Server Side Form Validation
Note: This article is outdated. If you really want to see a nice
example
of using server side form validation you should download and look over this
code.
Self Submitting "Contact Us" Form Using CDOSYS.
It uses a self submitting form and does servers side validation in a much
easier way.
Here is a simple example of how to do server side form validation. It will give you the
general idea and then you can make it as complex as you want to.
Say we had an HTML form and it posted to another page.
As we retrieve each value from the HTTP Header we can test it for
errors based on whatever we want to check for and store a specific error message along
with each error.
Keep in mind that this is simple example. You could check each value for whatever you
want.
<%
IsAnError = 0
GUESTNAME = Request("GUESTNAME")
If GUESTNAME="" THEN
ErrorMessage = ErrorMessage & "You didn't fill out your name.<br>"
IsAnError = IsAnError + 1
End If
you could even use the IsValidEmail
Function from this website when checking the email field
EMAIL = Request("EMAIL")
If InStr(EMAIL,"@") = 0 THEN
ErrorMessage = ErrorMessage & "You didn't enter a valid
email.<br>"
IsAnError = IsAnError + 1
End If
MESSAGE = Request("MESSAGE")
If MESSAGE="" THEN
ErrorMessage = ErrorMessage & "You didn't fill out your message.<br>"
IsAnError = IsAnError + 1
End If
If IsAnError > 0 Then
Response.Redirect "formpage.asp?ErrorMessage="& Server.URLEncode(ErrorMessage)
End If
%>
The Variable IsAnError
keeps track of the amount of errors and the error messages are piled up in a variable
called ErrorMessage. At the end we
test to see if the IsAnError
variable is still equal to 0. If it isn't then there were errors an we want to notify the
user.
Usually you redirect them back to the form with any variables you want to pass back to
that page. Obviously the ErrorMessage
variable needs to go back there. If you don't want them to have to fill out everything
again you can send the other valid information back there also but then you will have to
have some extra code in the form fields and the redirect code also. Basically you will
need to make the form smart enough to autofill in those values instead of starting them
out blank. That is pretty easy for basic text fields but can be a bit tricky for drop down
lists and radio buttons.
If you just want to send the error message back to the form you can do it like this.
<% Response.Redirect "formpage.asp?ErrorMessage=" &
Server.URLEncode(ErrorMessage) %>
If you are using Get or Put with your form you can send all the field info and the error
message back to the form like this.
<% Response.Redirect "formpage.asp?" & Request.Querystring &
"&ErrorMessage=" & Server.URLEncode(ErrorMessage) %>
If you are using Post with your form you can send all the field info
and the error message back to the form like this.
<% Response.Redirect "formpage.asp?" & Request.Form &
"&ErrorMessage=" & Server.URLEncode(ErrorMessage) %>
It all depends on how far you want to take it.
Please see the Redirect
Example in this site for information on redirecting.
Then on the form page you should have some code before the Form to check if the ErrorMessage variable is not empty. If it
has something in it you need to display the errors and do whatever else you plan to do.
<%
ErrorMessage = Request("ErrorMessage")
If ErrorMessage <> "" Then %>
<p align ="center">There were errors... Please Correct Them<br>
<% = ErrorMessage %></p>
<% End If %>
Here is an example of how to repopulate a text field if you decide
to send all the form field info back to the form. Like I
said above, it is easy with a text field, but other types of form input can be tricky to
repopulate.
<input type="text"
name="GUESTNAME" value="<%
Request("GUESTNAME") %>">
This a very simple example and should get you started.
Personally I usually do as much client side validation as possible using Frontpage and
then I add server side validation to check for whatever else I want to.
|
