ASP.NET RSS ASP.NET RSS

Remove Letters from String to convert into integer

Please support our ASP.NET advertiser: $4.95 a Month - ASP.NET Web Hosting – Click Here!
Thread Solved
Reply

Join Date: Sep 2007
Posts: 1,080
Reputation: SheSaidImaPregy is an unknown quantity at this point 
Solved Threads: 68
SheSaidImaPregy SheSaidImaPregy is offline Offline
Veteran Poster

Remove Letters from String to convert into integer

 
0
  #1
Oct 11th, 2007
Hello, I need to remove letters and characters from a request.querystring in order to convert it into an integer. This is only extra precaution from people screwing around in the address bar directly. I have enough protection in place to protect errors. Let's say that I want to retrieve a current location that is kept by an integer from the querystring.

http.//www.mydomain.com/direction.aspx?loc=2

This works great, but then if someone does this:

http.//www.mydomain.com/direction.aspx?loc=2sdf;DROP

or something like it, it just automatically redirects to loc=1. I was hoping that someone could help me figure out how to request.querystring("loc") then pull out the invalid characters to keep it a string. Thinking off the top of my head, this is all I can think of which is FAR too lengthy. I know there is a shorter way:
ASP.NET Syntax (Toggle Plain Text) 
  1. Function MakeInteger()
  2. Dim i As Integer
  3. Dim loc As String = request.QueryString("loc")
  4.  
  5. Do While Not IsNumeric(loc)
  6.   loc = Replace(loc, "a", "")
  7.   loc = Replace(loc, "b", "")
  8.   ...
  9.   ...
  10. loop
  11. Return (loc)
  12. End Function
Is there a way to do something like: loc = Replace(loc, [A-z], "") ?

I found this in C# I believe. Maybe someone who knows how to validly convert it to VB? Thanks
ASP.NET Syntax (Toggle Plain Text) 
  1. StringBuilder sb = new StringBuilder ();
  2. for (int i=0; i< string.Length; i++)
  3. if (char.IsLetterOrDigit(string[i])
  4. sb.Append(string[i]);
Reply With Quote Quick reply to this message  
Join Date: Oct 2007
Posts: 6
Reputation: sauru_garg is an unknown quantity at this point 
Solved Threads: 1
sauru_garg sauru_garg is offline Offline
Newbie Poster

Re: Remove Letters from String to convert into integer

 
0
  #2
Oct 11th, 2007
h well i can only tell u as much as to use split functions , u can serch net for details , they split string into array of strings as needed, use the needed array member , more i can telll if u explain the problem in detail
Reply With Quote Quick reply to this message  
Join Date: Sep 2007
Posts: 1,080
Reputation: SheSaidImaPregy is an unknown quantity at this point 
Solved Threads: 68
SheSaidImaPregy SheSaidImaPregy is offline Offline
Veteran Poster

Re: Remove Letters from String to convert into integer

 
0
  #3
Oct 11th, 2007
I looked up the (char.IsLetterOrDigit) function. It seems like it would be best for me and I will probably do that later. I am pulling information from a database via integers found on the querystring. But I want extra protection that doesn't require redundant code. I know I can pull the information from the querystring and do a replace function for every character in the aplhabet, but that is 26 lines of code executed repeatedly whereas I should be able to search all A-z letters and remove them with a couple lines of code. I guess this is something I can do:
ASP.NET Syntax (Toggle Plain Text) 
  1. Function Public ConvertInt(ByVal stringtoint As String) As Integer
  2. Dim i As Integer
  3. 'for this case, stringtoint will be equal to request.querystring("id") or something similiar
  4.  
  5. Do While Not IsNumeric(stringtoint)
  6.   for i=0 to Len(stringtoint)
  7.     If (char.IsLetterOrDigit(i)) = False then
  8.       stringtoint = Replace(stringtoint, (char.IsLetterOrDigit(i)), "")
  9.     End if
  10.   next
  11. loop
  12. Return (stringtoint)
  13. End Function
  14.  

understand what I am after? I need to retrieve the querystring from the url. The querystring must be integer to proceed so I need to remove all letters and special chars.
Last edited by SheSaidImaPregy; Oct 11th, 2007 at 1:37 pm.
Reply With Quote Quick reply to this message  
Join Date: Oct 2007
Posts: 6
Reputation: sauru_garg is an unknown quantity at this point 
Solved Threads: 1
sauru_garg sauru_garg is offline Offline
Newbie Poster

Re: Remove Letters from String to convert into integer

 
0
  #4
Oct 12th, 2007
yep dear , i got what u said , u want numerics and only numerics in querystring , and u are protecting against directly jotted querystring values in url..... thats right
well i have been taught to use query string in the least secure pages, well there are no of options like viewstate, session or application , u can use global vars too, but still if u r bent upon using query string than i might find out something about it, u'll have to do something like picking up each char and check for int. and ignore the whole if anything else... like that na
wel,, m from india , where r u from

---------------------------------------------------------------------------------------------------
Originally Posted by SheSaidImaPregy View Post
I looked up the (char.IsLetterOrDigit) function. It seems like it would be best for me and I will probably do that later. I am pulling information from a database via integers found on the querystring. But I want extra protection that doesn't require redundant code. I know I can pull the information from the querystring and do a replace function for every character in the aplhabet, but that is 26 lines of code executed repeatedly whereas I should be able to search all A-z letters and remove them with a couple lines of code. I guess this is something I can do:
ASP.NET Syntax (Toggle Plain Text) 
  1. Function Public ConvertInt(ByVal stringtoint As String) As Integer
  2. Dim i As Integer
  3. 'for this case, stringtoint will be equal to request.querystring("id") or something similiar
  4.  
  5. Do While Not IsNumeric(stringtoint)
  6.   for i=0 to Len(stringtoint)
  7.     If (char.IsLetterOrDigit(i)) = False then
  8.       stringtoint = Replace(stringtoint, (char.IsLetterOrDigit(i)), "")
  9.     End if
  10.   next
  11. loop
  12. Return (stringtoint)
  13. End Function
  14.  

understand what I am after? I need to retrieve the querystring from the url. The querystring must be integer to proceed so I need to remove all letters and special chars.
Reply With Quote Quick reply to this message  
Join Date: Sep 2007
Posts: 1,080
Reputation: SheSaidImaPregy is an unknown quantity at this point 
Solved Threads: 68
SheSaidImaPregy SheSaidImaPregy is offline Offline
Veteran Poster

Re: Remove Letters from String to convert into integer

 
0
  #5
Oct 12th, 2007
I'm from the US. Yeah, I have been working on a function that checks whether or not EACH digit in the string is a digit or not. The problem I am receiving from this is that if the querystring says "3serd", it says that there are invalid characters in the string. Can't seem to work around that. It's a unrequired extra protection and to keep functionality the best it can be. The only reason you should use querystrings is if you want the page to be bookmarked and that the information pulled is in no way required for any vital information via database. Like, if you have your url at mydomain.com/tutorial.aspx?id=209882, you can save it as a bookmark. But if you send your id's via textboxes or sessions, if someone bookmarks your page and comes back to it later, it will fail. As the only thing they see and your server see's is: mydomain.com/tutorial.aspx And I am sure you have some kind of coding that if there is no id specified, you redirect to another page which allows the user to pick or specify an id. You know what I mean? It's for bookmarking and favorites the use of querystrings. I also use UserID's in querystrings but only for the user's view as there requires serverside and session variables for that. I get picked on here and there for that, but I like seeing userid's, always have!

Anyway, this is what I have so far for my function above that fails if there are anything besides digits:
ASP.NET Syntax (Toggle Plain Text) 
  1. 'Public Function MakeInt(ByVal stringint As String) As String
  2. 'Dim i As Integer
  3. '
  4. 'if Len(stringint) > 0 then
  5. '	Do While Not IsNumeric(stringint)
  6. '		for i=0 to Len(stringint)
  7. '			if (Char.IsDigit(stringint, (i))) = False then
  8. '				stringint = Replace(stringint, (Mid(stringint, (i), 1)), "")
  9. '			end if
  10. '		next
  11. '	loop
  12. '	Return (stringint)
  13. 'end if
  14. 'End Function
I am also working on this one below but haven't tested it yet. It should work..
ASP.NET Syntax (Toggle Plain Text) 
  1. 'Public Function MakeInt(ByVal stringint As String) As String
  2. 'Dim lngCount As Long
  3. 'Dim strOut As String
  4. 'if not isnull(stringint) then
  5. '	for lngCount = 1 to len(stringint)
  6. '		if isnumeric(mid$(stringint, lngCount, 1)) then
  7. '			strOut = strOut & mid$(stringint, lngCount, 1)
  8. '		end if
  9. '	next lngCount
  10. 'end if
  11. 'MakeInt = strOut
  12. 'end function
Reply With Quote Quick reply to this message  
Join Date: Sep 2007
Posts: 1,080
Reputation: SheSaidImaPregy is an unknown quantity at this point 
Solved Threads: 68
SheSaidImaPregy SheSaidImaPregy is offline Offline
Veteran Poster

Re: Remove Letters from String to convert into integer

 
0
  #6
Oct 12th, 2007
Solved it. This works. Drops everything besides the digits.
ASP.NET Syntax (Toggle Plain Text) 
  1. Public Function MakeInt(ByVal stringint As String) As String
  2. Dim lngCount As Long
  3. Dim strOut As String
  4. if Len(stringint) > 0 then
  5.   for lngCount = 1 to len(stringint)
  6.     if isnumeric(mid$(stringint, lngCount, 1)) then
  7.       strOut = strOut & mid$(stringint, lngCount, 1)
  8.     end if
  9.   next lngCount
  10. end if
  11. MakeInt = strOut
  12. End Function
Reply With Quote Quick reply to this message  
Join Date: Oct 2007
Posts: 6
Reputation: sauru_garg is an unknown quantity at this point 
Solved Threads: 1
sauru_garg sauru_garg is offline Offline
Newbie Poster

Re: Remove Letters from String to convert into integer

 
0
  #7
Oct 13th, 2007
well thats good, now i understood , why u wanted to do querystrings ...
keep in touch


Originally Posted by SheSaidImaPregy View Post
Solved it. This works. Drops everything besides the digits.
ASP.NET Syntax (Toggle Plain Text) 
  1. Public Function MakeInt(ByVal stringint As String) As String
  2. Dim lngCount As Long
  3. Dim strOut As String
  4. if Len(stringint) > 0 then
  5.   for lngCount = 1 to len(stringint)
  6.     if isnumeric(mid$(stringint, lngCount, 1)) then
  7.       strOut = strOut & mid$(stringint, lngCount, 1)
  8.     end if
  9.   next lngCount
  10. end if
  11. MakeInt = strOut
  12. End Function
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread has been marked solved.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the ASP.NET Forum
Thread Tools Search this Thread



.net 2.0 3.5 activexcontrol advice ajax alltypeofvideos asp asp.net bc30451 beginner bottomasp.net browser businesslogiclayer c# c#gridviewcolumn cac checkbox class commonfunctions compatible confirmationcodegeneration content contenttype countryselector courier dataaccesslayer database datagrid datagridview datagridviewcheckbox datalist development dgv dropdownlist dropdownmenu dynamically edit fileuploader fill flash flv formatdecimal forms formview gridview gudi homeedition iframe iis javascript jquery listbox menu microsoft mouse mssql multistepregistration nameisnotdeclared news objects opera panelmasterpagebuttoncontrols problem redirect registration relationaldatabases reportemail rotatepage schoolproject security serializesmo.table sessionvariables silverlight smartcard smoobjects software sql sql-server sqlserver2005 textbox tracking treeview unauthorized validatedate validation vb.net video videos virtualdirectory vista visual-studio visualstudio web webapplications webarchitecture webdevelopemnt webprogramming webservice youareanotmemberofthedebuggerusers
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC