Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Jul 2007
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Trouble with ASP Form Validation

    Hi. I'm (obviously) a pretty big newb when it comes to ASP. I've had reasonable success with PHP but this is the first Window's server I've had to work on so I've been trying to get myself as familiar with ASP as possible.

    Anyway, I've got this registration form working correctly when I wanted to make the three final boxes required. Initially I thought I was successful in making Name, Phone, and E-mail required but then I realized that regardless of what I put in, it came back as an invalid submission. The ASP script I'm using is

    Code:
    <%
    
        DIM strreal_name, strphone_number, stre_mail
        strreal_name = Request.Form("Real Name")
        strphone_number = Request.Form("Phone Number")
        stre_mail = Request.Form("E-Mail")
    
        IF strreal_name <> "" AND strphone_number <> "" AND stre_mail <> "" THEN    
    	
    Set Mailer = Server.CreateObject("SMTPsvg.Mailer")
    Mailer.FromName = "CASA Website Registration"
    Mailer.FromAddress= "registration@casaforkidsofet.org"
    Mailer.RemoteHost = "localhost"
    Mailer.AddRecipient "Georgia Harris", "z.herring@gmail.com"
    Mailer.AddExtraHeader "X-MimeOLE:Produced yourdomain.com"
    Mailer.Subject = "Form Submission"
    
    strMsgHeader = "Form information follows" & vbCrLf
    for each qryItem in Request.Form
      strMsgInfo = strMsgInfo & qryItem & " - " & request.Form(qryItem) & vbCrLf
    next
    strMsgFooter = vbCrLf & "End of form information"
    
    Mailer.BodyText = strMsgHeader & strMsgInfo & strMsgFooter
    if Mailer.SendMail then
      Response.Redirect("ok.htm?" & EmailFrom)
    else
      Response.Write "Mail send failure. Error was " & Mailer.Response
    end if
    set Mailer = Nothing
    
    ELSE
    
        Response.Write "<p>Please click back on your browser and complete the following fields:</p>"
        IF strreal_name <> "" THEN
        ELSE
        Response.Write "<b>• Name</b><br>"
        END IF
        IF strphone_number <> "" THEN
        ELSE
        Response.Write "<b>• Phone Number</b><br>"
        END IF
        IF stre_mail <> "" THEN
        ELSE
        Response.Write "<b>• E-Mail</b><br>"
        END IF
    
        END IF
    
    
    
    
    %>
    I honestly can't find what I'm doing wrong. I've googled this problem for hours now, gone back over and over again all of the ASP scripts I was referencing and I'm apparently missing a pretty big something. Any assistance would be greatly appreciated.

    Thanks for your time and (hopefully) your help.


  • #2
    Regular Coder
    Join Date
    Mar 2007
    Posts
    505
    Thanks
    1
    Thanked 19 Times in 19 Posts
    It's actually much simpler than you think, and it has something to do with your ASP, but not much...

    In your HTML form, your 3 input fields are:

    Code:
    <input name="Real_Name" type="text" id="Real_Name" size="32">
    <input name="Phone_Number" type="text" id="Phone_Number" size="32">
    <input name="E_Mail" type="text" id="E_Mail" size="32">
    However, your ASP is looking for:

    Code:
        strreal_name = Request.Form("Real Name")
        strphone_number = Request.Form("Phone Number")
        stre_mail = Request.Form("E-Mail")
    Notice the difference?

    Your HTML fields have UNDERSCOREs and your ASP has SPACEs.

    Try:

    Code:
        strreal_name = Request.Form("Real_Name")
        strphone_number = Request.Form("Phone_Number")
        stre_mail = Request.Form("E_Mail")

    Remember - Things need to match up EXACTLY, although not case-sensitivity.

    Now, for some CYA... You need to do some validation on the text. You don't want people sending you crap data.

    Use JavaScript (or post-form-processing ASP) to check the data and make sure it's what you want.

    If you are inserting this data into a database at all, then you really need to consider this due to SQL injection.

    HTH!
    To say my fate is not tied to your fate is like saying, 'Your end of the boat is sinking.' -- Hugh Downs
    Please, if you found my post helpful, pay it forward. Go and help someone else today.

  • #3
    New to the CF scene
    Join Date
    Jul 2007
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thank you so much for your help and suggestions. I was hoping it wasn't something stupid, but sure enough...

    Oh well. Thanks again. Greatly appreciated.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •