«

Hello.

I have a simple question: it is possible to write directly to
contentplaceholder just like to the page? I'm looking for a way to put
text directly in the same way like Response.Write("Some example text"),
but can't figure out how to do it. For now I created the Literal control
and all text pushed into Text properties of this control, but I don't
like it. Some advice ?

best,
Slawomir

The Literal is made precisely for your purpose. Why don't you like it? The
Placeholder is intended as a container for other controls.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net


"Slawomir" <> wrote in message
news:f7nj0r$3v7$...
> Hello.
>
> I have a simple question: it is possible to write directly to
> contentplaceholder just like to the page? I'm looking for a way to put
> text directly in the same way like Response.Write("Some example text"),
> but can't figure out how to do it. For now I created the Literal control
> and all text pushed into Text properties of this control, but I don't like
> it. Some advice ?
>
> best,
> Slawomir

Eliyahu Goldin napisa³(a):
> The Literal is made precisely for your purpose. Why don't you like it? The
> Placeholder is intended as a container for other controls.
>
I'm using on-line html editor (http://www.fckeditor.net/) to generate
page content. Pushing 50 lines of text seams to ... not elegant for me.

By the way - using on-line editor raise exception on my page. In English
its seams like:
"Potentially dangerous value detected in Request.Form coming from client
(MyFCKeditor="<p>&quot; some text...")". I can set RequestValidation to
"false", but I'm not sure about consequents. It's really potentially
unsave/dangerous ?

best,
Slawomir

the <p> is what triggers the error. if you do not handle the data
properly you can get script injection (sql or javascript, though the
test is only for javascript).


-- bruce (sqlwork.com)


Slawomir wrote:
> Eliyahu Goldin napisa³(a):
>> The Literal is made precisely for your purpose. Why don't you like it?
>> The Placeholder is intended as a container for other controls.
>>
> I'm using on-line html editor (http://www.fckeditor.net/) to generate
> page content. Pushing 50 lines of text seams to ... not elegant for me.
>
> By the way - using on-line editor raise exception on my page. In English
> its seams like:
> "Potentially dangerous value detected in Request.Form coming from client
> (MyFCKeditor="<p>&quot; some text...")". I can set RequestValidation to
> "false", but I'm not sure about consequents. It's really potentially
> unsave/dangerous ?
>
> best,
> Slawomir

bruce barker napisa³(a):
> the <p> is what triggers the error. if you do not handle the data
> properly you can get script injection (sql or javascript, though the
> test is only for javascript).
>
>
> -- bruce (sqlwork.com)
>

Yes, I understand that reason of the error is html block inside the
control, but this is exactly what I want. Maybe I will try to explain
whole situation:

I'm using on my web page (on admin part) fckeditor that generates html
structure of document. This "part" I'm writing to text file (news.txt)
and then displaying it on the web page. in Literal control. It of course
could contains <p>, <br>, <table>, <a> and other tags, because it
generates html page content.

Here is a link, where you can try to use it: http://www.fckeditor.net/demo
After finishing just click submit. This (generated) code a need to
include as part of my page (in contentplaceholder).

Here is my code to save html tags from admin page

protected void SaveClick(object sender, EventArgs e)
{
using (StreamWriter sw = new
StreamWriter(MapPath(@"/RZESA/inc/news.txt"), false))
{
sw.Write(FCKeditor1.Value);
}
}

.... and code to restore it on internet website.
protected void Page_Load(object sender, EventArgs e)
{
using (StreamReader sr = new
StreamReader(MapPath(@"/RZESA/inc/news.txt")))
{
Literal1.Text = sr.ReadToEnd();
}
}

As you can see the point is to pass this text (html code) to web page.
Maybe is other, more secure way to do this ?

best,
Slawomir