...

View Full Version : HELP! Filtering validating single quote character out!



roger
12-07-2004, 10:21 PM
Hello CF nuts....
Im working on a submission form which I want to validate with JavaScript...
I need help to get the sinqle quote out of the input fields....
So when someone inputs a forbidden character like a quote (') the javascript will respond with an error message....Can someone help me with this...
Since a lot of people are using quotes in there texts and its messing up my database....
Thanks in advange...

Roger

Badman3k
12-07-2004, 11:26 PM
Well I'm not exactly sure whether you want to allow everything BUT ' or whether you only want alphanumeric characters.

Well for alphanumeric, use the following:


if (/[^a-z0-9]/i.test(fieldname.value)){
alert("invalid");
}


For searching for just the ' character use:


if (fieldname.value.indexOf("'") != -1){
alert("Invalid character ' entered!");
}


Hope this is of some use :thumbsup:

roger
12-08-2004, 03:15 PM
Well I tried to put the code in a from and It doesn't work for me...
Maybe Im doing something wrong???Please help....

<script LANGUAGE="JavaScript">
function FcheckForm(f){
<!--
if(username.value.indexOf("'") != -1){ alert("Invalid character ' entered!");return false; }
}
return true;
}
}
-->
</script>
<form method="POST" action="testfrm.html" id="frmform" name="frmform" onSubmit="return FcheckForm(this);">
<input name="username" type="text">
<input type="Submit" name="btnSubmit" value="Submit">
</form>

aifilaw
12-08-2004, 03:23 PM
<script LANGUAGE="JavaScript">
function FcheckForm(f){
if(f.username.value.indexOf("'") != -1){
alert("Invalid character ' entered!");
return false;
}
return true;
}
</script>

roger
12-08-2004, 03:28 PM
Ooh my god forget to put the function value into the check..... :D
Working now....thanks!!!!

Basscyst
12-08-2004, 06:32 PM
Ideally though I think you want to just escape the single quote, if you are just disallowing it do to the database errors. No need to limit the user.

Somthing like this:



<script type="text/javascript">
var x=escape("I think Harry's head is going to explode!! That's bad news.");
alert(x);
x=unescape(x);
alert(x);
</script>


Basscyst

glenngv
12-09-2004, 05:35 AM
You should escape the single quotes in the server-side and not in the client-side. If you're using ASP, you escape it by using another one. See this sticky (http://www.codingforums.com/showthread.php?t=9843) for more info.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum