Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 449
  • Last Modified:

Validating TextBox text using Java Script.

Hi,
This is for web form developed with .Net 3.5 and VS2010.I want to validate the text entered in Text Boxes using Java Script on submission.

It shouldn't submit to the database if entered Text contains urls,html tags,scripts and anything dangerous.

How to validate the urls,html tags,scripts using Java Script
Thanks
0
KavyaVS
Asked:
KavyaVS
4 Solutions
 
MrC63Commented:
Here's a simple way:

Create an array of strings that are not allowed, then test the text box contents against the array list.  Then use this array to test against the actual text box contents.  See the attached sample javascript.

The "Submit button would be changed to a button type (<input type=button> instead of <input type=submit>.  You would then add an onClick event that calls the TestSubmission function:

<input type="button" onClick="TestSubmission() ;" value="Save">

The array can contain any string of characters you want to test for that are not allowed during the form submission.

Hope that helps you, let me know if you need further clarification.

MrC
sample.txt
0
 
Jitendra PatilSr.Software EngineerCommented:
hi kavyavs

refer the below link,
Coding techniques for protecting against Sql injection
it will help you check in your whole application's textboxes in will be always helpful
you need to add your htmlinjection text  ie(urls,html tags,scripts) in the blacklist array.
it will be once for all using Modules.

Hope this helps.
0
 
PagodNaUtakCommented:
Tip:

Validating data inputted by users using javascript alone is a very bad idea. As users of sites can disable javascript to get pass your validation.

It would be better that there is a client and server side validation.
0
 
Jitendra PatilSr.Software EngineerCommented:
Try to implement the way i have described above as it will be coded for once and will be used in your overall application, you won't need to be calling function for each and every textbox, using module you will be doing it once and used for all.

Coding techniques for protecting against Sql injection RSS
Try the link given above, its a tested and proven approach.

Hope this helps.
0
 
KavyaVSAuthor Commented:
Thanks.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now