Checking for patterns and validating the user inputs using Regular Expression
Regular expressions is a powerful object of VBScript to use in any string matching and particularly in pattern matching. This is highly important to maintain data uniformity and prevents any malicious code or characters to enter to the system other than the required patterns.
If user inputs are not validated the attackers can use this to get entry inside the protected area and this is known as injection attack. You can read more on this security issues here and here.
For example we don't want any one to use any character inside the field specified for entering zip or pin code inside a form. Same way for a phone number we may allow hyphens (- ) and numbers but not characters. User id should contain only number and characters and it should be minimum 3 and maximum 8 char length. We can check one valid email address by checking the pattern used.
Regular Expression is a big subject and there are different ways to match patterns here. More details can be found at Microsoft MSDN home page and at regular expression tutorial
We need to first initiate the VBScript regular expression object and here is the code for that.
dim RExp : set RExp = new RegExp
We will see the use of this object in our examples for validating different inputs.
Let us start with some simple validations using regular expression.
Validating for user id & password: Here we will allow only characters and numbers within a minimum and maximum length
Validating Email address
Validating date entered by users
Validating zip code
Validating telephone number