Manipulating User Input From A Form
I have a HTML page with a form on it. I have an ASP page that processes what a user has entered into the form (updates a database etc).
I now need a page that fits between these two pages to pre-process�the users input. I need to do it this way because I am not allowed to change either of the two existing pages.
I know how to read what the user has input into the form and I know how to pass control onto the next page.
What I have not been able to work out is how to change the user input and have those changes passed onto the next page as if nothing has happened (that is, the original ASP page just performs its request.form(�item�) calls as it always has but instead of seeing what the user actually typed in, it should see the changed text as created by the new pre process� page)
I have tried using a regular expression replace but can only successfully make this change a variable and not the original form input. Equally I cannot find a way of swapping the original form input string with the output variable from the replace.
Does anyone have any ideas on this one?
View Replies
ADVERTISEMENT
write a simple function to check the user input from a form. I need to check that the string contains only numbers, has a maximum leght of say 15 and that the first number is zero.
View Replies
View Related
Select Case request.form("posted")
case 1
case 2
case 3
case else
end select
Here is my case statment each case has a form, which holds a varible named posted. There is a problem however, once the refresh button is pressed it &*#$# up. I need to set request.form("posted") to nothing and it would be good to know how to set all of request.form.
View Replies
View Related
I'm using the following code and if someone enters something in the "instructions" field with characters -"', - it causes the SQL statement to change using those characters.
Dim strSQLadd
strSQLadd = "INSERT INTO orders" &_
"(form_number, orig_number, order_loannum, order_date, order_time, order_address, order_city, order_zip," &_
"order_contact, order_lockbox, order_agent, order_homephone, order_workphone, order_cellphone," &_
"order_legal, order_instructions, order_deliver, order_pay, order_altmail, order_appraiser) " &_
"VALUES (" & FormNum & "," & OrigNum & ",'" & CaseNum & "','" & OrderDate & "','" & OrderTime & "','" & pave & "','" & City & "','" &_
Zip & "','" & Owner & "','" & LockBox & "','" & Agents & "','" & BorHmP & "','" & BorWrkP & "','" &_
BorCellP & "','" & Legal & "','" & Instruct & "','" & DeliverType & "','" & Payment & "','" & AltMailType & "','" & AppName &"');"
objconn.Execute (strSQLadd)
View Replies
View Related
Does anyone know if its possible to create and email HTML
forms. Email recipients would then input information to
these forms in the same way that they would on a web
page. Pressing the submit button would mail the form
back, after which it would be separately submitted to an
ASP page on the web server for processing.
The main reason for this is so we don't have all the
issues associated with firewalls and security to deal
with. Our corporate mail servers will strip out viruses
so that not a problem.
View Replies
View Related
I have a form that I am trying to append to include a CAPTCHA validation field.
I have added the CAPTCHA code to the end of the form itself and now I am struggling to make the processor do a couple of things:
***If the CAPTCHA validates as well as all the form input data>>confirmation page and send appropriate email.
***If the form is filled out, but the CAPTCHA authentication is wrong>>go back to the same page, keep the form filled out, and give one more chance to correctly enter the CAPTCHA field.
***If the form is being spammed.......fail and die gracefully.
Here is the processor code thus far: Code:
View Replies
View Related
What is the best way to handle user input into a form which passes info to an .asp application. The problem I have is if somebody enters in "dave's" the asp code breaks because of the ' in the input field. What is the best way to handle this kind of input?
View Replies
View Related
ASP without Access database (my webserver does not support this). I'm looking for some ASP code that can show a calendar on a webpage. The people looking at the page should be able to type in a small message and a date and then send the info to the webpage. which then updates itself.
I have a more specific example of my needs. Often when I need to arrange a meeting with friends, then I send out a mail to ex. 10 persons. They can choose between 3 different days and I want to find the day that most people can come.
Instead of getting mails back and evaluate thise, I would like them to make their reservation on the asp-webpage. This way the others can follow the "favorite" day that is accurring when a few people has typed their favorite meetingday. Hope this was understandable.
View Replies
View Related
I have forms and photo upload features in my website. I'm using IIS 5.1 in Windows XP Pro. What do I need to add into my code to validate user input? I had SQL injection attack before, now I use replace function to remove any malicious words such as SELE, DELE, Ad, etc.. to prevent SQL injection attack. Are there any other attacks which it can be triggered in a text input field? What do I need to do to prevent it?
I also have a photo upload feature, it allows user upload photos to my table and the photo will be displayed in the gallery. How can I validate the user upload file is image file only? I mean user might be able to upload malicious scripts, virus to my server. How can I prevent that?
View Replies
View Related
I have written a function to validate user input, so that it properly returns a valid time if the user inputs 1600 or 16:00 or 4:00 pm the time is properly formatted (it may need a little more tweaking, but you get the idea) This is the function : Code:
View Replies
View Related
I want to add the "Did you mean" - Google feature to searches on my
website.
My website lets users search for a business using different
parameters.
If there is no match, I want to do a spell check on the entered
parameters.
I need to be able to check words with an english dictionary as well as
add words(business names) to the dictionary. Code:
View Replies
View Related
I am working on a web application that uses both asp classic and asp.net
pages. We need to validate user input to avoid attacks like sql injection.
Can a component be created that both page types can use? Is that the best
approach? Would I simply use pattern matching to validate strings and/or
remove any unwanted characters?
View Replies
View Related
This problem only occur when ppl using NetScape 7.2 I've tested it myself and it works in IE and it DOESN"T work in NetScape 7.2 Here is the code:
View Replies
View Related
Isn't there some line of code that I can write to tell ASP to treat everything between BLAH and /BLAH as text (including the apostrophe). So that users can type a name of "O'Malley" in a form and I can retrieve it and store it in my database.
View Replies
View Related
How to select query according to User Input for a WebPage in C#.Net with SQL Server 2000.I am trying to build a web page in C#.NET with SQL Server 2000 using Visual Web Developer 2005. I want to select and execute the query according to user input.
I have a form which has 2 textboxes which gets start date and end date from the user. Based on start/end date my 1st query runs. Now if user does not enter any start/end date I want to run another query which takes default dates from database(which is in varchar:ex. now()/now()-180) according to logged on user's permisstions.
How to select query ?
View Replies
View Related
How can I create a query based on the form input. I want to have a pulldown menu (list of states). The user can select the state, lets say VA and click on "go" button. I want the page to return results that has state=VA. So how do I create that statement and send to aspx ?
View Replies
View Related
I want to have a form like a table of record. If I let user input number of record to be insert in advance, how can I make a form that having number of rows of input? For example:
Number of records : 5
Then I need a input form like a table with the column and 5 row like Excel format.
The form:
Title Row : No. | Dept ID | Emp ID | Base Salary |
Input Row1 : 1 | | | |
Input Row2 : 1 | | | |
Input Row3 : 1 | | | |
Input Row4 : 1 | | | |
Input Row5 : 1 | | | |
I'm thinking all my input will be array. Then when user submit I'll split it and insert to DB. Code:
View Replies
View Related
I have been ask to try a create a form on my works website to allow
teachers to fill it out the click button that emails to the boss
I thought asp is what need so i am very new to asp and with a lot of reading
from the net and books i got it to work :) but i tried to get too clever and
sent the user info to a page so the user can check for errors before
emailing but i cant figure it out and by fiddling too much i have stuff it
completely
can it even be done input info into form post that info to a new page
and then if the info ok email
View Replies
View Related
i've recently done a basic website offline and haven't uploaded or found a host server yet. however i was wondering if there is a way to process the form input offline. I was told i need ASP functionality. but i'm not too familiar with it.
View Replies
View Related
my form contains two text fields(name, address) and two file field control where user can insert image(photo1 and photo2), i want to insert this data in to ms access when the user submits the form?
this is my code for insert text fields to access data base.but i have no idea about the code for image fields. In my access data base i set photo1 and photo2 as herf (binary data). Code:
View Replies
View Related
I have a form which inputs info into a database. However what I would like is to populate a select box directly from the dbase. When the form is entered the field is updated along with all the other info.
I have enclosed two of my pages - I think I'm nearly there.
View Replies
View Related
I've got a form inserting some data into the DB.
When I try to insert data with "'" in between, say Dummy's.
I get an sql syntax error.
Heres my code:
strTitle = CStr(Request.Form(txtTitle))
sql_insert = "INSERT INTO db VALUES ('&txtTitle&')"
I can insert any data as long as it doesn't have "'".
Is there anyway I can go around it?
View Replies
View Related
I am designing a website for a friend that has a backend database that holds information on all the stock they have and this gets displayed onto the page no problems.
The only problem I have is when they add new items to the database, a part of the form is a textarea and in this teaxtarea they copy generated code from paypal (a form that is generated by Paypal as a add to basket button).
The problem I have got is that if you try to add this textarea to the database field what you get is a image of the paypal button and no code.
I have tried the replace function, concatenated it in comments etc but all i get is a blank field or a image of the button.
View Replies
View Related
i have fixed my code and there was no error at all, it executed well and the msg "The quote has been sent" appeared. But although it was working, but it seemed that it didn't really sent the Firstname and Address to the email. Why? here's my code :
View Replies
View Related
I'm working on a form where the user is not required to fill out every text input. How mught I check for that in an ASP script. Here's what I have:
If Request.Form("mp3title1") == ""
amnt = 0;
Else If Request.Form("mp3title2") == ""
amnt = 1;
Else If Request.Form("mp3title3") == ""
amnt = 2;
Else If Request.Form("mp3title4") == ""
amnt = 3;
Else If Request.Form("mp3title5") == ""
amnt = 4;
End If
Pretty straight forward, its checking in order if the first element is left blank, is the correct technique:
== "", or is there more to it?
View Replies
View Related
how do i allow the user to add in a value that has a ' in it (e.g int'l) apperantly if i do that there will be an error... how do i go about this?
View Replies
View Related
I want to send the data from a user's form input in an ASP email. For instance, shen the user submits their name and email address on a form, I would receive an email with those fields mixed in with a plain text message. How can I do this?
I have programmed extensively in other languages, but not ASP (our company is switching from ColdFusion), so I will need my answer in fairly introductory ASP terms.
View Replies
View Related
How can I specify formatting restrictions for special fields like Postal Code
(format X1X 2C2) or date input field MM/DD/YYYY? I have Acces DB with these specs, but when I used FP2002 Database Interface Wizard, it ignores these. Also I am unable to "edit" any of the records utilizing pages generated by this wizard.
There is an error that it will not accept empty fields. I have no problem adding data (even if some fields are empty) or deleting records.
View Replies
View Related
I have a form, where the user types their initals and it then returns some results. However, the Oracle database requires the initials to be in capitals, how can I convert the user input to upppercase?
View Replies
View Related
I'm developing an account lookup, mostly in ASP, that displays a list of radio buttons to select one account from those found in a recordset. Here is a snip of the account display, after the recordset is populated: Code:
View Replies
View Related
I'm reading data from an XML form and prepopulating a FORM. For the text inputs I have no problem prepopulating the Values from the file...
document.forms[0].elements['FormName'].value=xmlObj.childNodes(0).childNodes(0).firstChild.text;
But one of my fields is based on input from a radio input (three inputs with a value of 1,2,3). Since they all have the same name using the code above will not set they value for any of them. Anybody else run into this, or have a suggested way I should do this.
View Replies
View Related
I'm trying to create an input screen that allows users to create a hierarchical structure as the one below, but have no clue where to start or how to construct it. Code:
View Replies
View Related
How to search a database field from form input? is it easy to do i like to have a html form from an html page that will call an asp page to do db search, if user enter a zipcode that match in the database it will pull all the infomation from both talbes and display on the screen
i have 2 tables related to each other
contact table
id, fname, lastname, contactid, email
zip table
id, zip, contactid, city
View Replies
View Related
