We help IT Professionals succeed at work.

Validation of a Form ?

PhilAJones
PhilAJones asked
on
495 Views
Last Modified: 2008-07-24
In Dreamweaver CS3 - I have created a page full of ASP fields in a form, plus a submit button - so as to capture data into a database. (initially using the Insert Wizard - but then modified quite a lot). It all works fine and puts data in there.

I now want to Validate the form - but when I follow the various help and tutorials - Select Behaviours etc.. - The 'Validate Form' option is greyed out !! I've tried clicking on Form tag; submit button, everything...

Any ideas ??

I would also like to  Default the current date and time into a field that is sent back to the database - can't work out how to do that - any help appreciated.

Thanks
Phil
Comment
Watch Question

Commented:
If you just want to use Dreamweaver to validate your form, I have found the easiest way is to use an extension from WebAssist.  Go to http://www.webassist.com and look for the form validator

Commented:
here is the link... it is called Validation Toolkit.  Basically it is an extension that installs into Dreamweaver allowing you to use dreamweaver to validate form fields.  Validation is so important to prevent spoofing and it must be done server-side.  It is very easy for hackers to bypass Javascript validation because all you have to do is disable javascript in your browser.  http://www.webassist.com/professional/products/productdetails.asp?PID=33

Author

Commented:
Thanks rbudi - I'll look into that tomorrow.

ANy ideas as to why the inbuilt Validation doesn't work ?

Phil

Commented:
The built in Dreamweaver form validation will work but I believe it uses javascript.  Again, spoofers can easily bypass this and use your server to send spam email.

Author

Commented:
I understand what you are saying - but my query is that it DOESNT work - the option is greyed out !!
Jason C. LevineDon't talk to me.
CERTIFIED EXPERT

Commented:
Hi PhilAJones,

There may be a couple of reasons why this is.

1) Are you using pages built from a DW Template?  If so, check to see if the form tags are in an editable region.

2) Is the form tag heavily modified with ASP code or other javascript?  

3) If you create a new form on the page, with just plain old fields, can you apply the validation behavior to it?
CERTIFIED EXPERT

Commented:
Hi Phil

The reason why the option is greyed out is that the form is modified.  As soon as you alter any portion of a page that would usually be generated by DW, DW stops cooperating and leaves it all up to you.  Sadly DW will only ever do the basics, after that you've got to get stuck into coding yourself!

The form validation you require really needs to be done server-side.  This is safer than client-side anyway because asrbudj says, spoofers can disable javascript and then launch an attack on your code logic.

With ASP (and I presume PHP too) form collection and validation can be a pain depending on the extent you want to go to.  I code my form validation myself, and the easiest way is to do something like this (I will use simple text values to check against because I can't see your form).  Save this page as savepage.asp then in your form page, set the FORM METHOD attribute to point to this page (seperating the form and save logic simplifies things a little):


<html>
<body>
 
<%
' ROUCHIE'S VALIDATION LOGIC...
 
' 1. Gather form values into ASP variables
 
Dim var1 ' this must be text and not blank (checked later)
Dim var2 ' this must be numeric and not blank (checked later)
Dim var3 ' this must be a date and not blank (checked later)
Dim errorText ' holds error details
 
var1 = Trim(Request.Form("myField1"))
var2 = Trim(Request.Form("myField2"))
var3 = Trim(Request.Form("myField3"))
errorText = "" ' clear errorText variable
 
 
' 2. Check values
IF var1 = "" THEN
  errorText = errorText & "<li>Field 1 cannot be blank!</li>"
END IF
 
IF var2 = "" OR NOT IsNumeric(var2) THEN
  errorText = errorText & "<li>Field 2 cannot be blank and must be a number!</li>"
END IF
 
IF var3 = "" OR NOT IsDate(var3) THEN
  errorText = errorText & "<li>Field 3 cannot be blank and must be a valid date!</li>"
END IF
 
 
' 3. SQL Injection Protection - replace any single quotes with 2 single quotes (for text values)
 
var1 = Replace(var1, "'", "''")
 
 
 
' 4. If errors have occurred provide a message, or otherwise save to database
 
IF errorText <> "" THEN
  %>
  <p>Errors where found in the form submission. Please check the following errors and retry:</p>
  <ul>
    <%=errorText%>
  </ul>
  <%
ELSE ' no errors - save to database
  ' database code
  ' goes here
  ' to save form to database
  %>
  <p>The data was saved successfully.</p>
  <%
END IF
%>
 
</body>
</html>

Open in new window

Author

Commented:
Thanks Rouchie - thats a great respose which I accept and understand.

Just 1 thing - How does  DW 'know'  that you have modified the form - it must have something set somewhere that I could manually unset !!

Phil
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Jason C. LevineDon't talk to me.
CERTIFIED EXPERT

Commented:
>> How does  DW 'know'  that you have modified the form

Javascript functions in the config directory scan your files looking for patterns.  If you heavily modify or incorporate dynamic elements into otherwise plain HTML tags, the regex function will fail to recognize things.

If you use DW to write the Insert/Update/Delete scripts and then modify those, DW will no longer "recognize" the behavior and display it in the Panels...

Author

Commented:
I know understand the reasons for the proble I had...Thanks to all....

Phil
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.