05. maj 2009 - 17:13Der er
2 kommentarer og 1 løsning
Invalid postback or callback argument problem
jeg har et bested system hvor brugerne kan skrive sammen. Man nar en bruger sender en mail and modtageren ville svare tilbage faar jeg denne fejl besked:
Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[ArgumentException: Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.] System.Web.UI.ClientScriptManager.ValidateEvent(String uniqueId, String argument) +8623897 System.Web.UI.Control.ValidateEvent(String uniqueID, String eventArgument) +72 System.Web.UI.WebControls.DropDownList.LoadPostData(String postDataKey, NameValueCollection postCollection) +53 System.Web.UI.WebControls.DropDownList.System.Web.UI.IPostBackDataHandler.LoadPostData(String postDataKey, NameValueCollection postCollection) +13 System.Web.UI.Page.ProcessPostData(NameValueCollection postData, Boolean fBeforeLoad) +346 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1743
jeg har provet at soge efter en losning paa nettet men det var uden hjaelp.
Er der nogle der har haft samme problem og har en losning paa det?
Jeg tror der er html i den mail du prøver at sende. Hvis din aspx side er sat op til at validere inputtet vil den ikke acceptere html som del af inputtet. Prøv at fjern evt. html tags i den mail du prøver at sende
<%@ Page Language="VB" validateRequest="false" %> <%@ Register TagPrefix="HookupUC" TagName="HeaderControl" Src="inc/header.ascx" %> <%@ Register TagPrefix="HookupUC" TagName="FooterControl" Src="inc/footer.ascx" %> <%@ Import Namespace="System.Configuration" %> <%@ Import Namespace="System.Data" %> <%@ Import Namespace="System.Data.Odbc" %> <%@ import Namespace="System.Web.Mail" %> <script language="VB" runat="server" src="inc/ProcessLogin.vb"></script> <script language="VB" runat="server" src="inc/HookupMessage.vb"></script> <script language="VB" runat="server"> Dim blnIsReply As Boolean = false Dim blnShowForm As Boolean = true Dim intNewMessages As Integer = 0 Dim strComposeLink As String = "<strong>Compose</strong>" Dim strTitle As String = "Compose a New Message" Dim strReplyID As String Dim strRecipientName As String Dim strRecipientID As String Dim strDisableSend As String
Sub Page_Init() call ProcessLogin() End Sub
Sub Page_Load() strReplyID = Request.QueryString("replyid") If Session("UserName") = "" Then MessageCell.CssClass = "msgSent" MessageCell.Text = "Please login to view your messages." ElseIf (strReplyID <> "" AND IsNumeric(strReplyID) = false) Then MessageCell.Text = "Please don't mess with the URL." Else Dim objConnection As New OdbcConnection(ConfigurationSettings.AppSettings("DB_CONNECTION_STRING")) Dim objDataReader As OdbcDataReader Dim objCommand As New OdbcCommand() objCommand.Connection = objConnection objConnection.Open() If Page.IsPostBack Then Dim strRecipientID As String = Request.Form("RecipientID") Dim strRecipientName As String = Request.Form("RecipientName") Dim strSubject As String = Request.Form("Subject") Dim strBody As String = Request.Form("Body") If (Trim(strSubject) <> "" AND Trim(strBody) <> "") Then Dim objMessage As New HookupMessage objMessage.SenderID = Session("ProfileID") objMessage.SenderName = Session("UserName") objMessage.RecipientID = strRecipientID objMessage.Subject = strSubject objMessage.Body = strBody objMessage.Send() If objMessage.ErrorMessage = "" Then MessageCell.CssClass = "msgSent" MessageCell.Text = "Your message was sent." Else MessageCell.Text = objMessage.ErrorMessage End If 'Clear the Message fields. Subject.Text = "" Body.Text = "" Else MessageCell.Text = "The subject or message was blank." End If strComposeLink = "Compose" blnShowForm = false Else 'Grab the information for the original message to be displayed. If IsNumeric(strReplyID) Then Dim intSenderProfileStatusID As Integer objCommand.CommandText = "SELECT m.SenderID,m.Subject,m.Body,p.UserName,p.ProfileStatusID " & _ "FROM messages m INNER JOIN profiles p ON m.SenderID = p.ProfileID " & _ "WHERE m.MessageID=" & strReplyID & " AND m.RecipientID=" & _ Session("ProfileID") & " AND m.DeletedByRecipient=0;" objDataReader = objCommand.ExecuteReader() If objDataReader.Read() Then strRecipientName = objDataReader("UserName") strRecipientID = CStr(objDataReader("SenderID")) intSenderProfileStatusID = objDataReader("ProfileStatusID") Subject.Text = "Re: " & Server.HtmlDecode(objDataReader("Subject")) Body.Text = vbCrLf & vbCrLf & vbCrLf & "------- " & _ strRecipientName & " wrote:" & vbCrLf & vbCrLf & Server.HtmlDecode(objDataReader("Body")) Else MessageCell.Text = "The message you are replying to was deleted." blnShowForm = false End If objDataReader.Close() If intSenderProfileStatusID = 3 Then MessageCell.Text = "The person whose message you are replying to, " & _ "has a suspended profile <br>and may not receive your reply if " & _ "his/her profile is deleted." ElseIf intSenderProfileStatusID = 4 Then MessageCell.Text = "The person whose message you are replying to, " & _ "has deleted their profile." blnShowForm = false End If blnIsReply = true strComposeLink = "Compose" strTitle = "Reply to a Message" Else 'Populate the RecipientID drop-down menu. objCommand.CommandText = "SELECT p.UserName,f.FavoriteID FROM favorites f " & _ "INNER JOIN profiles p ON p.ProfileID = f.FavoriteID " & _ "WHERE f.ProfileID=" & Session("ProfileID") & " ORDER BY p.UserName;" objDataReader = objCommand.ExecuteReader() While objDataReader.Read() RecipientID.Items.Add(New ListItem(objDataReader("UserName"), objDataReader("FavoriteID"))) End While objDataReader.Close() End If 'If the user has no favorites and is not replying to a message, then show a message. If (MessageCell.Text = "" AND Not(blnIsReply) AND RecipientID.Items.Count = 0) Then RecipientID.Items.Add(New ListItem("Your list of favorites is empty", "")) MessageCell.Text = "You can only use the Compose page if you have at least one person " & _ "on your favorites list.<br>Otherwise, use the Search tab to find someone to send a message to." strDisableSend = "disabled" End If 'Get the number of new messages in the Inbox. objCommand.CommandText = "SELECT Count(*) FROM messages " & _ "WHERE RecipientID=" & Session("ProfileID") & " AND " & _ "DeletedByRecipient=0 AND MessageRead=0" intNewMessages = CInt(objCommand.ExecuteScalar()) End If objConnection.Close() End If End Sub
Nu har jeg fundet en losning men jeg ved ikke om sikkerheden er god. jeg laeste om at hvis man lukker op med <pages enableEventValidation="true"/> saa kunne der vaere nogle sikkerheds huller.
Det jeg har gjort er at indsaette
<pages enableEventValidation="false" />
i min config file men hvad det gor eller om det har noget med sikkerheden at gore ved jeg ikke...
nogle der ved noget om det?
Synes godt om
Ny brugerNybegynder
Din løsning...
Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.