Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
8  6960 
In message <49**************************@posting.google.com >, Eric
Linders <el********@hotmail.com> writes Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
--
Five Cats
Email to: cats_spam at uk2 dot net
"Five Cats" <ca*******@[127.0.0.1]> wrote in message
news:+U**************@[127.0.0.1]... Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give. My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
What you probably want is regular expression matching, but it's a fair bit
to learn. For example:
$string =
ereg_replace("((http|https|rtsp)://[^<>[:space:]]+[[:alnum:]/])","<a
href=\"\\1\">\\1</a>", $string);
turns all applicable plain-text web addresses in $string into HTML
hyperlinks, but as you can see, it's not pretty. There is a lot of info out
there and it is worth learning, however, as it's very powerful.
Whatever happens, you'll never stop duff data and you may lose genuine
requests by directing malformed input to a fake acceptance page. I don't
think the idea is a good one, personally, BUT something you should do is
check the validity of what the user has entered (i.e. an email address must
be in the form
[multiple a-z, 0-9, dot, dash or underscore] @ [multi. a-z, 0-9, dot, dash
or underscore] . [multi. a-z]
and phone numbers must contain so many digits) to catch genuine mistakes or
impossible data.
Rob
I noticed that Message-ID: <bs**********@wapping.cs.man.ac.uk> from Rob
Pridham contained the following: Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give.
In the UK and doubtless in other countries you may fall foul of the law
if you ask for too much information.
One of the data principles of the Data Protection Act is that
information must be adequate, relevant and not excessive.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
In message <8d********************************@4ax.com>, Geoff Berrow
<bl******@ckdog.co.uk> writes I noticed that Message-ID: <bs**********@wapping.cs.man.ac.uk> from Rob
Pridham contained the following:
Personally I wonder why so many forms want my phone number. It's so
easy to give a false one without using this kind of pattern, and I am
getting enough junk phone calls already. The only case where I can
think it's reasonable is where I am actually ordering something on the
Internet. Otherwise I consider it a form of nosiness and do give false
ones all the time.
I agree with this. Everyone should think more carefully about what
information they need to ask for, and what they need to give.
In the UK and doubtless in other countries you may fall foul of the law
if you ask for too much information.
One of the data principles of the Data Protection Act is that
information must be adequate, relevant and not excessive.
Glad to see I'm not alone. I wanted a download from a well-known site
yesterday which was asking for all sorts of data 'in order that we can
serve you better'. What tosh! More half-truths were entered and I have
my download - or to be more accurate my brothers download.
--
Five Cats
Email to: cats_spam at uk2 dot net el********@hotmail.com (Eric Linders) wrote in message news:<49**************************@posting.google. com>... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric
Hi Eric,
For Phone Number validations you can efficiently use Regular
Expressions. In PHP it can be done very efficiently using PCRE.
Following is an example to check repetitive digits in phone numbers:
[SNIP]
$string = "3333-222-5555";
if(preg_match('/^([\d])\\1\\1\\1-([\d])\\2\\2-([\d])\\3\\3\\3$/',
$string))
echo "Invalid";
else
echo "Valid";
[/SNIP]
You can even check for consecutive digits by using string functions
with PCRE.
Following is a function which validates phone number according to your
requirements:
[SNIP]
$ph = "3433-232-5565";
if(validatePhoneNumber($ph))
echo "Valid";
else
echo "Invalid";
function validatePhoneNumber($string)
{
if(strlen($string) != 13 )
return false;
if(! preg_match("/([\d]{4,4})-([\d]{3,3})-([\d]{4,4})/",$string,$matches))
return false;
$fchar = $matches[1]{0};
if(preg_match("/^[$fchar]{4,4}$|^".$fchar.($fchar+1).($fchar+2).($fchar+3). "$/",$matches[1]))
return false;
$fchar = $matches[2]{0};
if(preg_match("/^[$fchar]{3,3}$|^".$fchar.($fchar+1).($fchar+2)."$/",$matches[2]))
return false;
$fchar = $matches[3]{0};
if(preg_match("/^[$fchar]{4,4}$|^".$fchar.($fchar+1).($fchar+2).($fchar+3). "$/",$matches[3]))
return false;
return true;
}
[/SNIP]
You can add more patterns to Regular Expression with pipe | operator.
Hope it will help...
-- Rahul
Here's the regexp that looks for the pattern you described:
preg_match("/(\\d)\\1{2}-(\\d)\\2{2}-(\\d)\\3{3}/", $n)
A better strategy is to get a list of all US and Canadian area codes on the
net and check to see if what the user entered is on it.
Uzytkownik "Eric Linders" <el********@hotmail.com> napisal w wiadomosci
news:49**************************@posting.google.c om... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much.
- Eric el********@hotmail.com (Eric Linders) wrote in message news:<49**************************@posting.google. com>... Hi,
I'm trying to figure out the most efficient method for taking the
first character in a string (which will be a number), and use
it as a variable to check to see if the other numbers in the string
match that first number. I'm using this code for form validation of a
telephone number.
Previous records from the past few months show that when someone is
just messing around on one of our forms (to waste our time), they type
in a phone number like "555-555-5555" or "111-222-3333". Our Web forms
have three text boxes for each telephone number:
homephone1 = area code (3 digits)
homephone2 = prefix (3 digits)
homephone3 = suffix (4 digits)
businessphone1 = area code (3 digits)
businessphone2 = prefix (3 digits)
businessphone3 = suffix (4 digits)
My plan is to check for this pattern, then if I find it, just redirect
the user to the thank you page so they'll think the form was
processed, when it actually wasn't.
As we find additional patterns that people use for malicious data,
I'll enter those as well (e.g., 123-123-1234)
Also, if you see any tutorials, or articles that talk about "real
world" form validation please point me to them. I've been looking for
references for form-based validation logic that takes real world dummy
data into account, but haven't found much. http://www.weitz.de/regex-coach/
--
"Success = 10% sweat + 90% tears"
Email: rrjanbiah-at-Y!com
In message <na********************@comcast.com>, Chung Leong
<ch***********@hotmail.com> writes Here's the regexp that looks for the pattern you described:
preg_match("/(\\d)\\1{2}-(\\d)\\2{2}-(\\d)\\3{3}/", $n)
A better strategy is to get a list of all US and Canadian area codes on the
net and check to see if what the user entered is on it.
That doesn't stop them entering a number which is not theirs to go with
the code.
I stick to my original view - unless there is an actual *reason* for
wanting to contact the person by phone (instead of email) why bother
collecting a phone number? And in most cases there is *no* valid
reason. The only I can think of is where stuff is being ordered over
the Internet. Otherwise I believe it's straight into nosy-parker
country.
<snip>
--
Five Cats
Email to: cats_spam at uk2 dot net This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: yawnmoth |
last post by:
say i wanted to match a string to a regular expression, but i was only
given the string one character at a time.
one way to do this would be to evaluate the most recently submitted
character...
|
by: Stefan Richter |
last post by:
Hi, after coding for days on stupid form validations -
Like:
strings (min / max length), numbers(min / max value), money(min / max
value), postcodes(min / max value), telefon numbers,
email...
|
by: Eddie |
last post by:
I have a form that's used to sort a series of items. The form has a number
of text fields. Each text field should contain a number. When the form is
submitted I would like to do two things:
...
|
by: Drew |
last post by:
I've already created a simple method of ensuring that all form feilds
are filled out before the form is submitted to an ASP page for records
to be added to the data base.
(Sorry about the...
|
by: VB Programmer |
last post by:
Does anyone have any VB.NET functions which validate an email address?
Could you post it? I would like it to do as much as the regular expression
validator if possible.
Thanks in advance!
|
by: JIM.H. |
last post by:
Hello,
I have this validation expression:
^(?:(?:0?|1)|(?:0?|11)(?!\/31)|(?:0?2)(?:(?!\/3|\/29\/(?:(?:0||)00|(?:\d{2}(?:0||))))))\/(?:0?||3)\/\d{4}$
This is supposed to match MM/DD/YYYY it is...
|
by: Mika M |
last post by:
Simple question: Does Framework (1.1) contain any routine to check entered
email-address is valid ?
It's quite easy to make own code for that purpose, but why to do if
Framework (1.1) contain...
|
by: FayeC |
last post by:
Can anybody point me to a good tutorial/manual on advanced server-side
form validation including validation of fields against unwanted
strings such as the use of "http://".
Thank you in advance,...
|
by: Rik |
last post by:
Hello guys,
now that I'm that I'm working on my first major 'open' forms (with
uncontrolled users I mean, not a secure backend-interface), I'd like to add
a lot of possibilities to check wether...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
