I have a grid where in insert/edit mode you can update the item for a person's names.
I've been asked to provide validation to ensure only alphanumerics are added.
After talking with a colleague we were thinking only validation for length should be done.
The user should be able to enter any c开发者_如何学Pythonharacters they like.
Does this sound correct? I understand some names could contain special characters etc.
From a security point of view, it would be recommended to constrain user input in order to prevent cross-site scripting attacks MSDN
There's tutorials for name validation available on Microsoft.com that are superior to your suggestions. Its easy enough to implement one of these pre-written Regex patterns so go for that instead.
^[a-zA-Z''-'\s]{1,40}$
*Validates a name. Allows up to 40 uppercase and lowercase characters and a few special characters that are common to some names.
You may need to consider whether you will allow the accented characters that are common in many European names, but this aside alphas (do you really need numerics?) only are probably the way to go to provide security from XSS attacks.
精彩评论