|
Ensuring Proper Password FormatIf you're asking your users to submit a password of 6-12 characters, you want to make sure it is done properly and without any special characters which could compromise your system. To do this, you would want to use regular expressions. Be sure to read the articles on this site that explain how regular expressions work if you have not used them before. The code would look like this: NewPass = request("newpass") Dim RegEx Set RegEx = New regexp RegEx.Pattern = "^[A-Za-z0-9]{6,12}$" RegEx.Global = True RegEx.IgnoreCase = True if RegEx.Test(NewPass) = FALSE then response.redirect("error.asp") Set RegEx = NOTHING That ensures that the user-submitted password is 6-12 characters long and is made up solely of letters and numbers - no special characters like ; or ' that might jeopardize your database security. Note that you need the ^ at the beginning and $ at the end. That ensures that the entire pattern matches - from the very beginning to the very end of the string. Be sure to use input checks not only on your passwords, but on anything the user submits that then gets sent along to a database query! ASP Utility Code Bookmark this site so you can reference it any time you have ASP questions in the future! All content copyright © 2012 Minerva WebWorks LLC. All rights reserved.
|
|