text.
For example, if you were to enter this in both properties: Hello <b>world</b>
This is what you would get with InnerHTML:
Hello world
That is, exactly the same HTML you entered.
Instead, if you use InnerText, you get this:
Hello <b>world</b>
And the resulting HTML would be Hello <b>world</b>
When in doubt, go to the source (or decompile):
In HtmlContainerControl:
public virtual string InnerText
{
get
{
return HttpUtility.HtmlDecode(this.InnerHtml);
}
set
{
this.InnerHtml = HttpUtility.HtmlEncode(value);
}
}
public virtual string InnerHtml
{
get
{
if (base.IsLiteralContent())
{
return ((LiteralControl)this.Controls[0]).Text;
}
if (this.HasControls() && this.Controls.Count == 1 && this.Controls[0] is DataBoundLiteralControl)
{
return ((DataBoundLiteralControl)this.Controls[0]).Text;
}
if (this.Controls.Count == 0)
{
return string.Empty;
}
throw new HttpException(SR.GetString("Inner_Content_not_literal", new object[]
{
this.ID
}));
}
set
{
this.Controls.Clear();
this.Controls.Add(new LiteralControl(value));
this.ViewState["innerhtml"] = value;
}
}
Both properties ultimately use InnerHtml, but setting InnerText HTML encodes the value so that it will be displayed literally in the browser versus interpreted as markup.
Remember that assigning to InnerHtml will not encode the value, and thus any user-driven content should be sanitized prior to assignment.
This also emphasizes how important it is to be mindful of view state (note the last line of InnerHtml's setter; everything ends up in view state whether or not you need it).
InnerHtml allows to insert html formated text within an HTML container, while InnerText only allows plain text (if I remember correctly this property trims any type of html you try to put in it)
InnerHtml. http://msdn.microsoft.com/en-us/library/system.web.ui.htmlcontrols.htmlcontainercontrol.innerhtml.aspx
InnerText. http://msdn.microsoft.com/en-us/library/system.web.ui.htmlcontrols.htmlcontainercontrol.innertext.aspx
Related
I'm trying to print a text and replace all "\r\n" with "<br/>", but the output returns "<br/>". So how to not encode the text, but not the "<br/>" part?
I could use #Html.Raw, but I don't want to do that for every text.
LocalizationAccessor:
public string this[string name, bool global = false]
{
get
{
ILocalizationValue result = default;
if (global)
{
result = GetAsync(null, name).Result;
}
else
{
result = GetAsync(name).Result;
}
return result.HtmlValue.Replace("\r\n", "<br/>");
}
}
HtmlValue is HtmlString.Value
View:
#_local["ParNewSite"]
Html:
prosessen smertefri og rask.<br/><br/>Alle har
I'd strongly recommend to see a string as plain text OR html encoded text. You've created a string that is partly html encoded (the '<br/>') and partly plain text. That can't work in a real reliable way. (What if you get '<br/>' as user input?).
Solution: Do all conversion in on place:
var html = HttpUtility.HtmlEncode(plainTextMultiLineString).Replace("\r\n", "<br/>");
See: https://learn.microsoft.com/en-us/dotnet/api/system.web.httputility.htmlencode?view=net-5.0
Please note that I am not English so explaining is difficult.
I need to get the HTML-Like tag from a string. Is there an official way of doing that?
I have got the first 3 letters of the string successfully but I can only use one letter within the tag.
string tag = command.Substring(0, 3); // Gets the first three letters (The tag)
command = command.Substring(3); // Removes the tag from the string.
if(tag == "<x>")
{
// Do stuff.
}
This code works fine but it limits me to using a single letter.
Am I able to use a tag such as <hello> in anyway?
Thank you very much.
Edit:
Sorry, there is confusion. My requirements is that I can input a string and the program will get the tag from the begging of the string. For example:
>> <abc>This is a string
And the program will find the tag (<abc>).
This is meant to be like HTML, but not actually related.
Again, sorry for my bad grammar and explanation.
What about:
//Suppose that the source string is:
string src = "<Hello> The rest of the string....";
//To extract the tag <Hello> from the source string:
string tag = src.Substring(0, src.IndexOf(">") + 1);
if(tag == "<Hello>")
{
//do some..
}
Hope that helps.
I am trying to find a way to alter a user's input if they use certain symbols. For example if they type a "<" I want to change it to "less than". Is there a way to set some kind of helper js to apply to all textinputs?
I figured it out. I used the magic of jQuery to do it.
$(':text').change(function() {
var jQuerySelector = `#${this.id}`;
var text = $(jQuerySelector).val();
if (text.includes('<')) {
text = text.replace('<', 'less than ');
$(jQuerySelector).val(text);
}
});
I've got a line here :
Paragraph par = row.Cells[0].AddParagraph("Value");
Is there a way to get the text value from par? I have tried par.GetValue() but that didn't work
Paragraphs can contain a mix of text with different sizes, fonts, attributes along with images and other things.
Here's a code snippet that gets the first text element:
if (para.Elements.Count > 0)
{
Text t = para.Elements[0] as Text;
if (t != null)
{
string s = t.Content;
...
}
}
You know what your code adds to the paragraph, so you should know what you have to extract.
I do not know what you are trying to do. Every MigraDoc document object has a Tag member for custom use. You can assign any object (including string) to this Tag.
I have several text boxes in an ASP.NET Web Form. I want to ensure that users are not entering HTML into those text boxes. However, I'm not sure how to prevent HTML from being entered. Because of this, I decided that I want to only allow alphanumeric characters, spaces, exclamation point, sharp sign, dollar signs, percentage signs, carets, stars, and left and right parenthesis. I'm omitting the ampersand because I do not want them entering something like "<script&rt;..."
How do I do this? Am I doing it the right way?
Thank you!
Have a look here
http://msdn.microsoft.com/en-us/library/ff649310.aspx
You can put a blanket statement in the web config ValidateRequest = true will check all user input and throw an error if a user inserts something with bad characters.
If you need to allow some html tags then you will need to roll your own.
The page will, by default, prevent users from posting HTML or script in textboxes or textareas. See MSDN
I've used:
HttpUtility.HtmlEncode();
More info here.
You can use a method to clean HTML codes from entry like:
public static string ClearHTML(string Str, Nullable<int> Character)
{
string MetinTxtRegex = Regex.Replace(Str, "<(.|\n)+?>", " ");
string MetinTxtSubStr = string.Empty;
if (Character.HasValue)
{
if (MetinTxtRegex.Length > Character)
{
MetinTxtSubStr = MetinTxtRegex.Substring(0, Character.Value);
MetinTxtSubStr = MetinTxtSubStr.Substring(0, MetinTxtSubStr.LastIndexOf(" ")) + "...";
}
else
{
MetinTxtSubStr = MetinTxtRegex;
}
}
else
{
MetinTxtSubStr = MetinTxtRegex;
}
return MetinTxtSubStr;
}