ASP code filter

i am after suggestions for a good piece of code/script/plugin for checking/cleaning text that a user can enter, to ensure there is no injection, or potentially unwanted entry.

i have an asp site that users can log into and update there profile information, i would like for them to be able to enter some html formatting rather than straight text only, however i need to ensure that they cant be malicious and inject anything.t
one solution i had was to give them a standard format, eg Leadtext, Bullet point 1, Bullet point 2, Bullet point 3, Bullet point 4, EndText. However his is little better than what i have now.

Any suggestions guys.
Points will be split amoungst all that offer good advise,
Please bear in mind that i am by no means an experianced programer.

Cheers
Andrew
LVL 19
Andrew DavisManagerAsked:
Who is Participating?
 
Dirar Abu KteishConnect With a Mentor Commented:
check this url explaining how you can protect yourself from sql injections http://www.4guysfromrolla.com/webtech/061902-1.shtml.
0
 
Dirar Abu KteishCommented:
This is a free plugin that can be easily installed and has a lot of useful functions to work with string
http://www.chilkatsoft.com/refdoc/xCkStringRef.html

and example page

http://www.example-code.com/asp/aspstring.asp
0
 
Andrew DavisManagerAuthor Commented:
Thanks for that dxz2 it looks like they have some interesting tools, however i had a look at the tool it appears to me that it can strip the HTML tags altogether, however i want the users to be able to use html but i need it checked to ensure there are no nasties in it, eg database injection

cheers
0
 
dosthConnect With a Mentor Commented:
http://www.ariel.web.id/blog/2007/03/15/checking-refferer-prevent-html-form-hijacking/

also before saving the user input to database, check for any <script></script> tag, usally injections done with this tag. use instr function to check any <script> tags is there and tell the user to remove the tags

http://www.w3schools.com/Vbscript/func_instr.asp
0
 
dosthCommented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.