I am working on a page that can allow multiple product id's seperated by commas and retrieve from the query string. I have the code working but now I need to update it so that it will not take querystring parameters other than commas or numbers.
Can anyone tell me how I can update this one line of code so it only allows numbers and commas and nothing else?
strSelect = "SELECT Name, ShortName, ShortDescription, ImageSmallPath, uid, DateModified FROM dbo.Products WHERE uid IN (" + Request.QueryString("id") + ");"
If a regular expression is needed please let me know what imports or any other stuff is needed for the code to work. I am hoping to do in as few lines as possible.
Thanks in advance,