I'm having a difficult time in finding or making my own user validating Regular Expression. The format for our User name is something like BOB.12345. If I use the RegExp "[^a-zA-Z0-9\.]", and I put in ' or 1=1-- in the text field, it displays or 1=1--. It didn't even strip out the = or the --.
Here is the code:
Set regExLogin = new RegExp
regExLogin.Pattern = "[^a-zA-Z0-9\.]"
Sanitize = regExLogin.Replace(strInput,"")