Search HANENG.COM for View the ASP FUNCTION called Search in the FORUMS for

-Log in -Register (free) -RSS Feeds -New MyDesk Module -Update to Profile • Alternate color for RS looping with For Next • Northwind / ASP - Nested select • ASP SQL Injection

Forums / this is probably very simple for you people sandwichs | Posted 7:15am 10. October 2002 Server Time | ok here is a example of how I'd like to manipulate the Input1. Now... how can I write a function or sub that would do all of that, so I could use it for any of the request.forms inputs Input1=request.form("Input1") Input1=Trim(Input1) Input1=UCase(Input1) Input1= Replace(Input1, "'", "''") Input1= Replace(Input1, " ", "") Input1 = Server.HTMLEncode(Input1) sandwichs | Posted 7:25am 10. October 2002 Server Time | oops nevermind... blonde moment here sandwichs | Posted 7:39am 10. October 2002 Server Time | ok.. let's say that I don't want people to use certain keys in the username and password field. I wrote the following but I was wondering if there is an easiest way to do the same thing and ... is it a good idea to "filter" the input like so? myvar=request.form("Username") Transmyvar() Username=myvar myvar=request.form("Password") Transmyvar() Password=myvar sub Transmyvar() myvar= Replace(myvar, "\", "") myvar= Replace(myvar, "/", "") myvar= Replace(myvar, "(", "") myvar= Replace(myvar, ")", "") myvar= Replace(myvar, "*", "") myvar= Replace(myvar, "%", "") myvar= Replace(myvar, "_", "") myvar= Replace(myvar, "+", "") myvar= Replace(myvar, "=", "") myvar= Replace(myvar, ";", "") myvar= Replace(myvar, ",", "") myvar= Replace(myvar, "|", "") myvar= Replace(myvar, "&", "") myvar= Replace(myvar, " ", "") myvar= Replace(myvar, "!", "") myvar= Replace(myvar, "@", "") myvar= Replace(myvar, "#", "") myvar= Replace(myvar, "$", "") myvar= Replace(myvar, "^", "") myvar= Replace(myvar, "]", "") myvar= Replace(myvar, "{", "") myvar= Replace(myvar, "}", "") myvar= Replace(myvar, ".", "") myvar= Replace(myvar, ">", "") myvar= Replace(myvar, "<", "") myvar= Replace(myvar, "?", "") myvar= Replace(myvar, "'", "") myvar= Replace(myvar, "~", "") myvar= Replace(myvar, ".", "") myvar= Replace(myvar, "`", "") myvar = Server.HTMLEncode(myvar) end sub ronmuir | Posted 8:19am 10. October 2002 Server Time | Better to do it client side using Javascript, try this... <form onSubmit="return false;">   <p>This will not accept characters like !@#$%^&amp;..<br>   <textarea rows=2 cols=20 name=comments onKeypress="if ((event.keyCode > 32 && event.keyCode < 48) || (event.keyCode > 57 && event.keyCode < 65) || (event.keyCode > 90 && event.keyCode < 97)) event.returnValue = false;"></textarea>   </p> </form> sandwichs | Posted 9:49am 10. October 2002 Server Time | cool... where do I insert that code? sandwichs | Posted 11:28am 10. October 2002 Server Time | isn't more secure to put the code server side? sandwichs | Posted 5:22am 11. October 2002 Server Time | I read that it only works with explorer 1 Show all replies to 'this is probably very simple for you people' This post have been closed for new replies

| Info |

© Copyright 1997-2013 Alexander Haneng