SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member jayg5000's Avatar
    Join Date
    Dec 2006
    Location
    USA
    Posts
    21
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Verify Contents of a Comment Box

    I have a form with a javascript form validator to check against all fields to make sure they are entered in correctly and to reduce spam. I am using
    Code:
    var allowedChars = /^[a-z\s]+$/i;
    to specify that I only want characters and so on. Is there a way to reverse that to say this html input field CAN NOT contain any of the following? I want to check against a comment box to make sure no url address is entered (http:www.) because most spam contains urls in this field. Is there a simple solution?

  2. #2
    SitePoint Guru
    Join Date
    Apr 2006
    Posts
    802
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There are more things that I don't want to get in user input than there are that I do want.

    You nearly always miss something when you try to screen data OUT, as opposed to defining exactly what you will allow IN.

  3. #3
    SitePoint Zealot the DtTvB's Avatar
    Join Date
    Jul 2006
    Location
    Thailand
    Posts
    162
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is there a way to reverse that to say this html input field CAN NOT contain any of the following?
    Use indexOf.

    Code:
    if (document.myform.myinput.value.indexOf('://') != -1)
        return alert('Spamm....???') || false;
    if (document.myform.myinput.value.indexOf('www.') != -1)
        return alert('No way.') || false;

  4. #4
    Beer Monster -Ox's Avatar
    Join Date
    Apr 2003
    Location
    sowth afreeka
    Posts
    374
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    At the end of the day, the best solution that you can use is to validate it server side, using PHP strip_tags() and or an equivalent.

    We validate everything using JS, however we ALWAYS validate using server side, as its a simple matter of a user disabling javascript then they're going to be able to enter bad data that way.

    Hope that helps a littel too
    My postings are a natural product.
    The slight variations in spelling and grammar enhance its
    individual character and beauty and in no way are to be
    considered flaws or defects - http://www.guinnesspig.net


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •