Link to home
Start Free TrialLog in
Avatar of dandeliondream
dandeliondreamFlag for Singapore

asked on

classic ASP form with reCAPTCHA and input validation

I want to implement a classic ASP form as shown in http://www.andrebruton.com/recaptcha/
however how do i add validation for the first name, email etc. I'm using the below javascript for validation
<SCRIPT LANGUAGE="JavaScript">
<!--
function checkFrm(thisfrm)
{
	if (Trim (thisfrm.username.value) == "") {
		alert ("Please enter your user name first!");
		thisfrm.username.focus();
		return false;
	}
	else if (Trim (thisfrm.pwd.value) == "") {
		alert ("Please enter your password first!");
		thisfrm.pwd.focus();
		return false;
	}
	else if (thisfrm.pwd.value != thisfrm.repwd.value) {
		alert ("Your passwords have been inconsistent. Please enter them again!");
		thisfrm.pwd.focus ();
		return false;
	}
	else if (Trim (thisfrm.fullname.value) == "") {
		alert ("Please enter your name");
		thisfrm.fullname.focus();
		return false;
	}
/*<%if session ("IsLogin") = 1 AND Session ("UserType") = 2 then%>
	else if (Trim (thisfrm.offemail.value) != "") {
		if (!IsEmailValid (thisfrm.offemail))
			return false;
 
	}
<%end if%> */
 
	if (!checkFld(thisfrm.email, "e-mail address"))
		return false;
 
	if (!IsEmailValid (thisfrm.email))
		return false;
 
	return true;
}
//-->
</SCRIPT>
 
<form method="POST" NAME="mainform" action="register-action.asp" onSubmit="return checkFrm(this)">

Open in new window

Avatar of Wayne Barron
Wayne Barron
Flag of United States of America image

Javascript is a very bad idea, it is not secure.

If you are just wanting to make sure that the person fills out everything then.
You can have this on the same page as your form and just submit to itself.

See example below.
Good Luck
Carrzkiss

(Just copy the entire code and put it in 1 page, Save it and run it.)

<%
FN = trim(request.form("FirstName"))
LN = trim(request.form("LastName"))
UN = trim(request.form("Username"))
PW = trim(request.form("Password"))
VPW = trim(request.form("VerifyPassword"))
 
if FN ="" then%>
First Name is Required.
<%else
if LN="" then%>
Last Name is Required
<%else
if UN = "" then%>
Username is required
<%else
if PW="" then%>
Password is Required!
<%else
if PW<>VPW then%>
Your Password is not the same, please correct and resubmit again
<%end if
end if
end if
end if
end if%>
<form action="" method="post">
<table>
<tr><td>First Name</td><td><input name="FirstName" type="text" value="<%=FN%>"></td></tr>
<tr><td>Last Name</td><td><input name="LastName" type="text" value="<%=LN%>"></td></tr>
<tr><td>Username</td><td><input name="Username" type="text" value="<%=UN%>"></td></tr>
<tr><td>Password</td><td><input name="Password" type="password" value=""></td></tr>
<tr><td>Verify Password</td><td><input name="VerifyPassword" type="password" value=""></td></tr></table>
<input name="" type="submit">
 
</form>

Open in new window

The same code can be seen LIVE here.
http://ee.cffcs.com/Q_24688967/Q_24688967.asp

Good Luck
Carrzkiss
I changed the code up a little to make it work correctly.

I added in a Hidden Field Value

<input type="hidden" name="Pass" value="Form" />

And the, at the beginning of the script, I added in the Request,Form
If the Form is not submitted, then it will not pass no values to the page.
If the form is submitted then check to make sure that are fields have a value in them.

if trim(request.Form("Pass")="Form") then

I also just added in a Form to check if the Email address is Valid or not.
Say you type in:   something@thingcom
It will get flagged.  somethingthing.com
would also get flagged.

Anyway.

This is the better validation system that you can use.
The only fields that do not keep their values is the Password and VerifyPassword fields.

The reason why you should never use JavaScript to check against your form, is that
A hacker can break it and submit what ever they want to your page.

This will hopefully help to keep you safe and work well within' your page.

Good Luck
(Full working modal here  http://ee.cffcs.com/Q_24688967/Q_24688967.asp
This is the same exact code that you see below)

Carrzkiss
<%
FN = trim(request.form("FirstName"))
LN = trim(request.form("LastName"))
UN = trim(request.form("Username"))
PW = trim(request.form("Password"))
VPW = trim(request.form("VerifyPassword"))
EM = trim(request.form("Email"))
 
if trim(request.Form("Pass")="Form") then
if FN ="" then%>
First Name is Required.
<%else
if LN="" then%>
Last Name is Required
<%else
Dim goby
goby = 0 'Initializing goby to 0
If Len(EM) <= 5 Then
   goby = 1
End If
If InStr(1, EM, "@", 1) < 2 Then
    goby = 1
Else
    If InStr(1,EM, ".", 1) < 4 Then
        goby = 1
    End If
End If
If goby <> 0 then 
%>
<span style="color:red;">please enter a valid email address</span>
<%else
if UN = "" then%>
Username is required
<%else
if PW="" then%>
Password is Required!
<%else
if PW<>VPW then%>
Your Password is not the same, please correct and resubmit again
<%end if
end if
end if
end if
end if
end if
end if%>
<form action="" method="post">
<input type="hidden" name="Pass" value="Form" />
<table>
<tr><td>First Name</td><td><input name="FirstName" type="text" value="<%=FN%>"></td></tr>
<tr><td>Last Name</td><td><input name="LastName" type="text" value="<%=LN%>"></td></tr>
<tr><td>Email</td><td><input name="Email" type="text" value="<%=EM%>"></td></tr>
<tr><td>Username</td><td><input name="Username" type="text" value="<%=UN%>"></td></tr>
<tr><td>Password</td><td><input name="Password" type="password" value=""></td></tr>
<tr><td>Verify Password</td><td><input name="VerifyPassword" type="password" value=""></td></tr></table>
<input name="Submit" type="submit">
 
</form>

Open in new window

Avatar of dandeliondream

ASKER

Hi Carrzkiss,
Yes, the solution you provided is very useful but how do I add the recapture in the form? Sorry, I am really bad in programming.
i mean recaptcha
ASKER CERTIFIED SOLUTION
Avatar of Wayne Barron
Wayne Barron
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I just made this better!

If you have not filled out everything it will let you know (Like before)
If you have not filled out the reCaptcha it will let you know (Like before)
BUT.
If you have not filled the reCaptcha correctly, it will submit the page to itself.
(Using an IF Statement)
If your correctly spell the reCaptcha, then it will submit to a ThankYou.asp page.
With your information provided on it.

Pretty sweet really.

working LIVE example
http://ee.cffcs.com/Q_24688967/Q_24688967.asp
Code
http://ee.cffcs.com/Q_24688967/Q_24688967.zip

Let me know if you have any questions about it.
Carrzkiss
Hi Carrzkiss,
Attached 2 files:
register-ok.asp is working fine. It is live and running for a few years now. I want to add in the reCaptcha function so I amended the file. My latest working file is register-now.asp. There is error when i run it.
Error Message
Error Type:
Microsoft VBScript compilation (0x800A03F6)
Expected 'End'
/web-new/include/footer.asp, line 22


however I am very sure footer.asp is error free.

register-ok.txt
register-now.txt
OK.
To begin with.
I do not have time to go through all of your files, and I DO NOT have all of the files
Or the database and the what ever else is missing.
There is WAY too much work, and I just cannot do it.

I made your a fully functional working example.
It is really easy to implement, just look through the code.

Sorry, but I do not have the spare time to do your code for you.

Carrzkiss
dandeliondream:

Did you ever get this to work for you?
It is pretty bad that I spent the time that I did on this one for you, and you are not going to
Keep my informed.
I am sorry that I cannot do everything for you on this one, but it is hard to test your code
When I don't have all the files. I hope that you can understand that.

Let me know what is going on.

Carrzkiss
Hi Carrzkiss,
Thanks for your concern. I 'm still figuring out how to incorporate your code into mine.
I have problems with VALUE="<%=HTMLEncode(sUserName)%>". How do I change mine to use yours?  VALUE="<%UN%>"
It looks like you have a lot of work cut out for you in this one.
I honestly cannot tell you, as I have not see the code run, so.
And the code pages that you sent over, I cannot use as they are just 2 of many that you have
Through the use of: INCLUDES
Plus, missing of the database.

I do not think that I am going to be able to assist any further on this issue.
I am very sorry, but I do not know what your site does and how it functions.

I am sorry.
The best thing to do is like I learned.
Trial and Error, as I know that you do not want to show your whole code, as some may be sensative.

Carrzkiss
thanks for your help