Re: Validating user input

Fri, 08 Jan 2010 13:05:42 -0800 

Hi Dave,

The JavaScript code sample for Number validation: for Client side validation
function isNumeric(obj, fieldName) {
        var str = obj.value;
        if ( ! isEmpty(obj, fieldName) ) {
                if ( ! ValidateNumeric(obj.value) ) {
                        alert(fieldName + " can have only numeric values.");
                        obj.value = "";
                        obj.focus();
                        return false;
                }
                else {
                        //obj.value = parseInt(str);
                        return true;
                }
        }
        else {
                return false;
        }
        return true;
}

function isEmpty(obj, fieldName) {
        var str = obj.value;
        if ( ! ValidateNotEmpty(str) ) {
                alert(fieldName + " is a mandatory field.");
                obj.value = "";
                obj.focus();
                return true;
        }
        return false;
}
if  (  ! isNumeric (document.formName.fieldName, 'FieldDisplayName') ) {
     return false;
}

The Javat code sample for Number validation: for Server side validation
public static boolean isNumeric(String sTextString) {
        boolean bResult = false;
        Pattern p = Pattern.compile("^[0-9.]+$");
        Matcher m = p.matcher(sTextString);
        bResult = m.matches();
        return bResult;
}
if ( ! ClassName.isNumeric(objBean.getFunctionId().trim()) ) {
objErrors.add(ActionErrors.GLOBAL_ERROR, new
ActionError("errors.database.error", "Selected Function Name in Form Input
is Not Valid."));
}


-Venkat




On Thu, Jan 7, 2010 at 11:13 AM, Dave <ladjo...@gmail.com> wrote:

> Hi,
>    Could someone point me to some resources that shows how to
> validate user input. Specifically, to remove harmful javascript
> injection attacks etc. I would like to see the validation code done at
> both server and client. I have searched already and I come across
> issues related to XSS and forged request etc.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google Web Toolkit" group.
> To post to this group, send email to google-web-tool...@googlegroups.com.
> To unsubscribe from this group, send email to
> google-web-toolkit+unsubscr...@googlegroups.com<google-web-toolkit%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/google-web-toolkit?hl=en.
>
>
>
>


-- 
Thanks & Regards,
Venkata Ramana. A
M# 650-210-6384
--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to