Asp.net ajaxToolkit:HtmlEditorExtender rich text editor won't send the whole message
I have an asp.net project and what I want to do is to make a textarea a rich text editor and for this I am using ajaxToolkit:HtmlEditorExtender. The problem is that when I enter some text in the textarea and submit it in the code-behind I only get the words until I pressed enter. For example: Before pressing enter I have "This is first row" and after pressing enter "This is the second row". In the code behind I only get "This is first row".
Where the code is written is a user control(ascx page) not aspx page.
This is where I defined the textbox and HtmlEditorExtender:
<asp:Panel runat="server" ID="OrderNotePanel" CssClass="tableContainerWithScrollbar">
<asp:UpdatePanel ID="UpdatePanel2" runat="server">
<ContentTemplate>
<div class="row alignedCenter">
<div class="col-sm-10 col-xs-12">
<label>NOTE:</label>
<asp:TextBox ID="OrderNoteTextBox" runat="server" TextMode="MultiLine" Rows="10" CssClass="form-control" Height="200px" />
<ajaxToolkit:HtmlEditorExtender ID="HtmlEditorExtender1" DisplaySourceTab="True" TargetControlID="OrderNoteTextBox" runat="server">
<Toolbar>
<ajaxToolkit:Bold />
<ajaxToolkit:Italic />
<ajaxToolkit:Underline />
<ajaxToolkit:InsertUnorderedList />
</Toolbar>
</ajaxToolkit:HtmlEditorExtender>
</div>
<div class="col-sm-2">
<label style="display: block;"> </label>
<asp:Button ID="AddButton" runat="server" Text="ADD" OnClick="InsertButton_Click" CssClass="genericButton small" />
<asp:HiddenField runat="server" ID="HiddenFieldTextbox" />
</div>
</div>
//Other lines of code
</ContentTemplate>
</asp:UpdatePanel>
</asp:Panel>
And in the code-behind when Add button is clicked I have :
protected void InsertButton_Click(object sender, EventArgs e)
{
try
{
String NoteEncoded = OrderNoteTextBox.Text;
var Note = HttpUtility.HtmlDecode(NoteEncoded);
if (Note != "")
{
OrderNotesDataSource.InsertParameters["OrderID"].DefaultValue = CustomerOrderID;
OrderNotesDataSource.InsertParameters["OrderDetailID"].DefaultValue = OrderLineID;
OrderNotesDataSource.InsertParameters["OrderNote"].DefaultValue = Note;
OrderNotesDataSource.InsertParameters["Step"].DefaultValue = Step;
OrderNotesDataSource.InsertParameters["UserID"].DefaultValue = Page.User.Identity.Name;
OrderNotesDataSource.Insert();
}
OrderNoteTextBox.Text = "";
OrderNoteListView.DataBind();
}
catch (Exception ex)
{
OrderLineNotesLabel.Text = ex.Message;
}
}
String NoteEncoded = OrderNoteTextBox.Text; Here I get only the first row.
Why? How can I fix this? Thank you!
I have to think the issue is the sanitization.
Try this for the extender settings (disable sanitization for testing).
<ajaxToolkit:HtmlEditorExtender
ID="HtmlEditorExtender1"
DisplaySourceTab="True"
TargetControlID="OrderNoteTextBox"
runat="server"
EnableSanitization="False">
<Toolbar>
<ajaxToolkit:Bold />
<ajaxToolkit:Italic />
<ajaxToolkit:Underline />
<ajaxToolkit:InsertUnorderedList />
</Toolbar>
</ajaxToolkit:HtmlEditorExtender>
And code behind for testing is this:
protected void AddButton_Click(object sender, EventArgs e)
{
string NoteEncoded = OrderNoteTextBox.Text;
Debug.Print($@"From text box = {OrderNoteTextBox.Text}");
string Note = HttpUtility.HtmlDecode(NoteEncoded);
Debug.Print($@"After decode = {Note} ");
}
output:
So, it is not clear what you expecting from your "de-code", but as above shows, decoding is not required. The resulting text is going to be markup, with "divs" and more, and that often means that even a simple line break is going to include "<" and other characters - often restricted ones for a simple line break.
Note how I tested above with EnableSanitization="False".
I guess this depends on the type of application, and say if users are to be valid customers that MUST logon to the site, then you can risk running the html editor without sanitization. However, if the site allows self signup, or that page is public without requiring a logged-on user, then of course you can't run that page without the sanitization.