Can anybody point me to a good tutorial/manual on advanced server-side
form validation including validation of fields against unwanted
strings such as the use of "http://".

Thank you in advance,

FayeC

FayeC wrote:
You can go two ways with this kind of thing, depending on how complex
your validation is and what action you want to take as a result of
invalid data.  Your example is straightfoward.  Use of instr against
the string will find whether something like "http://" is in there.
Most of these tasks can be accomplished using the built-in functions.
More complex tasks might benefit from the use of Regular Expressions.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/html/scripting051099.asp

On Sat, 15 Jul 2006 16:49:30 -0500, FayeC <fayec_***@hotmail.com> wrote:

I have no specific references to direct you to, but I tend to create a
class for each form that has one method which reads the form data from a
collection (usually one of either the QueryString or Form properties of
the Request object), and a second that returns True if the data is
valid. The form data itself is exposed as properties, and there is
usually a collection of error messages that is populated by the
validation method. Even if you never use the form in more than one
place, it's nice to get all the form processing code out of the main
flow of the page.

A quick 'n dirty (and rather obnoxious) new account form using this
style follows.

    Class NewAccountForm
       Public UserName
       Public Password1
       Public Password2
       Public Email
       Public WhatNumberAmIThinkingOf

       Public Messages

       Function Init(form)
          UserName  = Trim(form("username"))
          Password1 = Trim(form("password1"))
          Password2 = Trim(form("password2"))
          Email     = Trim(form("email"))

          WhatNumberAmIThinkingOf = form("whatnumberamithinkingof")
          If IsNumeric(WhatNumberAmIThinkingOf) Then
             WhatNumberAmIThinkingOf = CLng(WhatNumberAmIThinkingOf)
          Else
             WhatNumberAmIThinkingOf = 0
          End If

          Set Init = Me
       End Function

       Function DataValid()
          DataValid = True

          If Len(UserName) = 0 Then
             Messages("username") = "Please enter a username."
             DataValid = False
          End If

          If Len(Password1) = 0 Then
             Messages("password1") = "Please enter password."
             DataValid = False
          ElseIf Password1 <> Password2
             Messages("password1") = "Passwords do not match."
             DataValid = False
          End If

          If Len(Email) = 0 Then
             Messages("email") = "Please enter an email address."
             DataValid = False
          ElseIf InStr(Email, "@") = 0 Or InStr(Email, ".") = 0 Then
             Messages("email") = "Please enter a valid email address"
             DataValid = False
          End If

          If WhatNumberAmIThinkingOf <> 5 Then
             Messages("whatnumberamithinkingof") = "Ha! Nice try, buddy!"
             DataValid = False
          End If
       End Function

       Private Sub Class_Initialize
          Set Messages = CreateObject("Scripting.Dictionary")
       End Sub
    End Class

Embed image in CDOSYS message
ASP Redirects
Variable Scope and Functions
CDO.Message sent whenever page loads, though the form not submitte
Second form validation problem