input-validation

Input Validation - What are some top issues to look out for, and lessons you have learned?

When working on applications that are heavy on user input, or even ones that are not; what are the biggest issues that you have encountered? What are the steps that you generally take to ensure that the input is real and accurate? What are some lessons that you have learned in regards to input validation that you wish you had known about...

Validate numbers in JavaScript - IsNumeric()

What's the cleanest, most effective way to validate decimal numbers in JavaScript? Bonus points for: Clarity. Solution should be clean and simple. Cross-platform. Test cases: 1. IsNumeric('-1') => true 2. IsNumeric('-1.5') => true 3. IsNumeric('0') => true 4. IsNumeric('0.42') => true 5. Isnumeric('.42') => true 6. IsNUmeric(...

Effective way to notify user of input validation failures in an editable table

Im looking for ideas on how to effectively notify users that their input into an editable table is invalid. For example, if one column of a table represents an American zip code and the user enters in the zip code "85rr3" into a cell, how would you notify the user of the issue? ...

is filter_var sufficient to sanitise integer input for php-based mysql queries?

I've never liked wrapping the mysql_real_escape_string function around input I expect to be integer for inclusion in a mysql query. Recently I came across the filter_var function. Nice! I'm currently using the code: if (isset($idUserIN) && filter_var($idUserIN, FILTER_VALIDATE_INT) && 0 < filter_var($idUserIN, FILTER_...

How much input validation should I be doing on my python functions/methods?

I'm interested in how much up front validation people do in the Python they write. Here are a few examples of simple functions: def factorial(num): """Computes the factorial of num.""" def isPalindrome(inputStr): """Tests to see if inputStr is the same backwards and forwards.""" def sum(nums): """Same as the built-in sum(...

Why are Exceptions said to be so bad for Input Validation?

I understand that "Exceptions are for exceptional cases" [a], but besides just being repeated over and over again, I've never found an actual reason for this fact. Being that they halt execution, it makes sense that you wouldn't want them for plain conditional logic, but why not input validation? Say you were to loop through a group of...

Binding IDataErrorInfo to window IsEnabled button property

I have a WPF sub window with some input controls that the user has to correctly fill before pressing Ok button. I have already implemented the interface IDataErrorInfo to validate all properties bound to UI Controls. Now I would like that the IsEnabled property of Ok button is True only if ALL controls are valid, otherwise it has to be...

Validate sprintf format from input field with regex

I have an input field where both regular text and sprintf tags can be entered. Example: some text here. %1$s done %2$d times How do I validate the sprintf parts so its not possible them wrong like %$1s ? The text is utf8 and as far as i know regex only match latin1 characters. www.regular-expressions.info doesnt list /u anywhere, which...

WYSIWYG textarea component security

Really my question has more to do with the server-side scrubbing of html that's accepted via the WYSIWYG form component. Right now I'm leaning toward using htmlpurifier.org's library. I'm using php strip_tags() function elsewhere. Anyone have an advice/preferences/recommendations? ...

Need a regex to match a variable length string of numbers that can't be all zeros

I need to validate an input on a form. I'm expecting the input to be a number between 1 to 19 digits. The input can also start with zeros. However, I want to validate that they are not all zeros. I've got a regex that will ensure that the input is numeric and between 1 and 19 numbers. ^\d[1,19]$ But I can't figure out how to include a...

What is the best way to do input validation in C++ with cin?

My brother recently started learning C++. He told me a problem he encountered while trying to validate input in a simple program. He had a text menu where the user entered an integer choice, if they entered an invalid choice, they would be asked to enter it again (do while loop). However, if the user entered a string instead of an int, t...

Reset an input control's border color (HTML/Javascript)

Does anyone know how to reset the border color of an input control once you have modified it using javascript? Useful for validation by highlighting fields that have incorrect or invalid data in them etc. E.g. changing the border: document.getElementById('myinput').style.border = '1px solid red'; how to reset? the next line just re...

PHP Input validation for a single input for a url.

I have this very simple script that allows the user to specify the url of any site. The the script replaces the url of the "data" attribute on an object tag to display the site of the users choice inside the object on the HTML page. How could I validate the input so the user can't load any page from my site inside the object because I h...

Keep value in html input box below set amount

I have in input box that can only contain numerical values (with use of this plugin). Now I want the input to be below, say 90. If a value is entered that exceeds this max cap or cannot be parsed, the previous value should be inserted. By default, the box will contain "1". <input id="targetQuantity" name="targetQuantity" type="text" val...

jQuery AlphaNumericPlugin - Copy Paste Issue

I am using the .alphanumeric plugin for jQuery which is certainly doing what I would expect as users type directly into the textbox. But, if a user were to copy and paste a value into the text box, all bets are off. $("#<%= txtNumber.ClientID %>").alphanumeric({allow:"-"}); I can certainly do this: $(document).ready(function() { ...

Validating Class Data

In my app, I am creating a series of validation classes to check, for example, that a user entered Name property of the class (from a WinForm) doesn't exceed the size of the varchar() in the database. Currently, the validation code will throw a custom Exception if the Name field is too large. (The custom exception, when caught by the UI...

javascript regexp, validating date problem

Hi there, I have some code for validating date below: function validateForm() { var errFound = 0; //var patt_date = new RegExp("^((((19|20)(([02468][048])|([13579][26]))-02-29))|((20[0-9][0-9])|(19[0-9][0-9]))-((((0[1-9])|(1[0-2]))-((0[1-9])|(1\d)|(2[0-8])))|((((0[13578])|(1[02]))-31)|(((0[1,3-9])|(1[0-2]))-(29|30)))))$"); var pat...

How to validate data input on a sharepoint form?

How does one verify a text field with another list's column? I am currently populating a Drop down list with a datasource and then comparing the text field with items in the dropdown using javascript. Is there a better way? The second problem I am having is how to trigger the Validate Function. I am aware of two custom forms for addin...

Batch File input validation - Make sure user entered an integer

I'm experimenting with a DOS batch file to perform a simple operation which requires the user to enter a non-negative integer. I'm using simple batch-file techniques to get user input: @ECHO OFF SET /P UserInput=Please Enter a Number: The user can enter any text they want here, so I would like to add some routine to make sure what the...

How to check if a Java character is a currency symbol

I have to perform a check on a character variable to see whether or not it is a currency symbol. I have discovered the Character.UnicodeBlock.CURRENCY_SYMBOLS constant however I am unsure of how to use this to determine whether or not the character is in that block. If anyone has done this before help would be much appreciated. Thanks ...