验证为窗体和查询字符串的ASP经典使用正则表达式。几乎工作，但缺少的东西？ [英] Validation for Form and QueryString in ASP Classic using Regex. Almost working but missing something?

问题描述

我试图用如下所示的功能/ code以添加经典ASP一些输入验证。
这看起来像它的正常工作的只有一个文本类型。其他的我不断收到错误或者它只是不正确筛选。
我想了解我在做什么错了，请帮助我。

I'm trying to add some Input Validation in Classic ASP by using the function/code seen below. The only one that looks like it's working correctly is the "text" type. the others I keep getting errors or it just does not filter correctly. I'm trying to understand what I'm doing wrong please help me.

有效数据类型：电子邮件，整数，日期，串和文本。
前三个是显而易见的，近两年有细微的差别。

Valid Data Types: "email", "integer", "date", "string" and "text". The first three are obvious, the last two have slight differences.

在电子邮件应该只允许数字和leters，和下面的字符 @ ， - ，<强>。， _

The "email" should only allow numbers and leters, and the following characters "@" , "-" , "." , "_"

在日期应该通过运行则IsDate验证，如果真然后让若假没有。

The "date" should validate by running IsDate and if True then allow if False DON'T.

在字符串应该验证基于文本的查询字符串，只允许字母，数字，_， - 和。

The "string" should validate text-based querystrings, allowing only letters, numbers, _, - and .

而文字是所有自由格式的文本表单字段类型的内容。

Whereas "text" is any free-form text form field type content.

在整数只允许数字和一个句号（。）

The "integer" should only allow numbers and a period (.)

用法示例：的 ＆LT;输入类型=文本VALUE =＆LT;％= MakeSafe（test@test.com< /HTML>1234.5\",integer,50）％GT;＆GT;

例如：的 MakeSafe（DataInput中的，数据类型的数据长度）

<%
'// CODE BY: dB Masters
'// FOUND AT: http://successontheweb.blogspot.com/2008/03/input-validation-for-security-in.html

Function MakeSafeConvert(encodeData)
encodeData = replace(encodeData,"&", "&#38;")
encodeData = replace(encodeData,"'", "&#39;")
encodeData = replace(encodeData,"""", "&quot;")
encodeData = replace(encodeData,">", "&gt;")
encodeData = replace(encodeData,"<", "&lt;")
encodeData = replace(encodeData,")", "&#41;")
encodeData = replace(encodeData,"(", "&#40;")
encodeData = replace(encodeData,"]", "&#93;")
encodeData = replace(encodeData,"[", "&#91;")
encodeData = replace(encodeData,"}", "&#125;")
encodeData = replace(encodeData,"{", "&#123;")
encodeData = replace(encodeData,"--", "&#45;&#45;")
encodeData = replace(encodeData,"=", "&#61;")
MakeSafeConvert = encodeData
End Function

Function MakeSafe(dataInput,dataType,dataLength)

Dim regex, validInput, expressionmatch
regex = ""
validInput = "1"

If dataType = "string" And Len(dataInput) > 0 Then
    regex = "^[\w-\.]{1,"& dataLength &"}$"
ElseIf dataType = "email" And Len(dataInput) > 0 Then
    regex = "^[\w-\.]+@([\w-]+\.)+[\w-]{2,6}$"
ElseIf dataType = "integer" And Len(dataInput) > 0 Then
    regex = "^\d{1,"& dataLength &"}$"
ElseIf dataType = "date" And Len(dataInput) > 0 Then
If Not IsDate(dataInput) Then validInput = "0" End If
ElseIf dataType = "text" And Len(dataInput) > 0 Then
If Len(dataInput) > dataLength Then validInput = "0" End If
End If

If Len(regex) > 0 And Len(dataInput) > 0 Then
    Set RegExpObj = New RegExp
    RegExpObj.Pattern = regex
    RegExpObj.IgnoreCase = True
    RegExpObj.Global = True
    RegExpChk = RegExpObj.Test(dataInput)

If Not RegExpChk Then
    validInput = "0"
    End If
    Set RegExpObj = nothing
End If

If validInput = "1" And Len(dataInput) > 0 Then
    MakeSafe = MakeSafeConvert(dataInput)
    ElseIf Len(dataInput) = 0 Then
    MakeSafe = ""
Else
    Response.Write "<h2>Processing Halted.</h2>"
    Response.End
End If

End Function
%>

示例code和ERROR（S）：

当我测试这个使用code：

When I test this using the code:

＆LT;％= MakeSafe（test@test.com1234.5，电子邮件，50）％>
的 * 的不验证什么。*

<%=MakeSafe("test@test.com1234.5",email,50)%> * Does NOT Validate Anything.*

我没有得到一个错误信息，但它不验证任何东西。

I don't get an error message but it DOES NOT Validate anything.

**的输出是：test@test.com1/27/20121234.5

**The OUTPUT IS : test@test.com1/27/20121234.5

应该只有：test@test.com **

SHOULD BE ONLY: test@test.com**

当我测试这个使用code：

When I test this using the code:

＆LT;％= MakeSafe（test@test.com1/27/20121234.5，日期，50）％>

我没有得到一个错误信息，但它不验证任何东西。

I don't get an error message but it DOES NOT Validate anything.

输出为：test@test.com1/27/20121234.5
应该只有：2012年1月27日

The OUTPUT IS : test@test.com1/27/20121234.5 SHOULD BE ONLY: 1/27/2012

另外两个给我这个错误消息：

The other two give me this error message:

＆LT;％= MakeSafe（test@test.com1234.5，弦乐，50）％> 结果
的 * 的错误!!!参数或无效的属性赋值错误号：字符串

<%=MakeSafe("test@test.com1234.5",string,50)%>
* ERROR!!! Wrong number of arguments or invalid property assignment: 'string'

＆LT;％= MakeSafe（test@test.com1234.5，整数，50）％>

的 * 的错误!!!语法错误

* ERROR!!! Syntax error

感谢你这么多，你提供...

Thank you so much for any help that you provide...

推荐答案

如果它不是一个错字那么你的错是在函数调用的第二个参数。

If it's not a typo then your fault was in the second parameter of the function call.

您调用像功能：

<%=MakeSafe("test@test.com1234.5",email,50)%>

这是错误的，因为你应该......第二个参数了。这应该工作：

which is wrong because you should "..." the second parameter too. This should work:

<%=MakeSafe("test@test.com1234.5","email",50)%>

这篇关于验证为窗体和查询字符串的ASP经典使用正则表达式。几乎工作，但缺少的东西？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！