1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Override request.form value

Discussion in 'C#' started by loolweb, Dec 6, 2006.

0
  1. #1
    I have this site with a lot of form pages in it.
    Now I would like to clean the request.form values in order to avoid malicious code injections.

    Since I don't want to go page by page and repeat writing the code to clean the values, I would like to do something generic for the site. So I have this module which is included in all my pages,
    and there I want to go over the request.form values and clean them from illegal characters.

    So the code looks like:
    for each x in Request.Form
	Request.Form(x)=replace(Request.Form(x),">"," ")
next
    Code (markup):
    which means that I want to replace the ">" character with " " (empty string).

    The thing is that I cannot override the request.form value.
    I'm getting this error:

    Microsoft VBScript runtime error '800a01b6'
    Object doesn't support this property or method: 'Request'

    Does ASP prevents this override?

    I know that with PHP you can override the $_POST values.

    Can someone here suggest how to workaround it?

    TX,
    loolweb guy.
     
    loolweb, Dec 6, 2006 IP
  2. pushkar

    pushkar Peon

    Messages:
    125
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #2
    U need to assign value.
    Do like this.
    I hope that may help u.
     
    pushkar, Dec 8, 2006 IP