Form Validation Redux

[r0adhog]

First off wanted to that all that replied to my previous questions, you were
much help.

Had a couple of general questions.

Why has everyone suggested not using VB Script on the Client Side?

Secondly, I have decided to do my validation on the processing page.
If a field on the form does not meet the validation rules, I am able to
redirect back to the sending page. How do I do this so that the sending
page retains the values that the Client had previously put in so that he
only
needs to correct the fields that are not valid?

Thanks for helping out the nuuubeeeee.....

rh

 

[TomB]

VBScript on the client, only works in IE....as far as I know.

For the second thingy, I will often post to the same page.....

Example.asp

<%
Dim sUser
Dim sPass

sUser=Request.Form("user")
sPass=Request.Form("pass")
'VALIDATION CODE HERE.......

%>

<form method=post action=Example.asp>
Username:<input name="user" value="<%=sUser%>"><br>
Password:<input name="pass" value="<%=sPass%>"><br>
<input type=submit value="submit">
</form>


Note that the action is set to Example.asp the same name as the current
page.

 

[Ray at]

Why has everyone suggested not using VB Script on the Client Side?

Because Internet Explorer is the only browser that supports it. Even if
you're working on an intranet and you know that all your visitors are using
IE, it's still highly ill-advised to use VBS. One day your intranet will
become an extranet, and then you'll have to recode it all. If you don't
know javascript, bite the bullet and learn enough to get by with what you
have to do.

Secondly, I have decided to do my validation on the processing page.
If a field on the form does not meet the validation rules, I am able to
redirect back to the sending page. How do I do this so that the sending
page retains the values that the Client had previously put in so that he
only
needs to correct the fields that are not valid?

There are a number of ways. One is to post the form to the same page that
it's on.

form.asp:

<%
If request.serverVariables("REQUEST_METHOD") = "POST" Then
'''do your thing
End If
%>

<form method="post" action="form.asp">
<input name="txtName"
value="<%=Server.HTMLEncode(Request.Form("txtName"))%>" type="text" />
</form>

If the form is being loaded for the first time, REquest.Form("txtName") will
be empty, so you'll have an empty value. If the form has been submitted and
you're redisplaying it because of failed validation, anything the user had
previously entered in that textbox will be pulled from the form collection
and displayed in it.


If you don't want to post to the same page, you can set the values in
session variables and pull from them. The first method is easier, but then
you wind up having pages that can't be refreshed without the "Warning. By
refreshing this page, any data you submitted will be sent again..." or
whatever that browser warning is.

Ray at work

 

[r0adhog]

Thanks again folks!

rh

 

[Roland Hall]

in message : Secondly, I have decided to do my validation on the processing page.
: If a field on the form does not meet the validation rules, I am able to
: redirect back to the sending page. How do I do this so that the sending
: page retains the values that the Client had previously put in so that he
: only needs to correct the fields that are not valid?

I prefer to use client-side validation, no matter where I post to (same page
or different page). Unless you need information from the server, there's no
need to make that trip.

-- mypage.asp --

<script type="text/javascript">
function validate() {
var ename=document.getElementById("iname");
if(!ename.value) {
alert("Please enter your name");
ename.focus();
return false;
} else {

document.myform.action="<%=Request.ServerVariables("SCRIPT_NAME")%>";
document.myform.submit();
}
}
</script>

<form name="myform" method="post" onsubmit="return validate()">
What is your name?<br />
<input type="text" id="iname" name="iname" value="" /><br />
<input type="submit" value="Submit" />
</form>

HTH...

 

[TomB]

You should always do both, it's easy to spoof a form. Also, not all clients
support javascript.

 

[Dave Anderson]

You should always do both, it's easy to spoof a form. Also, not all
clients support javascript.

You should certainly always do the server-side validation, but there is no
compelling reason to require the client-side type.



--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.

 

[Ray at]

You should certainly always do the server-side validation, but there is no
compelling reason to require the client-side type.

If nothing else, it's certainly much quicker to see an alert('Please enter a
valid whatever') than to wait for the form to post and the page to reload
with the validation message.

Personally, I don't do client-side validation, but I see why people would.

Ray at home

 

[Roland Hall]

in message : You should always do both, it's easy to spoof a form. Also, not all
clients
: support javascript.

On the server-side I validate that the form is submitted from only the page
intended and not from another site but data is already validated at that
point and of course you weed out the SQL injection attempts but that's not
really validating, is it?

 

[TomB]

I was just responding to the previous post, trying to indicate that
client-side only was not sufficient.

 

[Jeff Cochran]

You should certainly always do the server-side validation, but there is no
compelling reason to require the client-side type.

4 Million forms a day, times two-three trips to the server...

Jeff

 

[Dave Anderson]

4 Million forms a day, times two-three trips to the server...

I guarantee Amazon does more round trips a day than you do, and I've never
run into client-side validation on their site. Compelling? I think it
stretches the word. Required? Absolutely not.



--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.

 

[Free Music Downloads]

Free Music Downloads

http://www.manifestingpower.com/seo/music.html

Free Mp3 Music Download

All Free Music Downloads Download Games VIdeos are very authentic looking. Free Music Downloads is one of todays most popular styles! Please take a look at our Free Music Downloads Download Games VIdeos and you will see that our Free Mp3 Music Downloads are the highest quality Free Mp3 Music Download Games VIdeos availiable! We are selling Free Mp3 Music Downloads daily! Get your Free Mp3 Music Download while supplies last. All of our Free Mp3 Music Download are made of the same material as authentic Free Mp3 Music Download. Our Free Mp3 Music Download is truly amazing. We carry the hardest to get Games VIdeos and the most popular styles. Our Free Mp3 Music Download are 100% exact.. All of our Games VIdeos knockoffs and Free Mp3 Music Download knockoffs have all correct markings. We are proud to offer exclusive grade Games VIdeos Free Music Download Downloads. We offer the most exact fake Free Music Download. Our exclusive grade Games VIdeos s can not be found elsewhere. These are the most exact Free Mp3 Music Download knockoffs you will ever see. We don't just claim to offer the best fake Free Mp3 Music Download, we guarantee we offer the best and most exact fake Free Mp3 Music Download. We have many styles to offer Suhali, dalmation, and many other fake Free Music Downloads Games VIdeos Games VIdeos . We have the highest quality Downloads on the web! Affordable prices, great service, and a Satisfaction Guarantee make free-mp3-music-download.com the right choice for all of your Games VIdeos Download needs! Buy one today for a gift, for a friend, or for YOURSELF! You deserve Games VIdeos quality at an affordable price, thats why we started ExactGames VIdeos .com! All of the Free Mp3 Music Download knockoffs in our site come with a satisfaction guarantee. Please take your time and look at all the Games VIdeos we have to offer. We have something for everyone. We are sure you will love the perfect quality of our Free Music Downloads. Most of the Download fake Games VIdeos Games VIdeos we offer even have a serial number and every single detail you can think of.

Free Music Downloads
Free Mp3 Music
Free Music Download
Free Mp3 Music Download


Free Mp3 Music Download Games VIdeos

Free Mp3 Music Download and Download Free Mp3 Music Games


http://www.manifestingpower.com/seo/music.html

Free Music Downloads

Posted via DevelopmentNow.com Groups
http://www.developmentnow.com