TextBox validation using regex

103 100+

Hi,

I am trying to check whether the textbox contains single quote,double quote and < and > symbols.

I got the regex to check all the requirements.
its as shown below.

str=(document.getElementById('txtEnter')).value;

str.match(/([\<\])(1,))* ([\>])/)==null (for checking < and > symbol)

str.match(["'"])==null (for checking single quote)

and

str.match(['"'])==null) (for checking double quotes.)

Now i give all these conditions as

if(str.match(/([\<\])(1,))* ([\>])/)==null && str.match(["'"])==null && (str.match(['"'])==null))

alert("error");

else
alert("no error");

It works fine.

In the above code i used str.match() three times. I need to use str.match() only one time and need to check whether the textbox contains < or > or single quote or double qoute.

Please help me..

Thanks in Advance.

Mathew.

Oct 2 '08 #1

Follow Post Reply

3257

gits

5,390

Expert Mod 4TB

here is a short example ... you may just use the | for the OR :)

Expand|Select|Wrap|Line Numbers

 var s = 'fo\'o';
 
alert(/[<]|[>]|[']|["]/g.test(s));

kind regards

PS: and please use the code-tags when posting source code.

Oct 2 '08 #2

rnd me

427

Expert 256MB

if you are trying to remove html, you'd better be a lot more thoughtful than the regexps i see posted unless you also validate on the server.

there's more than one way to say <script, onclick="alert('bad')", etc...

check out the xss cheatsheet for more info.

Oct 2 '08 #3