jdc44
08-20-2007, 03:57 PM
Here is an odd question that I can't seem to get any head-way on when using google.
I have a web form and use JavaScript to validate form entries before submitting the form and inserting values into a db table.
One text area box has its value inserted into an Oralce varchar2(2000) field - 2000 character max field. If a user enters more than 2000 characters into the form box, I pop up an alert box with text stating the problem and to prompt the user to try again.
Here is my problem. I had a user who did copy and paste text from a website into the text area box. The JS validator text worked and the user had to reduce the text he entered. His next try went through, but there was an internal server error due to the code trying to insert 2062 characters into a 2000 character limit field in Oracle. So, 2062 characters got by the validator code and not Oracle.
How did the JS, which seems to work on all tests, let 2062 characters through? How does JavaScript see special characters such as & or é (html entities) and such? I was thinking that maybe some of these types of characters might be seen as one character in Javascript and multiple characters in oracle.
Not sure really, - just hoping to guess correctly.
JS validator code for this form item:
if( document.getElementById("action_comments") ){
var action_comments = document.getElementById("action_comments");
if( action_comments.value ){
// check length
var strlen = action_comments.value.length;
if ( strlen > 2000 ){
alert("The length of your Comments regarding your review action\n cannot excede 2000 characters in length. You entered " + strlen + " characters.\n Please shorten your entry in the Comments field.");
action_comments.focus();
return false;
}
}
}
Thanks for any thoughts or advice. It is appreciated...
I have a web form and use JavaScript to validate form entries before submitting the form and inserting values into a db table.
One text area box has its value inserted into an Oralce varchar2(2000) field - 2000 character max field. If a user enters more than 2000 characters into the form box, I pop up an alert box with text stating the problem and to prompt the user to try again.
Here is my problem. I had a user who did copy and paste text from a website into the text area box. The JS validator text worked and the user had to reduce the text he entered. His next try went through, but there was an internal server error due to the code trying to insert 2062 characters into a 2000 character limit field in Oracle. So, 2062 characters got by the validator code and not Oracle.
How did the JS, which seems to work on all tests, let 2062 characters through? How does JavaScript see special characters such as & or é (html entities) and such? I was thinking that maybe some of these types of characters might be seen as one character in Javascript and multiple characters in oracle.
Not sure really, - just hoping to guess correctly.
JS validator code for this form item:
if( document.getElementById("action_comments") ){
var action_comments = document.getElementById("action_comments");
if( action_comments.value ){
// check length
var strlen = action_comments.value.length;
if ( strlen > 2000 ){
alert("The length of your Comments regarding your review action\n cannot excede 2000 characters in length. You entered " + strlen + " characters.\n Please shorten your entry in the Comments field.");
action_comments.focus();
return false;
}
}
}
Thanks for any thoughts or advice. It is appreciated...