this is probably very simple for you people

ASP Forum

this is probably very simple for you people
sandwichs | Posted 7:15am 10. October 2002 Server Time |

ok here is a example of how I'd like to manipulate the Input1. Now... how can I write a function or sub that would do all of that, so I could use it for any of the request.forms inputs

Input1=request.form("Input1")
Input1=Trim(Input1)
Input1=UCase(Input1)
Input1= Replace(Input1, "'", "''")
Input1= Replace(Input1, " ", "")
Input1 = Server.HTMLEncode(Input1)

sandwichs | Posted 7:25am 10. October 2002 Server Time |

oops nevermind... blonde moment here

sandwichs | Posted 7:39am 10. October 2002 Server Time |

ok.. let's say that I don't want people to use certain keys in the username and password field.
I wrote the following but I was wondering if there is an easiest way to do the same thing and ... is it a good idea to "filter" the input like so?
myvar=request.form("Username")
Transmyvar()
Username=myvar

myvar=request.form("Password")
Transmyvar()
Password=myvar

sub Transmyvar()
myvar= Replace(myvar, "\", "")
myvar= Replace(myvar, "/", "")
myvar= Replace(myvar, "(", "")
myvar= Replace(myvar, ")", "")
myvar= Replace(myvar, "*", "")
myvar= Replace(myvar, "%", "")
myvar= Replace(myvar, "_", "")
myvar= Replace(myvar, "+", "")
myvar= Replace(myvar, "=", "")
myvar= Replace(myvar, ";", "")
myvar= Replace(myvar, ",", "")
myvar= Replace(myvar, "|", "")
myvar= Replace(myvar, "&", "")
myvar= Replace(myvar, " ", "")
myvar= Replace(myvar, "!", "")
myvar= Replace(myvar, "@", "")
myvar= Replace(myvar, "#", "")
myvar= Replace(myvar, "$", "")
myvar= Replace(myvar, "^", "")
myvar= Replace(myvar, "]", "")
myvar= Replace(myvar, "{", "")
myvar= Replace(myvar, "}", "")
myvar= Replace(myvar, ".", "")
myvar= Replace(myvar, ">", "")
myvar= Replace(myvar, "<", "")
myvar= Replace(myvar, "?", "")
myvar= Replace(myvar, "'", "")
myvar= Replace(myvar, "~", "")
myvar= Replace(myvar, ".", "")
myvar= Replace(myvar, "`", "")
myvar = Server.HTMLEncode(myvar)
end sub

ronmuir | Posted 8:19am 10. October 2002 Server Time |

Better to do it client side using Javascript, try this...

<form onSubmit="return false;">
  <p>This will not accept characters like !@#$%^&..<br>
  <textarea rows=2 cols=20 name=comments onKeypress="if ((event.keyCode > 32 && event.keyCode < 48) || (event.keyCode > 57 && event.keyCode < 65) || (event.keyCode > 90 && event.keyCode < 97)) event.returnValue = false;"></textarea>
  </p>
</form>

sandwichs | Posted 9:49am 10. October 2002 Server Time |

cool... where do I insert that code?

sandwichs | Posted 11:28am 10. October 2002 Server Time |

isn't more secure to put the code server side?

sandwichs | Posted 5:22am 11. October 2002 Server Time |

I read that it only works with explorer

Reply to Post this is probably very simple for you people

Back to Forum Page