Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Datagrid Control > Unwanted data injected into datagrid textbox

Reply
Thread Tools

Unwanted data injected into datagrid textbox

 
 
kingflux
Guest
Posts: n/a
 
      11-13-2006
Hello, and thank you in advance for any help you can provide.

Each line in our the datagrid control contains a product number,
description, and a textbox for the user to enter a quantity-to-order.

Users enter quantities (not necessarily on every line), click the Next
button, and continue. Sometimes users return to a previous page, by
clicking the Previous button, and see quantities that they did not
enter. More often, users return to a previous page to find unwanted
quantities added and wanted quantities deleted.

A dozen customers have reported this problem over the last six months,
but we have been unable to reproduce it in-house. It is extremely
rare, but one week it happened four times.

Has anyone else experienced anything like this? Our solution was
developed by a third party, but I am becoming more familiar with the
source code. I can answer any questions to clarify the issue.


Patterns we have identified
==============================
1. There has never been an equal number of items deleted and inserted.
2. The deleted items are always contiguous to one another. (Items are
organized by a fixed catalog line number.)
3. The inserted items are always contiguous to one another.


Notes
======
1. The solution uses custom paging (datagrid.allowpaging=FALSE).
2. This behavior occurs before any records are written to the SQL
Server backend. (That happens when the user clicks the Save button or
the Place Order button.)
3. Solution was developed in Microsoft Visual Studio .NET 2003.
4. Our in-house Windows PCs are all at Framework level 1.1.4322.2032
(Service Pack 1); the server is also at SP1 level (1.1.4322.2300); am
waiting to hear back from two customers what version of the .NET
Framework they're using.
5. All clients are using Internet Explorer 6.0.

 
Reply With Quote
 
 
 
 
kingflux
Guest
Posts: n/a
 
      12-21-2006
I'm happy to announce that we figured out what is happening with the
'unwanted data injected into datagrid textbox' and it is now fixed on
our site.

I found the cause purely by accident, when testing on an older server
that is significantly slower than our production web server. I found
that I could click the Next button multiple times while I waited 5-8
seconds between page loads. Whenever I did, it "jumped" the same
number of pages and copied the values from the first page to all the
subsequent pages that were "touched" in the transaction. Nothing on
the screen would ever suggest to the user that such a thing had
occurred.

Mr. Barker from sqlwork.com was definitely on the right track when he
suggested duplicate postback was the likely problem -- so THANK YOU,
sir, very much!

At the bottom of the page, just before the closing HTML tag, we added
this javascript code, which disables all buttons on the page and
displays a "Processing..." message until the next page loads:


<script language="javascript">
/* Code to fix multi-click issue */

// handle the unload of the form
window.attachEvent("onbeforeunload", disableWindowControlsOnUnload);

// loop through relevant input controls and make sure the users do
attempt a postback
var elementCollection = document.getElementsByTagName("input");
if ( elementCollection != null )
{
for ( var i = 0; i < elementCollection.length; i++ )
{
var element = elementCollection(i);
if ( element.type == "submit" || element.type == "button" )
{
element.attachEvent("onclick", disableWindowControlsOnClick);
element.attachEvent("ondblclick", handleDoubleClick);
}
}
}

// this method used to disable any input controls from firing
function disableWindowControlsOnUnload()
{
document.body.style.cursor = "wait";
for ( var j = 0; j < document.forms.length; j++ )
{
var elementCollection =
document.forms(j).getElementsByTagName("input");
for ( var i = 0; i < elementCollection.length; i++ )
{
var element = elementCollection(i);
if ( thisElement.type == "submit" || thisElement.type == "button" )
element.disabled = true;
}
}

return true;
}

// this will make sure no events create a double post scenario
var bubbleEvent = true;
function disableWindowControlsOnClick()
{
if ( bubbleEvent == true )
{
document.body.style.cursor = "wait";
showProcessingBanner();
bubbleEvent = false;
}
else
{
window.event.cancelBubble = false;
window.event.returnValue = false;
}
}

function handleDoubleClick()
{
window.event.cancelBubble = false;
window.event.returnValue = false;
}


function showProcessingBanner()
{
var bannerElement = "<div style='position:absolute; z-index:99;
border-style:solid; background-color:white; width:400px;
height:200px;'></div>";
var banner = document.createElement(bannerElement);

banner.innerHTML = "<span style='color:black; font-size:large;
vertical-align:middle;'><center><br><br><br>Processing...</center></span>";
banner.style.left = ( window.screen.availWidth / 2 ) - 200;
banner.style.top = ( window.screen.availHeight / 2 ) - 100;
document.body.insertBefore(banner);
}

</script>


kingflux wrote:
> Hello, and thank you in advance for any help you can provide.
>
> Each line in our the datagrid control contains a product number,
> description, and a textbox for the user to enter a quantity-to-order.
>
> Users enter quantities (not necessarily on every line), click the Next
> button, and continue. Sometimes users return to a previous page, by
> clicking the Previous button, and see quantities that they did not
> enter. More often, users return to a previous page to find unwanted
> quantities added and wanted quantities deleted.
>
> A dozen customers have reported this problem over the last six months,
> but we have been unable to reproduce it in-house. It is extremely
> rare, but one week it happened four times.
>
> Has anyone else experienced anything like this? Our solution was
> developed by a third party, but I am becoming more familiar with the
> source code. I can answer any questions to clarify the issue.
>
>
> Patterns we have identified
> ==============================
> 1. There has never been an equal number of items deleted and inserted.
> 2. The deleted items are always contiguous to one another. (Items are
> organized by a fixed catalog line number.)
> 3. The inserted items are always contiguous to one another.
>
>
> Notes
> ======
> 1. The solution uses custom paging (datagrid.allowpaging=FALSE).
> 2. This behavior occurs before any records are written to the SQL
> Server backend. (That happens when the user clicks the Save button or
> the Place Order button.)
> 3. Solution was developed in Microsoft Visual Studio .NET 2003.
> 4. Our in-house Windows PCs are all at Framework level 1.1.4322.2032
> (Service Pack 1); the server is also at SP1 level (1.1.4322.2300); am
> waiting to hear back from two customers what version of the .NET
> Framework they're using.
> 5. All clients are using Internet Explorer 6.0.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unwanted data injected into datagrid textbox kingflux ASP .Net 3 12-21-2006 05:06 PM
Hidden spam links injected into web pages Terry_P Computer Security 3 12-03-2006 12:18 AM
Unwanted data injected into datagrid textbox tim@eNardoni.com ASP .Net Datagrid Control 0 11-13-2006 02:32 PM
Unwanted data injected into datagrid textbox tim@eNardoni.com ASP .Net Datagrid Control 0 11-10-2006 08:53 PM
Ruby injected into Practices of an Agile Developer Bil Kleb Ruby 2 02-10-2006 02:43 PM



Advertisments