<% Function checkForInvalidChars(Data) dim checkedString, regEx Set regEx = New RegExp checkedString = Trim(Data) regEx.Pattern = "([^A-Za-z0-9@=:/*|' _-]+.%)<>()" regEx.IgnoreCase = True regEx.Global = True checkedString = regEx.Replace(checkedString, "") Set regEx = nothing checkedString = replace(checkedString, "--", "") checkedString = replace(checkedString, ";", "") checkedString = replace(checkedString, "'", "'") checkedString = replace(checkedString, "=", "=") checkedString = replace(checkedString, "(", "[") checkedString = replace(checkedString, ")", "]") checkedString = replace(checkedString, "'", "''") checkedString = replace(checkedString, "<", "[") checkedString = replace(checkedString, ">", "]") checkForInvalidChars = checkedString End Function lFilmID = checkForInvalidChars(Trim(Request.Querystring("fid"))) lMediaID = checkForInvalidChars(Trim(Request.Querystring("mid"))) sMediaType = checkForInvalidChars(Trim(LCase(Request.Querystring("mtid")))) lMaxSpeed = checkForInvalidChars(Trim(Request.Querystring("mxspd"))) sFilmTitle = checkForInvalidChars(Trim(Request.Querystring("fti"))) sMediaTitle = checkForInvalidChars(Trim(Request.Querystring("mti"))) sTimeCode = checkForInvalidChars(Trim(Request.Querystring("t"))) sPlayList = checkForInvalidChars(Trim(Request.Querystring("plst"))) If Len(sPlayList) > 0 Then sPlayList = sPlayList else sPlayList = "" End If If Len(sTimeCode) > 0 Then If Int(sTimeCode) > 0 Then sTimeCode = sTimeCode else sTimeCode = "0" End If Else sTimeCode = "0" End If sShareURL = "http://" & Request.Servervariables("SERVER_NAME") & Request.Servervariables("PATH_INFO") & "?" & Request.Servervariables("QUERY_STRING") sShareURL = Server.URLEncode(sShareURL) %> <%=sFilmTitle%>