Results 1 to 14 of 14
  1. #1
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Javascript Validation Library?

    This is more of a SW needs/wants but I thought I'd check with you guys first.

    Is there a publically available library of functions that can reformat a web form text box like Access's input masks? For example, (555) 123-4567 for phone number, 09:54 PM for short time, etc.? Ideally, these functions should be invoked by OnBlur()

    Thanks!

    sps

  2. #2
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Indianapolis, Indiana, USA
    Posts
    1,862
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    Steve - look for .HTC files from Microsoft. This provides similar functionality. You simply assign a style to the desired field, then assign a behavior to the style (which points to the HTC file). The HTC file is just encapsulated javascript that runs on the OnBlur() event.

    I've got an example of this at work. I'll try to get it posted later today.

  3. #3
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    i went to microsoft.com and it seems .HTC files are part of commerce server, so you'd have to purchase that to get the functionality? also MS says this .HTC files use DHTML, which is great, but I have limited control over the web server I will be developing for and even less for end users. To the extent that I rely on Javascript for validation (a lot) I do have a setting to redirect people who don't have scripting enabled so they can't use the form, but that's as restrictive as I'd like to be.

    my experience with using OnBlur() is it doesn't work very well: sometimes it fires, sometimes it doesn't. I suppose that is because I am doing something illegal in Javascript (not hard to do) but I feel dubious about OnBlur(). Does it depend on the user tabbing out of the control to fire? If so, I simply cannot use it. I really depend on the validation code to make sure data gets thru, and not a mysterious ASP error, and I need to use the simplest, most reliable techniques to do that.

    If you have some advise on OnBlur() that might restore my confidence in it, I'd really appreciate it, as I like the idea of an error being caught early rather than on submit. I can live with the error-checking at the submit point also, but it's not, darn it, it's not elegant. <img src=/S/blackteeth.gif border=0 alt=blackteeth width=20 height=20>

  4. #4
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Indianapolis, Indiana, USA
    Posts
    1,862
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    Hi Steve,

    After re-reading your posts, I realized that I've misunderstood your request. When I saw "input mask" I thought of the Input Mask feature in Access that displays formatting characters for various number-based field types (like phone numbers, dates, postal codes, etc). I now see that you're asking about data validation.

    While the thought is fresh in my mind, let me address the HTC file technique. This is a way to easily apply formatting characters to phone numbers, dates, postal codes and more. Your are correct, however, in that this technique requires an upper-level browser (4.0+, I think). Since my audience was fairly small and controlled, I was able to implement this with no problems. I have not tested this in lower-level browsers, so you may want to do that before attempting to implement for a wider audience.

    Here's how to use it:
    - Remove the txt extension from the attached file (making it mask_js.htc)
    - Place this file in your web (preferably in the same folder as your CSS file)
    - Add a CSS class like the following: .mask { behavior: url( "mask_js.htc" ); }
    (Note: the names are not important, but if you modify the names be sure the references match)
    - Add the following attributes to your INPUT Textbox element: class="mask" preset="phone"
    - After tabbing away from the textbox, the appropriate characters will automatically be added to the data in the field.

    Notes:
    - The following presets are included in this HTC file: shortdate, mediumdate, longdate, currency, percent, phone, zip
    - You can easily modify any of these items by changing the javascript function within the HTC file.

    Now to your original question of data validation. I normally use Server-side validation, even with ASP.NET. It may not be as immediate as client-side, but it removes any questions of browser versions or whether javascript is enabled. That's not to say that client-side functionality is not to be used, but that I choose to stay away from it for critical data validation.

    Hope this helps!
    Attached Files Attached Files

  5. #5
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    thanks for the .htc file. I'll bash on it later.

    this is going to strike you as a stoopid question, but what is server-side validation? some kind of filter on reciept of a page? how does one set this up? i develop on a webserver but post the files to a remote machine that I don't want to demand much from.

    thnx

    sps

  6. #6
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Indianapolis, Indiana, USA
    Posts
    1,862
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    Steve,

    Server-side validation is normally accomplished by posting a page back to itself and checking the input. If it's valid, the processing occurs; if not, the original page is displayed with necessary error messages.

    A perfect example would be logging into a restricted website (like this one). If the username/password are valid, the user is taken into the site. Otherwise, an error is displayed. All of the logic exists on the server side - not through javascript.

    As I recall, you're using Classic ASP. There are some powerful pre-built validation components in ASP.NET that take all of the work out of validation. It's very powerful and I'm spoiled from using them so much! You might consider looking into these...

    Hope this helps...

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Javascript Validation Library?

    Here's another take: all of the validation you do in the browser that matters needs to be redone on the server. Attackers use special proxies to intercept HTTP POST packets and substitute invalid or oversized data to see if they can crack your application. Any parameters passed through to the database are particularly critical.

  8. #8
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Indianapolis, Indiana, USA
    Posts
    1,862
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    I agree!

    Another security technique I've learned is to do as much interaction with the database (assuming SQL Server) as possible via Stored Procedures. This adds an additional layer of security and error-handling, which is especially helpful in case of SQL-Insertion hackers...

  9. #9
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    can you give me a less abstract description of server-side validation? I use Javascript to test the contents of a webform before committing a SUBMIT to make sure the data being passed is appropriate (for data types mostly; also I screen for apostrophese in text boxes). I am also using Access as the backend. So, basically my setup is:

    IIS, plain vanilla HTML, ASP Classic, Javascript and SQL to Access.

    I build the Javascript validation into the form and attach it to onsubmit="return [script results]"; if return = false submission does not occur. this is, I suppose, client-side validation since the data doesn't leave the client form. I'd think server-side validation takes the POST string and runs it thru some hoops before sending to the db. how does that happen? if part of the POST fails but not all of it, does server-side commit some of the data to the db and send a message back to the client asking for more info? or does the entire POST fail with a message to the client? and how is a 'client' defined? via a SessionID object, for example? I have opted to design webforms without using SessionID at all; just an initial unique ID from the db created in an initial submit rather than use SessionID. <img src=/S/spook.gif border=0 alt=spook width=15 height=15>

  10. #10
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Indianapolis, Indiana, USA
    Posts
    1,862
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    Here's an example of the server-side logic:

    - User enters data (including some bad data - such as alpha characters in a date field)
    - User submits form (Form is posted to itself)
    - Upon receiving the post, the ASP page first identifies that the page is posted back to itself (perhaps using a hidden form variable)
    - ASP Script checks the various form items against validation logic (such as data-type checks, or making sure the value is entered at all)
    - If all validatio requirements are successfully met then the Insert/Update processing is done
    - If any validation requirement fails, the page is re-displayed with some message to the user indicating what items need attention
    - The process can occur as many times as it takes to receive valid input from the user

    Hope this helps!

  11. #11
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Javascript Validation Library?

    Let's suppose you are checking name input on the client side to make sure it fits into your predefined data field length. Check again after the page is posted using the same kind of code. If any one of your validation checks fails on the server side, I would return the page to the user insisting that the problem be corrected rather than do any partial operations.

    As for the mechanics of how to code it, I probably would use a different page and have the user go "back" in the browser. Mark's approach of re-using the page probably is more efficient and less trouble prone than relying on the back button, particularly if the browser is inclined to flush all the previously entered data, but I think I would find it harder to code because there are many scenarios to consider when writing the ASP code.

  12. #12
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    One thing I'm going to look into is using .HTC files to perform standard validations. One big issue really is how one goes about implementing a validation toolbox: javascript is the usual technique, and I've been using that, but I'd like to have some way to reliably access 'onblur()' if possible rather than waiting for the user to click the submit button. I have the feeling onblur depends on tabbing out of a control; if that's the case I won't use it. Another item on my wishlist is to be able to emulate Access-type input masks to make it even more obvious to the user the expected format for a contol -- and the .HTC approach is supposed to do that (haven't gone there yet).

    I am getting a bit better at wrestling with javascript, so I may end up with a library of validation code that I can use now and in the future. One of my concerns in web development is not to depend on much at all from the end-user. using javascript demands that active scripting be turned on, and that's fine. if HTC files demand higher-level browsers and customization of the webserver I won't bother.

    At this time I am in the early stages of the project so I probably won't visit validation for a couple of days yet... I like to elimate problems by using drop-downs wherever possible, so perhaps when things start to jell a little more the validation issues won't be quite as hairy as they seem to be now.

    BTW, have you had this experience:

    I set up Access to have fairly strong data-typing. I massage the input stream for a POST and eventually things get written in fine. Walk away, come back, and Access is hyper-finicky again. I can get around it by settings *everything* to text, but that's obviously a kludge. Do you know why Access might revert to extreme pickinness? I went ahead and set up referential integrety on my tables and was wondering if that might have anything to do with it?

  13. #13
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Javascript Validation Library?

    onblur() almost certainly means that the user moved focus away from the control, whether by tabbing or clicking, so you are somewhat limited there.

    Can't help with the Access question, sorry.

  14. #14
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    austin, Texas, USA
    Posts
    1,029
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Javascript Validation Library?

    HTC rocks!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •