C# – Delete Button – Invalid postback or callback argument

asp.netc

I am trying to add a "Delete" button to my product-page, but I am constantly having troubles with this error:

Error:

Invalid postback or callback argument. Event validation is enabled
using in configuration or <%@
Page EnableEventValidation="true" %> in a page. For security
purposes, this feature verifies that arguments to postback or callback
events originate from the server control that originally rendered
them. If the data is valid and expected, use the
ClientScriptManager.RegisterForEventValidation method in order to
register the postback or callback data for validation.

Stack Trace:

[ArgumentException: Invalid postback or callback argument. Event
validation is enabled using in
configuration or <%@ Page EnableEventValidation="true" %> in a page.
For security purposes, this feature verifies that arguments to
postback or callback events originate from the server control that
originally rendered them. If the data is valid and expected, use the
ClientScriptManager.RegisterForEventValidation method in order to
register the postback or callback data for validation.]
System.Web.UI.ClientScriptManager.ValidateEvent(String uniqueId,
String argument) +8730646
System.Web.UI.Control.ValidateEvent(String uniqueID, String
eventArgument) +113
System.Web.UI.WebControls.Button.RaisePostBackEvent(String
eventArgument) +35
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String
eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
+36 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
+5563

What I've tried:

Throughout my research I've learned that I can use enableEventValidation="false" and validateRequest="false" but due to security-reasons its not recommended.
I tried to set both to False, it fixed the problem (thought I don't have a DELETE Query inserted), but I don't feel comfortable with having some security-settings turned off, just to get rid of an error.

My repeater is located inside the Page_Load, and since I'm using a masterpage, the repeater is also in a form.

Aspx:

<asp:Repeater runat="server" ID="RepProductMenu" OnItemCommand="RepProducts_ItemCommand">
<ItemTemplate>
         [Lots of stuff]......

        <asp:Button ID="BtnDelete" runat="server" Text="Delete" CommandName="Delete" CommandArguement='<%# Eval("ID") %>' /

</ItemTemplate>
</asp:Repeater>

Aspx.cs:

protected void RepProducts_ItemCommand(Object Sender, RepeaterCommandEventArgs e)
{
    if (e.CommandName == "Delete")
    {
        int ID = Int32.Parse(e.CommandArgument.ToString());
        // Add Delete Query
        Response.Write("COMMAND");
    }
}

Any suggestions and idéas are appreciated.

Best Answer

Avoid using Delete as a CommandName, as I believe this is reserved.

Also you have a typo in your Button control. CommandArguement should be CommandArgument

If your repeater is being binded at Page_Load and not inside if !(page.IsPostBack) then it will be rebound when the Delete button is clicked. This may cause a problem as the repeater will be rebound before your ItemCommand is ran. Which would make it invalid.

Try changing your code so that if !(page.IsPostBack) is wrapped around the bind.

Related Topic