Retaining User Input...
I have a form that I am trying to append to include a CAPTCHA validation field.
I have added the CAPTCHA code to the end of the form itself and now I am struggling to make the processor do a couple of things:
***If the CAPTCHA validates as well as all the form input data>>confirmation page and send appropriate email.
***If the form is filled out, but the CAPTCHA authentication is wrong>>go back to the same page, keep the form filled out, and give one more chance to correctly enter the CAPTCHA field.
***If the form is being spammed.......fail and die gracefully.
Here is the processor code thus far: Code:
View Replies
ADVERTISEMENT
I'm using the following code and if someone enters something in the "instructions" field with characters -"', - it causes the SQL statement to change using those characters.
Dim strSQLadd
strSQLadd = "INSERT INTO orders" &_
"(form_number, orig_number, order_loannum, order_date, order_time, order_address, order_city, order_zip," &_
"order_contact, order_lockbox, order_agent, order_homephone, order_workphone, order_cellphone," &_
"order_legal, order_instructions, order_deliver, order_pay, order_altmail, order_appraiser) " &_
"VALUES (" & FormNum & "," & OrigNum & ",'" & CaseNum & "','" & OrderDate & "','" & OrderTime & "','" & pave & "','" & City & "','" &_
Zip & "','" & Owner & "','" & LockBox & "','" & Agents & "','" & BorHmP & "','" & BorWrkP & "','" &_
BorCellP & "','" & Legal & "','" & Instruct & "','" & DeliverType & "','" & Payment & "','" & AltMailType & "','" & AppName &"');"
objconn.Execute (strSQLadd)
View Replies
View Related
Does anyone know if its possible to create and email HTML
forms. Email recipients would then input information to
these forms in the same way that they would on a web
page. Pressing the submit button would mail the form
back, after which it would be separately submitted to an
ASP page on the web server for processing.
The main reason for this is so we don't have all the
issues associated with firewalls and security to deal
with. Our corporate mail servers will strip out viruses
so that not a problem.
View Replies
View Related
What is the best way to handle user input into a form which passes info to an .asp application. The problem I have is if somebody enters in "dave's" the asp code breaks because of the ' in the input field. What is the best way to handle this kind of input?
View Replies
View Related
ASP without Access database (my webserver does not support this). I'm looking for some ASP code that can show a calendar on a webpage. The people looking at the page should be able to type in a small message and a date and then send the info to the webpage. which then updates itself.
I have a more specific example of my needs. Often when I need to arrange a meeting with friends, then I send out a mail to ex. 10 persons. They can choose between 3 different days and I want to find the day that most people can come.
Instead of getting mails back and evaluate thise, I would like them to make their reservation on the asp-webpage. This way the others can follow the "favorite" day that is accurring when a few people has typed their favorite meetingday. Hope this was understandable.
View Replies
View Related
I have forms and photo upload features in my website. I'm using IIS 5.1 in Windows XP Pro. What do I need to add into my code to validate user input? I had SQL injection attack before, now I use replace function to remove any malicious words such as SELE, DELE, Ad, etc.. to prevent SQL injection attack. Are there any other attacks which it can be triggered in a text input field? What do I need to do to prevent it?
I also have a photo upload feature, it allows user upload photos to my table and the photo will be displayed in the gallery. How can I validate the user upload file is image file only? I mean user might be able to upload malicious scripts, virus to my server. How can I prevent that?
View Replies
View Related
I have written a function to validate user input, so that it properly returns a valid time if the user inputs 1600 or 16:00 or 4:00 pm the time is properly formatted (it may need a little more tweaking, but you get the idea) This is the function : Code:
View Replies
View Related
I have a HTML page with a form on it. I have an ASP page that processes what a user has entered into the form (updates a database etc).
I now need a page that fits between these two pages to pre-process�the users input. I need to do it this way because I am not allowed to change either of the two existing pages.
I know how to read what the user has input into the form and I know how to pass control onto the next page.
What I have not been able to work out is how to change the user input and have those changes passed onto the next page as if nothing has happened (that is, the original ASP page just performs its request.form(�item�) calls as it always has but instead of seeing what the user actually typed in, it should see the changed text as created by the new pre process� page)
I have tried using a regular expression replace but can only successfully make this change a variable and not the original form input. Equally I cannot find a way of swapping the original form input string with the output variable from the replace.
Does anyone have any ideas on this one?
View Replies
View Related
I want to add the "Did you mean" - Google feature to searches on my
website.
My website lets users search for a business using different
parameters.
If there is no match, I want to do a spell check on the entered
parameters.
I need to be able to check words with an english dictionary as well as
add words(business names) to the dictionary. Code:
View Replies
View Related
I am working on a web application that uses both asp classic and asp.net
pages. We need to validate user input to avoid attacks like sql injection.
Can a component be created that both page types can use? Is that the best
approach? Would I simply use pattern matching to validate strings and/or
remove any unwanted characters?
View Replies
View Related
This problem only occur when ppl using NetScape 7.2 I've tested it myself and it works in IE and it DOESN"T work in NetScape 7.2 Here is the code:
View Replies
View Related
write a simple function to check the user input from a form. I need to check that the string contains only numbers, has a maximum leght of say 15 and that the first number is zero.
View Replies
View Related
Isn't there some line of code that I can write to tell ASP to treat everything between BLAH and /BLAH as text (including the apostrophe). So that users can type a name of "O'Malley" in a form and I can retrieve it and store it in my database.
View Replies
View Related
How to select query according to User Input for a WebPage in C#.Net with SQL Server 2000.I am trying to build a web page in C#.NET with SQL Server 2000 using Visual Web Developer 2005. I want to select and execute the query according to user input.
I have a form which has 2 textboxes which gets start date and end date from the user. Based on start/end date my 1st query runs. Now if user does not enter any start/end date I want to run another query which takes default dates from database(which is in varchar:ex. now()/now()-180) according to logged on user's permisstions.
How to select query ?
View Replies
View Related
Am using the function
Code:
window.history.go(-1);
to re-direct users back to the form they submit when certain conditions are not met.
The test works fine, but all user inputs disappear when the function re-directs them back to the form. What can i use to make the form inputs still be available to users when they are re-directed by the function.
View Replies
View Related
I have developed a web page using vbscript for calculations (similar to an invoice). I would like to save the values entered into the fields when the user would like to save the information to update at a later time. Is there a simple code that will allow me to do this? I would like to do this without using a link to a database, this page is being run by a client, not thru a server.
View Replies
View Related
I have an asp page for sending emails.I just added the option for attaching files.My page has a structure similar to teh yahoo email(with the "attach" files button).After attaching the files,the user should be able to return to the main page and continue with the message.
What should I use to retain the text in the boxes,so that teh user cau continue to the message?I also have other forms,like drop-down menus and I would also like to retain the values selected by the user.
View Replies
View Related
I have created a asp page "AddUsers.asp" which allows the admin to create new user ids.The admin fills in all relevant details and clicks on submit.The form gets posted to a page "Insertusers.asp" which checks if the new entered userid already exists in a database.
If the userid already exists, page display a message saying "Userid already exists" and a back button(link to Addusers.asp).When the admin clicks on back button, it takes him to Addusers.asp and all the relevant details entered in a form are lost.Again he has to fill in all the details which i want to avoid.How can i retain the values entered in the form so that the admin can change only the userid and submit the form again?
View Replies
View Related
I have search capability in the web site that I'm working on. I submit my search criteria, and using the post method, displays my results on a results page. Now here is the problem: If I click on a link within the results, and opt to go back to the results page, my page has expired as it needs to request those objects.
I used for the search criteria again to repost and display the results. Is there an easy way around this so that when I hit the back button it can just redisplay the results with the criteria I've already used to query?
View Replies
View Related
I have several users data elements that I want to maintain and persist. I've created a cookie with keys to do this, but having problems with it persisting.
1. Do you set the .Expires at the Cookie level or at the Key level?
2. Once you set the .Expires, do you need to reset it, if you then change
one of the Key values?
3. If 2 = Yes, then I'd like to have a common routine that set's the expires property in an include file. I've tried this, but I keep getting the "Object doesn't support this property or method: 'Response.Cookie'" error.
View Replies
View Related
I have a form where users enter informaiton including a zip code. I was hoping that after they submit their info I could retain that zip code for the next page. The end result would be to have a page with a link that says "Click here for directions to our event!" and have the link go to mapquest directions from their zip code to mine.
Looking at Mapquest's URLs it seems they come in a very standard format that one could easily plug two zip codes into the url and have directions from place to place.The users do not have to log in to enter data into the form (my Google-ing has turned up stuff on session variables, but that seems to require log-ins).
I am gonna play around with this for a while, but if anyone has any pointers or links that could get me going in the right direction.
View Replies
View Related
I have a little code to add multiple items to a shopping cart based
page. This code works perfect, but it adds all of the info to the
same input fields every time it loops. I need it to change the input
names each time it loops. Here is the code:
View Replies
View Related
I have being working with making an edit field over the past few days. The edit function is now working fine. The edit fields that i have are for id, subject, notes, timedate.
All of the edit screens are one line text screens. What I want to do now is increase the size of the notes box to a larger textarea type box to make it easier to edit notes. The notes field in the db is a textarea field. Code:
View Replies
View Related
I have written an ASP.NET 2.0 application that uses Active Directory or ADAM
to manage account users - the site has a page that allows people to create an
account (much like any site). The page populates the AD with all the
information and the user account but I am unable to enable the account.
Microsoft has information on how to do that here -->
http://msdn.microsoft.com/library/d...ting_a_user.asp
(the sample is for Visual Basic) - and I am unable to complete the bottom
portion of the script. Can some one point me in the right direction - or can
you tell me how I can add a snippet of VBscript code to an ASP.NET page.
I am using the Active DS Type library - not sure why there are multiple ones
(System.DirectoryServices) but it is rather confusing - I seem to accomplish
one thing with one and another with the other (they did have trouble
co-existing however). Anyway my script works very well but I am not able to
access the properties required to enable the account.
Here is a simple version (no error checking) of the code.....
View Replies
View Related
how to go about setting up an asp script or flash action script to take the input from a user of his/her username and password then send an email to the user with the information. I am able to do all of this but the problem is that the users pc is the one sending the email. I want the server to send the email instead.
View Replies
View Related
I have an input box that sends data over to the next page. This
input box was in a loop, there creating data looking like this: 2, 0,
0, 3, 0, 4, 0, 22, 0, 0, 0
How do i break the data up in such a way that i can populate it into my
db while running through a recordset?
View Replies
View Related
I have a problem with :
<input maxlength="10" name= "DateRep" type="text" style="width:115" onchange="UpdateCentralRep();" value=<%=Date()+1%>>
when its run in a MAC machine, it reload de whole page, instaed call UpdateCentralRep.
It works ok in PC!!!
View Replies
View Related
i create a dynamic table to modify user/account for administrative management.
I have modify & delete function to be performed.
The idea is that when the admin click the Delete link, he can delete a particular account/user. is it possible to pass variable of buff value to recID??
because when i see the result of request.querystring("recID"), i does not pass the mumerical value sound pretty simple but i can't get it. Code:
View Replies
View Related
when I use:
<input type=button id=Test>
the following code works
myform.Test.disabled = true
When I change the input box to type image none of the properties are available. I get the message "object doesn't support this property or method"
Can anyone tell me how to fix this.
View Replies
View Related
I am looking for something similar to "preg_match" and "preg_match_all" in PHP.
I have searched the forum with no luck. I hope you are able to give me some pointers
Basically I want to match some text from a form and loaded it into new variables making use of regular expressions. the text comes form a textarea input type. Code:
View Replies
View Related
I have a bummer here. I have 3 sub R. that I need to call from a input button. I set up the following line, but the script just calls them with out having the button pressed. OOOO! Any ideas?
<form method="submit" name="nreg" onsubmit="(this)" action="call readitme, call saveitme, call reduce" >
I have also used method="POST" same darn thing, script just runs the sub R. with out being pushed or cliked. UUUGGG
View Replies
View Related
Is there any way to clean the user input before saving to the database.I tried to use..
Function StripNonNum(strInput)
Dim regEx
Set regEx = New RegExp
regEx.Pattern ="^[w-.]{1,}@([da-zA-Z-]{1,}.){1,}[da-zA-Z-]{2,3}$"
regEx.IgnoreCase = True
regEx.Global = True
StripNonNum = regEx.Replace(strInput, "")
End Function
But It doesn't work when user cut&paste the information to screen.For eg.Cut&Paste from a CV which contains Bullet points is there any way to remove these bullet Points before data saving..
View Replies
View Related
when using a file input it only returns the filename
is there any way of returning the full path and file name?
View Replies
View Related
