Published: Saturday, July 31, 1999
Checking a String for Certain Characters
OK, I'm going to make this short and sweet:
Problem: You are allowing users to enter information into a form; you want to make sure that
their strings contain only a certain subset of characters.
Solution: Know what characters you want to include; step through their form input one
character at a time and test to see if the current character is in the set of inclusive characters.
If it is not, then flag that the string is invalid.
I will demonstrate this using two techniques: client-side JavaScript and ASP. First, the client-side
JavaScript:
What we need to do is code the ONSUBMIT event in the FORM tag. So, let's say
that we have a FORM with an INPUT box where someone enters their UserName. We want to make sure that
the UserName contains only characters A-Z, a-z, 0-9, _ (underscore), or - (dash). Here's how we'd do
it with client-side JavaScript:
<![CDATA[
<HTML>
<HEAD>
<SCRIPT LANGUAGE=JavaScript>
<!--
function ValidateUserName()
{
// Get the value of the UserName text box
var strUserName = String(document.frmUserName.txtUserName.value);
var strCurrentChar;
// This variable will determine if our string is valid
var bolValidUserName = true;
// Step through the UserName one character at a time...
for (var iLoop=0; iLoop < strUserName.length; iLoop++)
{
// Check to see if the current character is valid
strCurrentChar = strUserName.substring(iLoop,iLoop+1);
if (
// if A-Z...
(strCurrentChar >= 'A' && strCurrentChar <= 'Z')
// or if a-z...
|| (strCurrentChar >= 'a' && strCurrentChar <= 'z')
// or if 0-9...
|| (strCurrentChar >= '0' && strCurrentChar <= '9')
// or if dash or underscore
|| strCurrentChar == '-' || strCurrentChar == '_'
);
// We have a valid string... do nothing.
else
// We have an invalid string, set the flag
bolValidUserName = false;
}
// If we have an invalid UserName, alert the user
if (!bolValidUserName)
{
var strError = "You have entered an invalid UserName. ";
strError += "UserName can only contain the following characters:";
strError += "\n\tA-z\n\ta-z\n\t0-9\n\t- (dash)\n\t_ (underscore)";
alert(strError);
}
return bolValidUserName;
}
// -->
</SCRIPT>
</HEAD>
<BODY>
<FORM NAME=frmUserName METHOD=POST ACTION="someURL.asp" ONSUBMIT="return ValidateUserName();">
Enter your UserName<BR>
<INPUT TYPE=TEXT NAME=txtUserName SIZE=50>
<P>
<INPUT TYPE=SUBMIT VALUE="Proceed...">
</FORM>
</BODY>
</HTML>
]]>
|
(The above code is available at the end of this article...)
Using client-side
validation, you save a round-trip back to the server since the browser makes sure the inputs are formatted properly
before submitting the form.
To see the alert box the user will see if he or she enters an invalid UserName, simply click the button
below:
If you're not familiar with JavaScript form validation, I'd highly recomment you read
Form Validation Using Javascript.
In the next section I am going to show you how to do the same
thing but using ASP.
Proceed to Step 2
