R
E
S
O
U
R
C
E
S
       Home      Products & Services      Contact Us      Links


WebHatchers will design & develop your site for you.
_______________________

Website Menu Heaven: menus, buttons, etc.
_______________________

Send us your questions.
_______________________

site search by freefind
_______________________

HOME
SEO, Google, Privacy
   and Anonymity
Browser Insanity
JavaScript
Popups and Tooltips
Free Website Search
HTML Form Creator
Animation
Buttons and Menus
Counters
Captchas
Image Uploading
CSS and HTML
PHP
AJAX
XPATH
Website Poll
IM and Texting
Databases—MySQL
   or Not MySQL
Personal Status Boards
Content Management
   Systems
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs




Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement



Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

Ajax and PHP Based Input Filter

This is an example web page. It gives you a sample of how you can do input validation on every character typed by users. And every incorrect character will result in an error message that will go away as soon as valid characters are typed. The two other main ways to deal with filtering and validation are giving error messages after the entire input is done, which forces them to retype their input, and filtering out invalid characters so that their input is secure and accurate according to your rules, but they won't get to see their final input if they've typed wrong characters—they'll have the impression their input was accepted as is—although there is no reason you cannot warn them about your filtering. Anyway, there's something to be said for instant feedback.

The reason we created this page is to show the code involved in this type of validation. When you type, the onKeyUp() event runs the Ajax prompt() script which takes the input box's current value and uses xmlhtml to send it as a query string from your browser to the ajax-and-php-input-filter.php script on the server where it gets saved as $final but then only the string's last character is analyzed. If the latest character is invalid, you get a message reminding you of the valid characters. This gives you the opportunity to Backspace to dump the bad entry. If you choose to leave it, that's okay too—in THIS script. The $final string represents what's in the box, with only warning filters applied, not deletion filters. It would be easy to wait until the Submit button was clicked and run
$final=preg_replace("/[^a-zA-Z0-9\\s\\_]/", "", $final) so the bad characters are filtered out. There's no Submit button here since our point is to illustrate the use of Ajax and PHP to filter/validate via warnings. In a real website, you will surely want to add the preg_replace() function to clean their input. The main rule of input validation, because of security issues, is to suspect ALL input!

Type input. Rule: only alphanumerics, space and underscore are OK.

Input:

Help:

The relevant code on this page:


<P><B>
<script type="text/javascript">
function prompt(str){
if (str.length==0){document.getElementById("prompt").innerHTML="";return;}
document.getElementById("prompt").innerHTML="";
if (window.XMLHttpRequest){// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}else{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}
xmlhttp.onreadystatechange=function(){
if (xmlhttp.readyState==4 && xmlhttp.status==200){
document.getElementById("prompt").innerHTML=xmlhttp.responseText;}}
xmlhttp.open("GET","ajax-and-php-input-filter.php?q="+str,true);xmlhttp.send();}
</script>
</B></P>

<P><B>
<div class='k'><p><b>Type input. Rule: only alphanumerics, space and underscore are OK.</b></p>
<form>
Insult: <input type="text" onkeyup="prompt(this.value)" size="20" />
</form>
<p>Prompt: <span id="prompt"></span></p></div>



<p>The ajax-and-php-input-filter.php file:</p>


<?php

$z=$_GET["q"];$final=$z;
if (strlen($z) > 0){$z=substr($z,-1);
$prompt="";
if(preg_match('/[^a-zA-Z0-9\\s\\_]/', $z)){$prompt="Please enter only letters, numbers, underscores, or spaces.";}
echo $prompt;}
?>