验证为窗体和查询字符串的ASP经典使用正则表达式。几乎工作,但缺少的东西? [英] Validation for Form and QueryString in ASP Classic using Regex. Almost working but missing something?
问题描述
我试图用如下所示的功能/ code以添加经典ASP一些输入验证。
这看起来像它的正常工作的只有一个文本类型。其他的我不断收到错误或者它只是不正确筛选。
我想了解我在做什么错了,请帮助我。
I'm trying to add some Input Validation in Classic ASP by using the function/code seen below. The only one that looks like it's working correctly is the "text" type. the others I keep getting errors or it just does not filter correctly. I'm trying to understand what I'm doing wrong please help me.
有效数据类型:电子邮件,整数,日期,串和文本。
前三个是显而易见的,近两年有细微的差别。
Valid Data Types: "email", "integer", "date", "string" and "text". The first three are obvious, the last two have slight differences.
在电子邮件应该只允许数字和leters,和下面的字符 @ , - ,<强>。, _
The "email" should only allow numbers and leters, and the following characters "@" , "-" , "." , "_"
在日期应该通过运行则IsDate验证,如果真然后让若假没有。
The "date" should validate by running IsDate and if True then allow if False DON'T.
在字符串应该验证基于文本的查询字符串,只允许字母,数字,_, - 和。
The "string" should validate text-based querystrings, allowing only letters, numbers, _, - and .
而文字是所有自由格式的文本表单字段类型的内容。
Whereas "text" is any free-form text form field type content.
在整数只允许数字和一个句号(。)
The "integer" should only allow numbers and a period (.)
用法示例:的 &LT;输入类型=文本VALUE =&LT;%= MakeSafe(test@test.com< /HTML>1234.5\",integer,50)%GT;&GT;
例如:的 MakeSafe(DataInput中的,数据类型的数据长度)
<%
'// CODE BY: dB Masters
'// FOUND AT: http://successontheweb.blogspot.com/2008/03/input-validation-for-security-in.html
Function MakeSafeConvert(encodeData)
encodeData = replace(encodeData,"&", "&")
encodeData = replace(encodeData,"'", "'")
encodeData = replace(encodeData,"""", """)
encodeData = replace(encodeData,">", ">")
encodeData = replace(encodeData,"<", "<")
encodeData = replace(encodeData,")", ")")
encodeData = replace(encodeData,"(", "(")
encodeData = replace(encodeData,"]", "]")
encodeData = replace(encodeData,"[", "[")
encodeData = replace(encodeData,"}", "}")
encodeData = replace(encodeData,"{", "{")
encodeData = replace(encodeData,"--", "--")
encodeData = replace(encodeData,"=", "=")
MakeSafeConvert = encodeData
End Function
Function MakeSafe(dataInput,dataType,dataLength)
Dim regex, validInput, expressionmatch
regex = ""
validInput = "1"
If dataType = "string" And Len(dataInput) > 0 Then
regex = "^[\w-\.]{1,"& dataLength &"}$"
ElseIf dataType = "email" And Len(dataInput) > 0 Then
regex = "^[\w-\.]+@([\w-]+\.)+[\w-]{2,6}$"
ElseIf dataType = "integer" And Len(dataInput) > 0 Then
regex = "^\d{1,"& dataLength &"}$"
ElseIf dataType = "date" And Len(dataInput) > 0 Then
If Not IsDate(dataInput) Then validInput = "0" End If
ElseIf dataType = "text" And Len(dataInput) > 0 Then
If Len(dataInput) > dataLength Then validInput = "0" End If
End If
If Len(regex) > 0 And Len(dataInput) > 0 Then
Set RegExpObj = New RegExp
RegExpObj.Pattern = regex
RegExpObj.IgnoreCase = True
RegExpObj.Global = True
RegExpChk = RegExpObj.Test(dataInput)
If Not RegExpChk Then
validInput = "0"
End If
Set RegExpObj = nothing
End If
If validInput = "1" And Len(dataInput) > 0 Then
MakeSafe = MakeSafeConvert(dataInput)
ElseIf Len(dataInput) = 0 Then
MakeSafe = ""
Else
Response.Write "<h2>Processing Halted.</h2>"
Response.End
End If
End Function
%>
示例code和ERROR(S):
当我测试这个使用code:
When I test this using the code:
&LT;%= MakeSafe(test@test.com1234.5,电子邮件,50)%>
的 * 的不验证什么。*
<%=MakeSafe("test@test.com1234.5",email,50)%>
* Does NOT Validate Anything.*
我没有得到一个错误信息,但它不验证任何东西。
I don't get an error message but it DOES NOT Validate anything.
**的输出是:test@test.com1/27/20121234.5
**The OUTPUT IS : test@test.com1/27/20121234.5
应该只有:test@test.com **
SHOULD BE ONLY: test@test.com**
当我测试这个使用code:
When I test this using the code:
&LT;%= MakeSafe(test@test.com1/27/20121234.5,日期,50)%>
我没有得到一个错误信息,但它不验证任何东西。
I don't get an error message but it DOES NOT Validate anything.
输出为:test@test.com1/27/20121234.5
应该只有:2012年1月27日
The OUTPUT IS : test@test.com1/27/20121234.5 SHOULD BE ONLY: 1/27/2012
另外两个给我这个错误消息:
The other two give me this error message:
&LT;%= MakeSafe(test@test.com1234.5,弦乐,50)%> 结果
的 * 的错误!!!参数或无效的属性赋值错误号:字符串
<%=MakeSafe("test@test.com1234.5",string,50)%>
* ERROR!!! Wrong number of arguments or invalid property assignment: 'string'
&LT;%= MakeSafe(test@test.com1234.5,整数,50)%>
的 * 的错误!!!语法错误
* ERROR!!! Syntax error
感谢你这么多,你提供...
Thank you so much for any help that you provide...
推荐答案
如果它不是一个错字那么你的错是在函数调用的第二个参数。
If it's not a typo then your fault was in the second parameter of the function call.
您调用像功能:
<%=MakeSafe("test@test.com1234.5",email,50)%>
这是错误的,因为你应该......第二个参数了。这应该工作:
which is wrong because you should "..." the second parameter too. This should work:
<%=MakeSafe("test@test.com1234.5","email",50)%>
这篇关于验证为窗体和查询字符串的ASP经典使用正则表达式。几乎工作,但缺少的东西?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!