• After more than 30 years running websites and forums I am retiring.

    I have made many friends through the years. I will cherish my time getting to know you. I wish you all the best. This was not an easy decision to make. The cost to keep the communities running has gotten to the point where it's just too expensive. Security certificates, hosting cost, software renewals and everything else has increased threefold. While costs are up ad revenue is down. It's no longer viable to keep things running.

    All sites will be turned off on Thursday 30 November 2023. If you are interested in acquiring any of the websites I own you can Email Schwarz Network.

Identifying the presence of illegal characters


Mar 26, 2004
Good morning all,

We have a procedure that requires us to validate all input for text fields; if the input contains certain characters or key words, we must force the user to re-enter alternative data. Some of the characters that we look for at the start of sentances are:
' ;
/ >
-- <
admin @
declare =

Some of the characters that we look for at the end of sentances are:

The keywords that we look for are:
@@ xss
__ (double underscore) NULL
varchar ‘’ (double single quote)
ascii ';
cursor exec (followed by space)
-- char(

I have added the regular expression validator to my web page and have entered the following custom validator:
^'|^;|^/|^>|^--|^<|^admin|^@|^declare|^=|one$|>$|@@|xss|__|null|varchar|''|ascii|';|cursor|exec |--|char|src

The validator does not fire for any of my illegal characters, how can I set the above custom validator to "not equals"? I know that I can use the Regex.IsMatch function within the code, but thought that by using the regular expression control may be safer.

Last edited:
Top Bottom