Form and QueryString Validation in ASP-Classic not working?

[ykr808d2]

I'm trying to add some Input Validation in Classic ASP by using the function/code seen below.The only one that looks like it's working correctly is the "text" type. the others I keep getting errors or it just does not filter correctly.I'm trying to understand what I'm doing wrong please help me.Valid Data Types: "email", "integer", "date", "string" and "text". The first three are obvious, the last two have slight differences.The "email" should only allow numbers and leters, and the following characters "@" , "-" , "." , "_"The "date" should validate by running IsDate and if True then allow if False DON'T.The "string" should validate text-based querystrings, allowing only letters, numbers, _, - and . Whereas "text" is any free-form text form field type content.The "integer" should only allow numbers and a period (.)Usage Example: \[code\]<input type="text" value="http://stackoverflow.com/questions/11803939/<%=MakeSafe("[email protected]</HTML>1234.5",integer,50)%>">\[/code\]Eg: \[code\]MakeSafe(dataInput,dataType,dataLength)\[/code\]\[code\]<%'// CODE BY: dB Masters'// FOUND AT: http://successontheweb.blogspot.com/2008/03/input-validation-for-security-in.htmlFunction MakeSafeConvert(encodeData)encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"&", "&")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"'", "'")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"""", """)encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,">", ">")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"<", "<")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,")", ")")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"(", "(")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"]", "]")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"[", "[")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"}", "}")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"{", "{")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"--", "--")encodeData = http://stackoverflow.com/questions/11803939/replace(encodeData,"=", "=")MakeSafeConvert = encodeDataEnd FunctionFunction MakeSafe(dataInput,dataType,dataLength)Dim regex, validInput, expressionmatchregex = ""validInput = "1"If dataType = "string" And Len(dataInput) > 0 Then regex = "^[\w-\.]{1,"& dataLength &"}$"ElseIf dataType = "email" And Len(dataInput) > 0 Then regex = "^[\w-\.]+@([\w-]+\.)+[\w-]{2,6}$"ElseIf dataType = "integer" And Len(dataInput) > 0 Then regex = "^\d{1,"& dataLength &"}$"ElseIf dataType = "date" And Len(dataInput) > 0 ThenIf Not IsDate(dataInput) Then validInput = "0" End IfElseIf dataType = "text" And Len(dataInput) > 0 ThenIf Len(dataInput) > dataLength Then validInput = "0" End IfEnd IfIf Len(regex) > 0 And Len(dataInput) > 0 Then Set RegExpObj = New RegExp RegExpObj.Pattern = regex RegExpObj.IgnoreCase = True RegExpObj.Global = True RegExpChk = RegExpObj.Test(dataInput)If Not RegExpChk Then validInput = "0" End If Set RegExpObj = nothingEnd IfIf validInput = "1" And Len(dataInput) > 0 Then MakeSafe = MakeSafeConvert(dataInput) ElseIf Len(dataInput) = 0 Then MakeSafe = ""Else Response.Write "<h2>Processing Halted.</h2>" Response.EndEnd IfEnd Function%>\[/code\]Thanks again...