[ZWeb] Validating Form Data
Christian Theune
ct@gocept.com
Tue, 5 Mar 2002 16:44:24 +0100
Hi.
First, you shouldn' rely on JScript to validate forms, as everybody
could bypass them by constructing the url manually.
As a hint, you should try to look what data is contained in the REQUEST.
On Tue, Mar 05, 2002 at 09:24:36AM -0700, Mike Tran wrote:
> I am using the Javascript below to validate data on my form. The part where
> it validate form data works fine. My problem is when I call on the method
> "insertResume", my form variables does not get passed.
> For example, on the form i have a textbox field called "age". I reference
> this in the "insertResume" method with <dtml-var age>, but the age variable
> does not get passed from the form to the "insertResume" method.
>
> Does anyone have any idea on how to fix this or maybe show me how to validate
> form data in Zope? I've tried <dtml-unless> but the user have to go to
> another page and go back to the form itself to correct the data. With
> Javascript the user can stay on the same page.
>
> Thanks,
>
> <SCRIPT LANGUAGE="JavaScript">
> <!--
> function valid(form) {
> var field = form.age;
> var userAge = parseInt(field.value);
> if (!userAge) {
> alert("You must indicate your age.");
> return false;
> } else if (userAge >= 18) {
> alert("Thank your for your resume.");
> return true;
> } else {
> alert("You are only " + userAge + ". Try again when you are 18.");
> field.focus();
> field.select();
> return false;
> }
> }
> // -->
> </SCRIPT>
>
> <FORM METHOD="POST" ACTION="insertResume" onSubmit="return valid(this)">
>
> Your age:<BR><INPUT TYPE="text" NAME="age" SIZE="2"><BR>
> Desired Job:<BR><INPUT TYPE="text" NAME="job" SIZE="40"><BR>
> Resume:<BR><TEXTAREA NAME="resume" COLS="40" ROWS="5"></TEXTAREA><BR>
> <INPUT TYPE="submit" VALUE="Send Resume">
> </FORM>
>
> --
> Mike
>
> -------------------------------------------------------
>
> --
> Mike Doanh Tran
> Shuffle Master Gaming Inc.
>
> _______________________________________________
> Zope-web maillist - Zope-web@zope.org
> http://lists.zope.org/mailman/listinfo/zope-web
--
Christian Theune - ct@gocept.com
gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt
tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981
reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])