Using forms with ASP

In this article we focus on using forms along with ASP technology, forms are well known parts in web pages, when a user registers, adds comment, uploads picture he uses forms. The data entered in each form is sent to the web server, for example in the registration form user enters username, password, and verification email and then press submit , the information is sent from this point as HTTP parameters to the web server. You may need to add some validations to the user inputs, the validation process can be done at client side using JavaScript and at server side using ASP in our case. Other server side scripting languages such as PHP and JSP also supports data validation.

To define a form in ASP we use the tag “Form” and we define the HTTP method used which can be GET or POST, One more important attribute is action, in this attribute we define the URL of web page that parameters will be sent to. Following show the HTML form usage:




The question now how we will get the parameters sent in ASP page? In asp this is done using a request object as follows:
Dim ParameterValue
ParameterValue= Request.QueryString (“ParameterName”)

Consider we have form as follows:


This HTML code snippet represents a simple form that allows the user to submit information to the server. The form element is a container for various form controls, such as text fields, checkboxes, and buttons, and it allows the user to interact with the form by providing input or selecting options. The form element is defined using the <form> tag, and it has two attributes, the "method" attribute, and the "action" attribute. The "method" attribute is used to specify the HTTP method that should be used when submitting the form data, in this case, the "get" method is used which means that the data entered by the user will be sent as a query string in the URL, this method is mainly used to retrieve data from the server.

The "action" attribute is used to specify the server-side script or page that should receive the form data. In this case, the action is set to "register.asp" which means that the form data will be sent to the "register.asp" script for processing. The form contains two text fields, one for the username and one for the password. These text fields are defined using the <input> tag, with the type attribute set to "text" which means that the user can enter any text. Each text field also has a "name" attribute, which is used to specify a unique name for the text field, this name will be used to identify the data that the user enters. Lastly, the form contains a submit button, which is defined using the <input> tag with the type attribute set to "submit", this button is used to submit the form data to the server. The value attribute of the submit button is set to "Submit" which will be displayed on the button.




Here is the ASP part:

This ASP code snippet demonstrates the use of the "Request.QueryString" method, which is a built-in object in ASP that allows the retrieval of query string values. The code declares two variables, "Username" and "password", and assigns them the values of the "Username" and "password" query string parameters, respectively. The "Request.QueryString" method is used to retrieve these values from the query string of the current request. In this case, the query string is expected to be in the format of "register.asp?Username=xxx&password=yyy" where "xxx" is the value of the Username and "yyy" is the value of the password. The values of these two parameters are then stored in the "Username" and "password" variables respectively.

After that, the code uses the "Response.Write" method to write a string to the response stream, which will be displayed to the user. The string includes the "Welcome" text concatenated with the value of the "Username" variable, and the text "Your password" concatenated with the value of the "password" variable. This means that the user will see a message like "Welcome (username) Your password (password)". It's important to note that the use of the "Request.QueryString" method could have security implications as it allows an attacker to inject malicious data into the query string, potentially leading to security vulnerabilities such as SQL injection or cross-site scripting (XSS). Therefore, it's essential to validate and sanitize any data retrieved from the query string to prevent security issues.



We can get all the parameters in a loop as this:


In POST method data can be collected by using request object of ASP. Here is the code

Like in the Get method we can also loop through and display all the name value pairs associated in POST method of form :



In case of forms inputs such checkboxes

This HTML code snippet represents a simple form that allows the user to select one or more checkboxes. The form element is defined using the <form> tag, and it has two important attributes, "method" and "action" to specify the HTTP method used to send the data and the script that will process the data, respectively. The form contains three checkboxes each with a name and a value attribute, the user can select one or more checkboxes, and the selected checkbox values will be sent to the server via the post method to the checkColor.asp script for further processing.


If we want to get the submission parameters in such case parameter myColor, to get its content is as follows :

myColor variable may contains many values, the question how to separate this values ? the answer is using split function

This ASP code snippet demonstrates the use of the "Split" function to split a string into an array of substrings. The function takes two arguments: the first is the string to be split, and the second is the delimiter character or string that separates the substrings. The function returns an array of substrings, so it's necessary to assign the result of the "Split" function to a variable that's declared as an array. This can be useful when you have a string that contains multiple values separated by a delimiter and you want to process these values separately.


To print its content


This ASP code snippet uses a "For" loop to iterate through an array of substrings. The loop starts by initializing a variable "i" to the lower bound of the array "splitMyColor", using the "LBound" function, then it ends when the value of "i" reaches the upper bound of the array, using the "UBound" function. The loop uses the "Response.Write" method to writing the value of the element at the current index "i" of the array "splitMyColor" to the response stream and "<br>" tag to insert a line break, which will cause the next element to be printed on a new line. This is a basic example of how to loop through an array and access its elements.