Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
8  6975 
In message <49************ **************@ posting.google. com>, Eric
Linders <el********@hot mail.com> writes Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphon e1 = area code (3 digits)
businessphon e2 = prefix (3 digits)
businessphon e3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
--
Five Cats
Email to: cats_spam at uk2 dot net
"Five Cats" <ca*******@[127.0.0.1]> wrote in message
news:+U******** ******@[127.0.0.1]... Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give. My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
What you probably want is regular expression matching, but it's a fair bit
to learn. For example:
$string =
ereg_replace("( (http|https|rts p)://[^<>[:space:]]+[[:alnum:]/])","<a
href=\"\\1\">\\ 1</a>", $string);
turns all applicable plain-text web addresses in $string into HTML
hyperlinks, but as you can see, it's not pretty. There is a lot of info out
there and it is worth learning, however, as it's very powerful.
Whatever happens, you'll never stop duff data and you may lose genuine
requests by directing malformed input to a fake acceptance page. I don't
think the idea is a good one, personally, BUT something you should do is
check the validity of what the user has entered (i.e. an email address must
be in the form
[multiple a-z, 0-9, dot, dash or underscore] @ [multi. a-z, 0-9, dot, dash
or underscore] . [multi. a-z]
and phone numbers must contain so many digits) to catch genuine mistakes or
impossible data.
Rob
I noticed that Message-ID: <bs**********@w apping.cs.man.a c.uk> from Rob
Pridham contained the following: Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give.
In the UK and doubtless in other countries you may fall foul of the law
if you ask for too much information.
One of the data principles of the Data Protection Act is that
information must be adequate, relevant and not excessive.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
In message <8d************ *************** *****@4ax.com>, Geoff Berrow
<bl******@ckdog .co.uk> writes I noticed that Message-ID: <bs**********@w apping.cs.man.a c.uk> from Rob
Pridham contained the following:
Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give.
In the UK and doubtless in other countries you may fall foul of the law
if you ask for too much information.
One of the data principles of the Data Protection Act is that
information must be adequate, relevant and not excessive.
Glad to see I'm not alone. I wanted a download from a well-known site
yesterday which was asking for all sorts of data 'in order that we can
serve you better'. What tosh! More half-truths were entered and I have
my download - or to be more accurate my brothers download.
--
Five Cats
Email to: cats_spam at uk2 dot net el********@hotm ail.com (Eric Linders) wrote in message news:<49******* *************** ****@posting.go ogle.com>... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
Hi Eric,
For Phone Number validations you can efficiently use Regular
Expressions. In PHP it can be done very efficiently using PCRE.
Following is an example to check repetitive digits in phone numbers:
[SNIP]
$string = "3333-222-5555";
if(preg_match('/^([\d])\\1\\1\\1-([\d])\\2\\2-([\d])\\3\\3\\3$/',
$string))
echo "Invalid";
else
echo "Valid";
[/SNIP]
You can even check for consecutive digits by using string functions
with PCRE.
Following is a function which validates phone number according to your
requirements:
[SNIP]
$ph = "3433-232-5565";
if(validatePhon eNumber($ph))
echo "Valid";
else
echo "Invalid";
function validatePhoneNu mber($string)
{
if(strlen($stri ng) != 13 )
return false;
if(! preg_match("/([\d]{4,4})-([\d]{3,3})-([\d]{4,4})/",$string,$matc hes))
return false;
$fchar = $matches[1]{0};
if(preg_match("/^[$fchar]{4,4}$|^".$fcha r.($fchar+1).($ fchar+2).($fcha r+3)."$/",$matches[1]))
return false;
$fchar = $matches[2]{0};
if(preg_match("/^[$fchar]{3,3}$|^".$fcha r.($fchar+1).($ fchar+2)."$/",$matches[2]))
return false;
$fchar = $matches[3]{0};
if(preg_match("/^[$fchar]{4,4}$|^".$fcha r.($fchar+1).($ fchar+2).($fcha r+3)."$/",$matches[3]))
return false;
return true;
}
[/SNIP]
You can add more patterns to Regular Expression with pipe | operator.
Hope it will help...
-- Rahul
Here's the regexp that looks for the pattern you described:
preg_match("/(\\d)\\1{2}-(\\d)\\2{2}-(\\d)\\3{3}/", $n)
A better strategy is to get a list of all US and Canadian area codes on the
net and check to see if what the user entered is on it.
Uzytkownik "Eric Linders" <el********@hot mail.com> napisal w wiadomosci
news:49******** *************** ***@posting.goo gle.com... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric el********@hotm ail.com (Eric Linders) wrote in message news:<49******* *************** ****@posting.go ogle.com>... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much. http://www.weitz.de/regex-coach/
--
"Success = 10% sweat + 90% tears"
Email: rrjanbiah-at-Y!com
In message <na************ ********@comcas t.com>, Chung Leong
<ch***********@ hotmail.com> writes Here's the regexp that looks for the pattern you described:
preg_match("/(\\d)\\1{2}-(\\d)\\2{2}-(\\d)\\3{3}/", $n)
A better strategy is to get a list of all US and Canadian area codes on the
net and check to see if what the user entered is on it.
That doesn't stop them entering a number which is not theirs to go with
the code.
I stick to my original view - unless there is an actual *reason* for
wanting to contact the person by phone (instead of email) why bother
collecting a phone number? And in most cases there is *no* valid
reason. The only I can think of is where stuff is being ordered over
the Internet. Otherwise I believe it's straight into nosy-parker
country.
<snip>
--
Five Cats
Email to: cats_spam at uk2 dot net This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: yawnmoth |
last post by:
say i wanted to match a string to a regular expression, but i was only
given the string one character at a time.
one way to do this would be to evaluate the most recently submitted
character along with every previously submitted character, however,
that way seems like it would be unnecessarily inefficient.
another way i can see of doing this would be to have a function that
can access the previous state and return the state that the...
|
by: Stefan Richter |
last post by:
Hi, after coding for days on stupid form validations -
Like:
strings (min / max length), numbers(min / max value), money(min / max
value), postcodes(min / max value), telefon numbers,
email adresses and so on.
I thought it might be a better way to programm an automated, dynamic
form validation that works for all kinds of fields, shows the
necessary error messages and highlights the coresponding form fields.
|
by: Eddie |
last post by:
I have a form that's used to sort a series of items. The form has a number
of text fields. Each text field should contain a number. When the form is
submitted I would like to do two things:
1. Verify that only numbers are entered in each text field.
2. Verify that there are no duplicate entries in any text field.
So each field should be a unique number. Another thing complicating this is
that I do not know how many fields I will...
|
by: Drew |
last post by:
I've already created a simple method of ensuring that all form feilds
are filled out before the form is submitted to an ASP page for records
to be added to the data base.
(Sorry about the formating, my newsreader may make it a mess!)
<script language="javascript">
<!--
function Check(form)
{
|
by: VB Programmer |
last post by:
Does anyone have any VB.NET functions which validate an email address?
Could you post it? I would like it to do as much as the regular expression
validator if possible.
Thanks in advance!
| | |
by: JIM.H. |
last post by:
Hello,
I have this validation expression:
^(?:(?:0?|1)|(?:0?|11)(?!\/31)|(?:0?2)(?:(?!\/3|\/29\/(?:(?:0||)00|(?:\d{2}(?:0||))))))\/(?:0?||3)\/\d{4}$
This is supposed to match MM/DD/YYYY it is working in all computer except
one in our office. What is problem?
Thanks,
Jim.
|
by: Mika M |
last post by:
Simple question: Does Framework (1.1) contain any routine to check entered
email-address is valid ?
It's quite easy to make own code for that purpose, but why to do if
Framework (1.1) contain this kind of routine.
--
Thanks in advance!
Mika
|
by: FayeC |
last post by:
Can anybody point me to a good tutorial/manual on advanced server-side
form validation including validation of fields against unwanted
strings such as the use of "http://".
Thank you in advance,
FayeC
|
by: Rik |
last post by:
Hello guys,
now that I'm that I'm working on my first major 'open' forms (with
uncontrolled users I mean, not a secure backend-interface), I'd like to add
a lot of possibilities to check wether certain fields match certain
criteria, and inform the user in different ways when the data is wrong
(offcourse, this will be checked on posting the data again, but that's
something I've got a lot of experience with).
Now, offcourse it's...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
