From time to time we end up with a project to update a classic ASP website. I don’t know about you guys but I dropped classic ASP sometime around 2003 in favour of ASP.NET. Anyway, here is a collection of useful functions and snippets that I keep to hand.
A function to clean postback data.
As classic ASP does not automatically sanitise post back data from form controls, I use this function to strip out any unwanted data that could be used in a SQL injection or XSS attack.
Private Function cleanData(ByVal strData As String) As String 'this function uses regular expression to clean input data Dim rgxObj As New Regex("[^0-9a-zA-Z\s]") cleanData = rgxObj.Replace(strData, "") rgxObj = Nothing End Function