JSP Serverside Email Validation

Hi,

i need a simple serverside jsp email validation.
Checking if the @ and a . is in the string

thx for help
LVL 2
NetwingAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jimmackCommented:
if ((emailString.indexOf("@") != -1) &&
    (emailString.indexOf(".") != -1))
{
    // Contains a '@' and a '.'
}

Perhaps better would be:

if ((emailString.indexOf("@") != -1) &&
    (emailString.indexOf(".", emailString.indexOf("@")) != -1))
{
    // Contains a '@' with at least one '.' after it.
}
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jarasaCommented:
Hi.

Jimmack is totaly right. But, Why you want to do it at server side, you should better check it a the Client, if you're not going to process the request if the email in not properly set.

I think you should do it with JavaScript instead of Java, and is exactly the same code.

Javier

<script>
function checkEmail() {

var emaiString=document.form1.email.value();

if ((emailString.indexOf("@") != -1) && (emailString.indexOf(".", emailString.indexOf("@")) != -1)) {
    // Contains a '@' with at least one '.' after it.
} else {
alert("The email you have introduced, is not valid);
document.form1.email.setFocus();

}
}
</script>

<form name="form1" ......>
<input type=text name=email onBlur="javascript:checkEmail();">
</form>
0
jimmackCommented:
;-)

I would have said the same thing (if I understood more about JavaScript ;-))
0
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.

NetwingAuthor Commented:
thanks for the help jimmack.

the discussion about serverside or not is a philosophy one... i prefer serverside because this one cant be disabled :-)
0
jimmackCommented:
;-)
0
jarasaCommented:
Hi Netwing.
What do you mean with?
>>... i prefer serverside because this one cant be disabled
Just curiosity.
Javier
0
NetwingAuthor Commented:
Javascript is client side scripting and can be disabled in the browser if the user whant. And there should be no way to disable bypass or fake a validation. So validation on the server is the better way. But thats what i think- its how i wrote more a philosophy thing.
0
jarasaCommented:
Well Netwing.
I do understand that, but if you're planning to make an application that works fast I believe serverside validations for those kind of things are out of mind, if you want to be sure the user hasn't disabled the Javascript there are ways to know it, besides you should think if you want someone with that option disabled enter your application. is not that I like much Javascript but is the faster way to make your online validations, and don't be submited to just HTML, is just like if you want to make an application with Flash and you don't do it becose maybe the user don't have the plugin and he don't want to download it. What is more important your application or your user?
Anyway I'm not trying to change your mind, I guess your choice is just ok while you don't have to make to many validations. just tell you that it takes time and server resources wich are expensier that client ones.
Javier
0
jimmackCommented:
Just to add my two penneth ;-)

There is also a security issue with the JavaScript solution.  It's probably not that important in this particular case, but there would be nothing to stop an end user copying the source of the page and modifying the JavaScript (or removing it entirely) in order to enter any data they want.

As I say, in this case, it's probably not that important, but it might be for other solutions, so it's probably worth pointing out ;-)
0
jarasaCommented:
Well to be honest.

I left no track of my code on the client, but the images, no HTML or SCRIPT is been able to be modified if you put this on your JSP and disable the right button on the BODY too:

<%
      response.setHeader("Cache-Control", "no-cache");
      response.setHeader("Pragma", "no-cache");
      response.setDateHeader("max-age", 0);
      response.setDateHeader("Expires", 0);
%>

<BODY...........  onContextMenu="return false">

Is a good trick you can test.

Javier

0
jimmackCommented:
I like that one ;-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JSP

From novice to tech pro — start learning today.