469,344 Members | 6,383 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,344 developers. It's quick & easy.

form validation using htmlspecialchars

hi guys,

I am writing a page to update database. I have being told to always scan every form input with functions trim(), htmlspecialchars() and stripslashes(). I don't know how to use these functions in javascript code. I have a javascript function 'checkForm'.

In the code below lines 11, 12, 13 don't work. Is it because eg stripslashes() is not a javascript function? What should I do to scan for corrupt input?

Thanks in advance

Here is my code

Expand|Select|Wrap|Line Numbers
  1. <form name="forms" method="post" onsubmit="return checkForm();" action="proc.php" id="myForm">
  3. <script language="JavaScript">
  4. function checkForm()
  5. {
  6.   var cName;
  7.   with(window.document.myForm) {
  8.     cName = tbxName;
  9.   }
  11.   cName.value = trim(cName.value);
  12.   cName.value = stripslashes(cName.value);
  13.   cName.value = htmlspecialchars(cName.value);
  15.   if (some test) {
  16.     alert("invalid name");
  17.     cName.focus();
  18.     return false;
  19.   }
  20. }
  21. </script>
  23. <input name="Name" type="text" id="tbxName" style="width:140px" class="textbox" />
  26. </form>
May 14 '14 #1
1 1947
5,390 Expert Mod 4TB
the methods you want to use are php-functions. if you want to use such methods clientside for input-modification then you have to reimplement them with the replace() method or using regExp for that purpose. besides that - its not safe to do those modifications clientside if you want to ensure that its always done before updating the DB with the values - you should use those methods in the php-code on the serverside.
Jun 6 '14 #2

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by daniel.boorn | last post: by
27 posts views Thread by Chris | last post: by
5 posts views Thread by lucyh3h | last post: by
2 posts views Thread by Sudhakar | last post: by
7 posts views Thread by DDragon | last post: by
1 post views Thread by CARIGAR | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.