Feedback: Addressing Form Field Validation with Regular Expressions and JavaScript 1.2

Feedback on: Addressing Form Field Validation with Regular Expressions and JavaScript 1.2

Worth:
Worth reading

Length:
Just right

Technical:
Too technical

Comments:
I am looking for a function, that works on the lowest level of Javascript possible (Browser independency), that verifies that the text-input of a user is [A-Za-z], [0-9], "Comma(s)", "Period(s)" and "Space(s)". Thus eliminating any special characters that may cause problems on the host-process.
Ideal would be, if a double space(s) be automatically removed.

I did read through the FAQ without finding my solution (but finding numerous "ideas" to enhance programming of our pages (we are shortly prior a relaunch based on LAMP (Linux, Apache, MySQL and PHP).

Any support on this would be very welcome.

Worth:
Very worth reading

Comments:
Is there anyway to make it so this email validation will work if they enter in a character/s, and it will skip the process if they leave it blank, (so I can insert a NULL if left blank), so as to keep from forcing them to enter in an email address??

Worth:
Very worth reading

Length:
Just right

Technical:
Just right

Comments:
Fantastic - as a Perl programmer looking to hack a quick client-side validation on a filename upload box this was a gift.

Now I just hafta sit down and learn more Javascript at some point :)

Ed

Worth:
Worth reading

Length:
Just right

Technical:
Just right

Comments:
If I remember right, an Fully Qualified Domain Name can NOT have the underscore character in it (ie you can't have my_host.my_domain.com), and the expression \w contains [A-Za-z0-9_], so it let's it pass! a fix would be to change every \w after the @ sign to [A-Za-z0-9]... works for me at http://www.stvin.org/contactus.asp!

Thanks for the tips!

Worth:
Worth reading

Comments:
This code example alloiwing
to insert numbers in the Name field. This should be change to accept only alfabetical...

Worth:
Worth reading

Comments:
expression that you have came up with got some minor glitches as it would alow email with numeric domain such as: me@me.1234

I took your expression a bit further and modified it to the following:
/^\w+((-\w+)|(\.\w+))*\@[A-Za-z0-9]+((\.|-)[A-Za-z0-9]+)*((\.[A-Za-z][A-Za-z])|(\.[A-Za-z][A-Za-z][A-Za-z]))+$/

it will allow emails with 2/3 letter domain such as .com, .ca etc.

Worth:
Very worth reading

Length:
Just right

Technical:
Just right

Comments:
I think the explanation for topic was done in a very systematic manner...speaks volumes for the authors' view! Also, the actual (spatial layout, color, font etc) presentation of the topic for the end user like me, made it easy to move from one point to the other.

Worth:
Very worth reading

Length:
Just right

Technical:
Just right

Comments:
I think the explanation for topic was done in a very systematic manner...speaks volumes for the authors' view! Also, the actual (spatial layout, color, font etc) presentation of the topic for the end user like me, made it easy to move from one point to the other.
P.S: Out of curiosity, I tested to see if the validation for email talked about in the subject topic was being made use of here in this feedback form...and I noted that it wasn't! Why not put pracical use to the code right here?

Worth:
Worth reading

Comments:
Just saved me an hour's worth of coding. Thanks!

Worth:
Not worth reading

Comments:
This doesn't solve the problem at all! Anybody who has the brains to think of malicious code knows how to turn off JavaScript. Client-side scripting can NEVER replace server-side scripting when it comes to security. Server-side is the ONLY place where you can really protect yourself. Using JavaScript offers no protection whatsoever against anybody who knows what they're doing.

Worth:
Worth reading

Comments:
You aren't seriously suggesting JavaScript onSubmit checking to prevent malicious data, are you? While onSubmit can prevent wasting time with empty or poorly filled out forms, it is quite easy for those with malicious intent to submit whatever they want and bypass JavaScript. There is no substitute for server end CGI safety and to say otherwise is to invite dangerous security holes.

PS. SInce your ad banner took away the back button to my search, I will not be visiting your site anymore, nor will I remotely consider "Sprinks" for anything. If they need cheesy manipulation to keep me on the site rather than relying on good content and products, goodbye.

Worth:
Very worth reading

Comments:
thanx bud .. this is exactly what the doctor ordered ... been trying to understand this reg exp thingy a long time now ..ure article really clears up a helluva lot blanks in my knowledge.....
very good writing ... keep it up ..
thanx again
pete

Worth:
Worth reading

Comments:
Jason,

I saw your article at tech.irt.org, http://tech.irt.org/articles/js049/source.htm
Your article was very informative, the best of the articles I saw in a quick search of google on the
topic.

I am experiencing a bit of a problem with regexp however, in Internet Explorer 5.5. The code
below works in Netscape just fine. However, IE only processes the simple regexp expressions.

Can you test run and help explain why the "^" and "$" chars only work in NS not IE?

Your input would be greatly appreciated and it might serve as a good
future article too.

Thanks. Frank Koenen
=======================================================================

<html><head>
<script language='javascript1.2'>
cmp00008_dnames=new Array('_larry','_hx','_bad');
cmp00008_dvalues=new Array('Larry Smith','History is good.','Bad is Bad');

function cmp00008_dictionaryobject(){
this.names = cmp00008_dnames;
this.values = cmp00008_dnames;
this.expandwords = cmp00008_dictionaryexpandword;
}

function cmp00008_dictionaryexpandword(formname,fieldname){
//alert('hello from cmp00008_dictionaryexpandword formname='+formname+' fieldname='+fieldname);
var Obj=eval('document.'+formname+'.'+fieldname);
var Words=Obj.value;
var re='',i,m;
for(i=0;i<cmp00008_dnames.length;i++){
m=new RegExp(cmp00008_dnames[i]+' |'+cmp00008_dnames[i]+'\n| '+cmp00008_dnames[i]+'$|^'+cmp00008_dnames[i]+'$','g');
if(m.test(Words)){
re=m.compile(' '+cmp00008_dnames[i]+' ','g');Words=Words.replace(re,' '+cmp00008_dvalues[i]+' ');
re=m.compile(' '+cmp00008_dnames[i]+' ','g');Words=Words.replace(re,' '+cmp00008_dvalues[i]+' ');
re=m.compile('^'+cmp00008_dnames[i]+' ','g');Words=Words.replace(re,cmp00008_dvalues[i]+' ');
Words=Words.replace(cmp00008_dnames[i]+'\n',cmp00008_dvalues[i]+'\n');
Words=Words.replace(cmp00008_dnames[i]+'$',cmp00008_dvalues[i]);
Words=Words.replace('^'+cmp00008_dnames[i]+'$',cmp00008_dvalues[i]);
}
}
if(re!='')Obj.value=Words;
}

cmp00008_dictionary = new cmp00008_dictionaryobject();

</head>

// to call it<br>
<a href=javascript:void(0) onclick=cmp00008_dictionary.expandwords('ff','ta')>here</a>
<br>

// the form<br>
<form name="ff" method="post">
<textarea rows=100 cols=200 name="ta">what a _larry
No Yes _larry _larry _larry _hx hello
_larry x
_hx
This line larry_larry alone! x_hx too.
_larry _hx _larry</textarea>
<input type='hidden' name="cmp00008editmydictcmp000083b96945133498">
</form></html>

Comments:
The emailchecking is just plain wrong!
First: You can not check that an address is correct except trying to send mail to it and wait for an answer.

Second: The code that checks for a syntactically correct mailaddress flags syntactically correct addresses as invalid, for example the common syntax local+tag@domain or the address *@domain.
As it is very complicated to make a 100% correct check, why not make a check that should pass all valid (except uucp-style) and some invalid ones as well, your MTA must do the check for real anyway, so:

^.*@[^.]+(\.[^.]+)+$

Or one that obeys the KISS-principle:

.+

Worth:
Worth reading

Comments:
I recently discovered when dealing with some text in Portuguese that Internet Explorer 5.5 treats regular expressions slightly differently from Netscape 4.7. The former treats \w as equivalent to [0-9a-zA-Z], while the latter treats \w as equivalent to [0-9a-zA-Z\x81-\xff]. The extended range is where the special foreign characters are found.

Worth:
Worth reading

Comments:
I recently discovered when dealing with some text in Portuguese that Internet Explorer 5.5 treats regular expressions slightly differently from Netscape 4.7. The former treats \w as equivalent to [0-9a-zA-Z], while the latter treats \w as equivalent to [0-9a-zA-Z\x81-\xff]. The extended range is where the special foreign characters are found.

Worth:

Length:

Technical:

Comments:
The sample RegEx fails to permit apostrophe (') in the email address - for example, Joe.O'Brian@nta.org.uk - which IS valid, is rejected by the RegEx.....

Worth:
Worth reading

Length:
Just right

Technical:
Too technical

Comments:
Hi,

Greetings,

Sir, your explanation is too the point, easy to understand. Thanks

Regards
Ashish

©2018 Martin Webb