Repost: Validation with JavaScript and SQL Server db vs. Array list values

K

Kermit Piper

Hello,

I know, using client-side validation to validate form data by looping
through a SQL Server table isn't the best way in terms of security.

But, is there a way to compare the form object value against
values in a flat file, like with arrays? I have a flat file of 1300
values I'd like to be able to use as a comparator against the value I
grab from the form to validate the input.

Thanks for any examples, help or suggestions,
KP
 
P

Peter

Can AJAX work for your requirements?
you can use cleint-side javascript to validate the form data, and use
ajax to compare them with the data in sql-server or server side
servlet, jsp.....

hope I didn't misunderstand what you want
 
K

Kermit Piper

Actually, what would suffice for me at this point would be to do the
form validation using text (data) file. I have a finite list of values
that I need to use to validate what users enter as a valid number. I
would like to simply put these numbers into a flat file (txt or csv)
and be able to use a javascript to use this file to compare the value
that the user entered with a match in the file. Is this possible, and
if so, can someone please show me an example.

Peter, could you show me or point me to an example of how I would be
able to implement AJAX into my struts framework?

Thanks,
KP
 
R

RobG

Kermit said:
Hello,

I know, using client-side validation to validate form data by looping
through a SQL Server table isn't the best way in terms of security.

But, is there a way to compare the form object value against
values in a flat file, like with arrays? I have a flat file of 1300
values I'd like to be able to use as a comparator against the value I
grab from the form to validate the input.

Probably the fastest way to validate a large number of values is to use
an Object object and have your 1300 values as properties of the object,
then use for..in, e.g.:


var validNames = {
name0001 :'',
name0002 :'',
name0003 :'',
...
name1299 :'',
name1300 :''
};

Then you can check:

if ( someEntry in validNames ){
// someEntry is valid
}


However you need to weigh up the time spent downloading the object to
the client vs the time that might be spend going back to the server and
validating there in the first place.

I have also successfully used an array where an index is created based
on the first character of each string, then use the first character of
the entered string to get the index. Loop through the array from that
point grabbing only the elements that match the entered text and present
them as options. Users then get an ever-diminishing list of options to
select.

Even with a poor distribution of first letters, the lookup loop is
usually still very fast.
 
R

RobG

Should have mentioned that my suggested method has zero security,
server-side validation will still be essential.


[...]
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top