Posted by david on 2. March 2009 17:57
all the micro references to msdn are because I’m trying to get rid of all the squigglies in VS.
msdn's html reference
<textarea name="Bio" class="required" id="cmiBio" cols="50" rows="10" minlength="2" maxlength="1000" onkeyup="limitChars(this, 1000, 'charlimitinfo')" onchange="check()"></textarea>
minlength & maxlength are “not valid attributes” of element textarea
re id … in classic asp this is defined by the author … I seem to recall that in asp.net the id is not defined by the author … that because asp.net is compiled, the server (?) generates the id. Thus you have to do those find(id) dealies.
re class … msdn doesn’t offer choices – says this Sets or retrieves the class of the object. … so, this is a css class?
msdn form reference
VBScript with Regular Expressions
oh crap, this pdf describes a workaround for regex injection protection:
RegExInjection
yahoo – got it working:
2009 03 02 004
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<script language="vbscript">
1:
2:
3: sub Validate()
4: dim inputString
5: dim targetRegularExpression
6: dim testResult
7:
8: inputString = myform.Bio.value
9:
10: set targetRegularExpression = new regexp
11: targetRegularExpression.Pattern = "^[^<>`~!/@\#}$%:;)(_^{&*=|'+]+$"
12: testResult = targetRegularExpression.Test(inputString)
13:
14: msgbox testResult
15:
16: ' regular expression from regexlib.com, Brendan Salta
17: ' http://regexlib.com/REDetails.aspx?regexp_id=412
18: ' Description of expression:
19: ' A general string validation to insure that NO malicious code
20: ' or specified characters are passed through user input.
21: ' This will allow you to input any characters except those specified.
22: ' The expression above does not allow user input
23: ' of <>`~!/@\#}$%:;)(_^{&*=|'+.
24: ' Input as many invalid characters you wish to deny. This really works!
25:
26: end sub
27:
28: sub mirrorTextArea()
29: dim accessform
30: accessform = myform.Bio.value
31: MsgBox "text area holds: ' " & accessform & " '"
32: end sub
33:
34:
</script>
<title>2009 03 02 004</title>
</head>
<body>
<a href="../../Default.aspx">Projects</a> / 2009 03 02 004
<form name="myform" method="post">
<textarea name="Bio" id="cmiBio" cols="50" rows="10" minlength="2" maxlength="1000" onkeyup="limitChars(this, 1000, 'charlimitinfo')"></textarea>
</form>
<input type="button" id="Button1" value="mirror textarea" onclick="mirrorTextArea()"/>
<input type="button" id="Button2" value="Validate" onclick="Validate()"/>
</body>
</html>
it only pops up message boxes in response to the buttons. Haven’t figured out how to direct my output, yet. So much easier in .NET.