On Sat, 15 Jul 2006 16:49:30 -0500, FayeC <fa*******@hotm ail.comwrote:
Can anybody point me to a good tutorial/manual on advanced server-side
form validation including validation of fields against unwanted
strings such as the use of "http://".
I have no specific references to direct you to, but I tend to create a
class for each form that has one method which reads the form data from a
collection (usually one of either the QueryString or Form properties of
the Request object), and a second that returns True if the data is
valid. The form data itself is exposed as properties, and there is
usually a collection of error messages that is populated by the
validation method. Even if you never use the form in more than one
place, it's nice to get all the form processing code out of the main
flow of the page.
A quick 'n dirty (and rather obnoxious) new account form using this
style follows.
Class NewAccountForm
Public UserName
Public Password1
Public Password2
Public Email
Public WhatNumberAmITh inkingOf
Public Messages
Function Init(form)
UserName = Trim(form("user name"))
Password1 = Trim(form("pass word1"))
Password2 = Trim(form("pass word2"))
Email = Trim(form("emai l"))
WhatNumberAmITh inkingOf = form("whatnumbe ramithinkingof" )
If IsNumeric(WhatN umberAmIThinkin gOf) Then
WhatNumberAmITh inkingOf = CLng(WhatNumber AmIThinkingOf)
Else
WhatNumberAmITh inkingOf = 0
End If
Set Init = Me
End Function
Function DataValid()
DataValid = True
If Len(UserName) = 0 Then
Messages("usern ame") = "Please enter a username."
DataValid = False
End If
If Len(Password1) = 0 Then
Messages("passw ord1") = "Please enter password."
DataValid = False
ElseIf Password1 <Password2
Messages("passw ord1") = "Passwords do not match."
DataValid = False
End If
If Len(Email) = 0 Then
Messages("email ") = "Please enter an email address."
DataValid = False
ElseIf InStr(Email, "@") = 0 Or InStr(Email, ".") = 0 Then
Messages("email ") = "Please enter a valid email address"
DataValid = False
End If
If WhatNumberAmITh inkingOf <5 Then
Messages("whatn umberamithinkin gof") = "Ha! Nice try, buddy!"
DataValid = False
End If
End Function
Private Sub Class_Initializ e
Set Messages = CreateObject("S cripting.Dictio nary")
End Sub
End Class
--
Justin Piper
Bizco Technologies
http://www.bizco.com/