<p> Hi Xmod gurus,</p><p> I think I suspect the answer to this question, but you guys have often surprised me with solutions outside the box!</p><p> I've been trying to use the &lt;xmod:select&gt; statement as a type of input validation, and have not been having too much luck. We have an xmod template that returns training course information based on a courseID in the query string parameters, e.g.&nbsp;"?courseID=232050". which SQL needs to see as an integer.</p><p> Lately we've been hit by a bot that keeps submitting invalid courseID values. These generate a whole host of SQL data type errors in the event log, and we're trying to prevent that.&nbsp;</p><p> I surrounded the set of &lt;xmod:template&gt; blocks inside the template file with a select&nbsp;case statement that uses a regex to determine if the courseID was all digits and under a set length. The select case block does work, but it appears that the ListDataSource queries are run whether they are within a true case block or not and continue to generate the errors. Is that just the order of processing on the server side?&nbsp;</p><p> Here's my code example, simplified:</p><p>&lt;xmod:select&gt;</p><p> &lt;case value='[[Url:courseid]]' operator="=" expression="^[0-9]{1,9}$" comparetype="regex"&gt;</p><p> &lt;xmod:Template UsePaging="false" Ajax="False" AddRoles="" EditRoles="" DeleteRoles="" DetailRoles=""&gt;</p><p> &lt;ListDataSource</p><p> CommandText="SELECT CourseTitle FROM Course WHERE CourseID = @courseID"</p><p> ConnectionString="[[ConnectionString:Courses]]"&gt;</p><p> &lt;Parameter Name="CourseID" Value='[[Url:courseid]]' /&gt;</p><p> &lt;/ListDataSource&gt;</p><p> &lt;ItemTemplate&gt;</p><p> &lt;h1&gt;[[CourseTitle]]&lt;/h1&gt;</p><p> &lt;/ItemTemplate&gt;</p><p> &lt;/xmod:Template&gt;</p><p> &lt;/case&gt;</p><p>&lt;/xmod:select&gt;</p>