I am trying to write a function to not allow people within a list of banned names. I am thinking there is a LIKE function in ASP like there is in SQL or am I going crazy? So If "test" LIKE "test" Then or something. Any ideas?

are you thinking of regular expressions?

Yes. I thought you could use like but that is a SQL function. Any ideas for ASP?

You want to exclude names that are even close to the banned ones? What about using a wild card or 2? I believe they're part of the vb syntax.

I would think something like this might help:


if lcase(strBannedName)<>lcase(strCheckName) then
if instr(lcase(strBannedName), lcase(strCheckName))<>0 then
response.write ("banninated!")
else
response.write ("These are not the droids we are looking for.")
end if
else
response.write ("banninated!")
end if


Although, there are no wildcards or whatever.

You may also need to write a leet speak translator (on my to-do list) so that the system cannot get fooled with 'beta' creating a new username 'b3ta'.

wikipedia has a good list of most of the common leet speak characters that can be parsed into 'normal speak'. http://en.wikipedia.org/wiki/Leet_speak

I decided to use a database with a list of words to check on like the followingDim deny
set deny = Server.createObject("ADODB.Recordset")
deny.open "SELECT * FROM banned WHERE name LIKE '%" & nameof &"%'", objDC, 0
If NOT deny.EOF THEN
response.redirect("entries.asp?postid=" & num & "&comments=true&spam=true")
Else I have poker in the database under name and when I enter "poker 123" in the nameof field, it does not redirect me. It should no? I am telling the program to pull anything in the name column that contains "nameof" correct? or am I losing it?!

losing it... :)

you've just put wild cards on the end of the search string. so its trying to match the whole of "poker 123". if you want to do this in a query then you'd have to use the database's own functions to do the pattern matching i think.

Now it gets complicated. :)

I thought the point of the two %'s was that anything between them was chosen. Is this not so?

the % thingys are just wildcards. so in your sql you are saying find me any records in the banned table that have a name containing "poker 123".

i wouldn't try to do this in the database. it would be much easier to do the same job in your vb code. i'd be tempted to store a whole load of regular expression patterns in the banned table, then either create one big regular expression pattern from them and do a single test, or do lots of individual tests. i think i'd go with the first one if it needs to be done on more than one field...

et voila!!

<html>
<body>
<%

'grab all the banned words and create a single regular expression from them
sql = "select name from banned"
rePattern = ""

if runsql(sql,rs) then

do while not rs.eof
if rs(0) & "" <> "" then
'looking for the pattern with a non letter character on either side of it
rePattern = rePattern & "(([^a-z]|^)" & rs(0) & "([^a-z]|$))|"
end if
rs.movenext
loop

rePattern = left(rePattern,len(rePattern)-1)

end if

'display the pattern so we can see what it's going to test with
response.write "<br>rePattern = " & rePattern

'create some test values to use
dim text(1)
text(0) = "this one is ok"
text(1) = "this one has a banned word in it"


'finally create a regular expression object and do some tests
set reg = new regexp

reg.ignorecase = true
reg.pattern = rePattern

for i = 0 to ubound(text)

response.write "<br>text(" & i & ") = " & text(i)
if reg.test(text(i)) then
response.write " - banned word found"
end if

next

%>
</body>
</html>
<%

function runsql(sql, byref rs)

runsql = true
dim connstr

connstr = "Driver={SQL Server};server=russells-pc\sqlexpress;database=test;uid=sa;pwd=qwertyuiop;"

on error resume next

set rs = createobject("adodb.recordset")
rs.open sql, connstr, 1, 3
if err then
runsql = false
set rs = nothing
end if

end function

%>

what do we all think to this?

Wow!