Treat User Input As Text Only (allowing The Apostrophe)
Isn't there some line of code that I can write to tell ASP to treat everything between BLAH and /BLAH as text (including the apostrophe). So that users can type a name of "O'Malley" in a form and I can retrieve it and store it in my database.
I want to track the steps the user has gone through to get to this page and then display links so they can click on them to go back to that page. I would do this as hard code but the problem is most of the pages can be accessed from several different pages.
ex. a product page a home page and a specials page
the path to the product can be home -->product or home-->specials --> product
exactly like the viewing link at the top of this page but in asp.net instead of php.
I am running into a very common problem that i cannot seem to find a solution for. I have an access database with a text field. Some of the records will contain an apostrophe. i have used the replace method to escape the apostrophe and turn it into ~~~. I can sucessfully change that back to an apostrophe everywhere but a text box. Here is my code:
I'm using the following code and if someone enters something in the "instructions" field with characters -"', - it causes the SQL statement to change using those characters.
Does anyone know if its possible to create and email HTML forms. Email recipients would then input information to these forms in the same way that they would on a web page. Pressing the submit button would mail the form back, after which it would be separately submitted to an ASP page on the web server for processing.
The main reason for this is so we don't have all the issues associated with firewalls and security to deal with. Our corporate mail servers will strip out viruses so that not a problem.
I have a form that I am trying to append to include a CAPTCHA validation field.
I have added the CAPTCHA code to the end of the form itself and now I am struggling to make the processor do a couple of things:
***If the CAPTCHA validates as well as all the form input data>>confirmation page and send appropriate email.
***If the form is filled out, but the CAPTCHA authentication is wrong>>go back to the same page, keep the form filled out, and give one more chance to correctly enter the CAPTCHA field.
***If the form is being spammed.......fail and die gracefully.
What is the best way to handle user input into a form which passes info to an .asp application. The problem I have is if somebody enters in "dave's" the asp code breaks because of the ' in the input field. What is the best way to handle this kind of input?
ASP without Access database (my webserver does not support this). I'm looking for some ASP code that can show a calendar on a webpage. The people looking at the page should be able to type in a small message and a date and then send the info to the webpage. which then updates itself.
I have a more specific example of my needs. Often when I need to arrange a meeting with friends, then I send out a mail to ex. 10 persons. They can choose between 3 different days and I want to find the day that most people can come.
Instead of getting mails back and evaluate thise, I would like them to make their reservation on the asp-webpage. This way the others can follow the "favorite" day that is accurring when a few people has typed their favorite meetingday. Hope this was understandable.
I have forms and photo upload features in my website. I'm using IIS 5.1 in Windows XP Pro. What do I need to add into my code to validate user input? I had SQL injection attack before, now I use replace function to remove any malicious words such as SELE, DELE, Ad, etc.. to prevent SQL injection attack. Are there any other attacks which it can be triggered in a text input field? What do I need to do to prevent it?
I also have a photo upload feature, it allows user upload photos to my table and the photo will be displayed in the gallery. How can I validate the user upload file is image file only? I mean user might be able to upload malicious scripts, virus to my server. How can I prevent that?
I have written a function to validate user input, so that it properly returns a valid time if the user inputs 1600 or 16:00 or 4:00 pm the time is properly formatted (it may need a little more tweaking, but you get the idea) This is the function : Code:
I have a HTML page with a form on it. I have an ASP page that processes what a user has entered into the form (updates a database etc).
I now need a page that fits between these two pages to pre-process�the users input. I need to do it this way because I am not allowed to change either of the two existing pages.
I know how to read what the user has input into the form and I know how to pass control onto the next page.
What I have not been able to work out is how to change the user input and have those changes passed onto the next page as if nothing has happened (that is, the original ASP page just performs its request.form(�item�) calls as it always has but instead of seeing what the user actually typed in, it should see the changed text as created by the new pre process� page)
I have tried using a regular expression replace but can only successfully make this change a variable and not the original form input. Equally I cannot find a way of swapping the original form input string with the output variable from the replace.
I am working on a web application that uses both asp classic and asp.net pages. We need to validate user input to avoid attacks like sql injection. Can a component be created that both page types can use? Is that the best approach? Would I simply use pattern matching to validate strings and/or remove any unwanted characters?
write a simple function to check the user input from a form. I need to check that the string contains only numbers, has a maximum leght of say 15 and that the first number is zero.
I have Database with 2x tables one with Client data and 2nd with invoice data. When a new invoice is submited in the invoice data I enter only the client ID not all the client data.
Ok the problem is that when I want to print out the last or any invoice data I have only the Client ID not the all client data.
How to select query according to User Input for a WebPage in C#.Net with SQL Server 2000.I am trying to build a web page in C#.NET with SQL Server 2000 using Visual Web Developer 2005. I want to select and execute the query according to user input.
I have a form which has 2 textboxes which gets start date and end date from the user. Based on start/end date my 1st query runs. Now if user does not enter any start/end date I want to run another query which takes default dates from database(which is in varchar:ex. now()/now()-180) according to logged on user's permisstions.
Have an ASP page on internet, where I let the user write his email address. Today I see that this text input field has got a yellow background instead of the normal white as the other input fields. The code is quite normal. Using IE 6.0.2900. It has not appeared before. Then I rebooted the computer,but got the same result.When I try another computer, also with XP pro and the same IE, the text input is white as it should.
I have a form with an text box called keywords. I want to get the text typed in by the user from this box (which will pobably be built up of several words).
I have declared arrsplitkeywords to assign these words to. But first i have split the input from the text box where there is a space. See the line of code below:
i made database with these fields : id ,name , address ,favo ,email , phone now i did every thing ok i can add data readdata search by on of any field. but i do not know how can i search with 3 fields . i mean i need page include 3 input text one for name 2nd for email , and 3rd for phone . also botton for search but i want when the user do not input any name or email and click on search botton popup messege come tell you must input all fileds then back to search page . if he input all and click search i want new page read data from database.
I am trying to build an asp page the displays 100 characters from text inputed into a text area. The page keeps breaking because it counts any HTML code the text might have. I would like to have it count the words instead and when I write out the words it includes any underlying html.
For example, here is a sentence: "The fox jumps over the lazy dog" and I could cut this sentence in half by counting out the first 18 character and only outputing those respectively. Everything would work just fine. But if the sentence is like this "The fox jumps <a href='http://www.microsoft.com' target='_blank'>over</a> the lazy dog." a simple letter count no longer works for me. If I printed out the first 18 characters then it will break my "href" tag and therefore would mess up the formatting of my page. Can someone point me to an article or component that will assist me in correcting this?
I want to create some text input fields which they should all have the same size regardless the browser version or type. Because my text input field looks different in size if I view them from a different computer. Is the following coding should solve the problem?
how do i allow the user to add in a value that has a ' in it (e.g int'l) in the form. apperantly if i do that there will be an error... how do i go about this?
I'm using Access Database with ASP. There is one particular thing that I have issue with.
My purpose is for user to update their own profile. Their existing profile information will be display in Edit Form format. The problem is if the field has space, the second word will not display, when I display in input text format.
E.g if My first name "User_FirstName" in my table has entry, let say "David Johnson" as FirstName, when I execute following code and do a input text, it will display "David" only. Code:
I have a website with a Guessbook section. Lately I noticed someone copy and pasted a long http address to promote viagra.. I believe he simply copy and paste the whole link into the text input field and submit several times. It created multiple entries in my guessbook.
How can I prevent this? I was thinking if it is possible for me to write some code to disable people using the control-p to paste text in my text input field.. Can I really do that? What other options do I have?
I want to have a user input a value (1 through 10) in a form. Then click submit. and right under that have text appear depending on what they input. This is what I have, but it doesn't work. I'm not understanding the flow of the script getting called. Code:
I am currently making a form in asp and when i make the text boxes they are all formatted to the same size, even if I use the width=*** to change the size? Is there another way to make the input text boxes smaller or bigger?
Basically I want to be able to create a user control that is more or less just a Panel. I want to be able to set properties like background color, border, etc by default within the user control and then do something like <mynamespace:mypanel>Text and stuff to go in the Panel</mynamespace:mypanel>.
I would like to be able to put links, tables, and any other kind of HTML stuff inside the Panel. What property of my class/user control would the text part be? Am I going about this the entirely wrong way?
All I really want to do is to be able to set some properties of my Panel automatically without having to type each property over and over again every time I create a Panel.