SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member
    Join Date
    Oct 2006
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Form Validation for Special Characters

    Hi,

    I'm trying to write the code for form validation, to check for these four characters, excluding the curly brackets: ( < > | ; ), in a query for a search engine. If these characters are anywhere in the query, an alertbox is produced. Unfortunately, I can't seem to get anything to work; tutorials I've sourced from the internet are too confusing for me. Here is the code for the form:

    <form name="search" method="post" action="search_result.php">
    <p class="header">Enter a query: <input type="text" name="find" />
    <input type="submit" name="search" value="Search" />
    </form>

    The file itself is a .php one, as it has a cookie declaration at the start. If this is a problem, assume it is an .html file and I'll figure out the cookie later :P

    Thanks for any help, much appreciated!

    Christian

  2. #2
    SitePoint Guru
    Join Date
    Sep 2006
    Posts
    731
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Christian_
    Hi,

    I'm trying to write the code for form validation, to check for these four characters, excluding the curly brackets: ( < > | ; ), in a query for a search engine. If these characters are anywhere in the query, an alertbox is produced.
    Code:
    <script type='text/javascript'>
    
    function charTest(str)
    {
     var v;
      
     if(( v=str.match( /(\<|\>|\||\;)/g )))
      alert('Not allowed: '+v);
    
     return !v;
    }
    
    </script>
    
    <form name="search" method="post" action="search_result.php" onsubmit="return charTest(this.find.value)">

  3. #3
    SitePoint Addict darkwater23's Avatar
    Join Date
    Nov 2005
    Location
    Omaha, NE
    Posts
    335
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Also, it may be better for you to allow those characters and then convert them to HTML entities or escape them in your PHP script, depending on what you do with the input.

    http://us2.php.net/htmlentities
    http://us2.php.net/manual/en/function.addslashes.php
    http://us2.php.net/manual/en/function.urlencode.php

  4. #4
    SitePoint Member
    Join Date
    Oct 2006
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Fantastic! Works perfectly. Thanks a lot for your help guys, much appreciated.

    Christian


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •