Why is a LinkButton driving me up the wall?

Last week I ran into some odd validation control behavior when I dropped a LinkButton on to a web form that I was working with. Whenever the LinkButton would post back to the server, all of the validation controls would execute their validation routines and fail. This in turn prevented the main page life-cycle from continuing. This of course was not the behavior I needed. I wanted my post-back to bypass the page validation and have my LinkButton's command to trigger.

I then turned to setting the CausesValidation property on the LinkButton to false. This typically is the only setting necessary to keep a LinkButton from triggering a page validation. But not in this case. I clicked on the LinkButton and yet again all of the validation on the page lit up like a Christmas tree. And still my LinkButton command didn't execute.

At this point I wasn't yet questioning my sanity. I proceeded to set unique ValidationGroup names for the controls on my page. The validation controls and their associated input controls received ValidationGroup="Group1". My LinkButton received ValidationGroup="Group2". I was sure this would fix the problem. But it didn't.

I started to feel completely incompetent as an Asp.Net programmer. I must not know enough about how to use a damned LinkButton. So, I replaced my LinkButton with a regular Button. And wow, this magically fixed all my problems! But being the inquisitive person that I am, my quest to solve this riddled did not stop there.

What's the deal?

Long story short, after several days of diagnosing the problem, which played out like a comical episode of House, the problem appears to be a behavior related to using Visual Studio 2008. When I debug my form in Visual Studio 2005, all LinkButton and validation behavior goes as expected. When I debug the web form using either Visual Studio Team System 2008 or Visual Web Developer Express 2008, the page validation goes haywire. This oddity happens regardless of which framework I target. 

So what did I learn here? I sure can't fully explain why VS 2008 leads me to different validation behavior than VS 2005. The only modicum of utility that I am walking away with from this short inquisition is that you shouldn't overly trust a piece of software, no matter how nice it appears to be.

Please tell me I'm not going insane.

I am really interested in seeing if others get the same results. Try this out for yourself and see if you get different results using Visual Studio 2005 and Visual Studio 2008:

<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1"
    runat="server" ErrorMessage="Oh My Gravy!"
    ControlToValidate="TextBox1">
</asp:RequiredFieldValidator>
<br />
<asp:Button ID="Button1" runat="server" Text="Should Validate Button" />
<br />
<asp:ImageButton ID="ImageButton1" runat="server" CausesValidation="false" />

After clicking LinkButton1 using VS 2005:

After clicking LinkButton1 using VS 2008:

Akismet In .Net

Last Friday brought us version 1.0 of SubKismet, an open source library of tools to help us .Net addicts deal with the ever-evolving spam technologies that challenge the public-facing web apps we build. You can find it over on Microsoft's CodePlex. This version of SubKismet includes the first .Net implementation of the Akismet API that I’ve seen. Akismet is a free web service that you can run user-submitted content through to determine if it is spam. You use the SubKismet Akismet library with WordPress.com’s free Akismet service for “personal use”. I’m not yet certain if it can wire up to other, more enterprise-targeted Akismet web service providers out there, like Yahoo! Pro-Blogger.

Captcha!

SubKismet also has two different types of Captcha webserver controls included. The first control is called CaptchaControl, and it provides you with the standard image-based Captcha challenge. It uses a custom httpHandler to generate images on the fly using random fonts that are installed on your system. You can easily customize the characters it uses, the length of the code that is displayed, and the amount of “warping” that is done to make the text difficult for bots to recognize.

There are a few things that are missing from the CaptchaControl that I would like to see in a future version. First, there is no way to programmatically “unvalidate” an instance of CaptchaControl once it has successfully been validated. Once a user successfully matches the code in a CaptchaControl, the control is validated from then on, and the web form can be submitted infinitely more times with no further Captcha challenges required. I think this is a HUGE problem with the behavior of the CaptchaControl. Either the CaptchaControl should reset on its own after it validates, or there should be a public method that allows the programmer to rest the control in the code-behind.

The other thing that could be a show-stopper for the CaptchaControl is that it doesn’t provide any formatting options. In order to customize the look and feel of the control I had to modify the source code inside the SubKismet library and recompile the SubKismet dll. This process isn’t so bad, but most web developers aren’t going to want to spend time digging through the source code of this control. They would rather use their time working on the details of their own projects. So, I feel that the CaptchaControl needs at the very least to include a few more properties that allow you to give the inner-components a CSS Class name.

The other Captcha control that is included in SubKismet is called InvisibleCaptcha. The InvisibleCaptcha is a clever idea where javascript is used in order to add two numbers together to make the page valid. If the javascript doesn’t run (I guess most spam bots don’t execute javascript) then the page doesn’t validate. If a user has javascript turned off, then a form is rendered where the user can do the math in his or her own head. It’s a pretty elegant solution. This method alone can supposedly block 99.99% of spam bots. Excellent! Just drag one of these guys onto your next web form and forget about spam!

What else is in SubKismet?

The final thing that comes in the SubKismet library is a .Net implementation of Google Safe Browsing. I haven’t tried using this yet, but it appears to be a way to check URLs against Google’s blacklist of suspected phishing and malware pages. This could come in handy if you have a website that accepts URLs as user input. Again, another excellent tool!

All in all, the SubKismet is another excellent open source tool for .Net web developers. The source projects are set up very nice in a Visual Studio 2008 solution, and compile out of the box. Job well done to all who contributed to this project. Keep up the good work!