help disallowing characters onkeypress

[TurboSRT4]

hi can someone help me please im good with perl but trying to learn javascript..... they compliment each other very well i have noticed.

i need to call a function onkeypress to not allow the foolowing characters to be entered into form field..

* ( ) # @ x q l p 3 0 + =

can someone help me please thank you. These are not the exact characters i need disallowed, however an example to do so would help me learn very much accomplishing what i really need. thanks a lot dooods!

 

[vacunita]

Its not the cleanest way, but it should give you an idea:

<script>
function checkchars(txtObj){
[green]\\Define array of disallowed characters [/green]
var restricted_chars=new Array();
restricted_chars['*']=1;
restricted_chars['(']=1;
restricted_chars[')']=1;
restricted_chars['#']=1;

[green]\\get the last character typed [/green]
var mychar=txtObj.value.charAt(txtObj.value.length-1);

[green]\\check if character is in disallowed array if so, Send Alert and delete character[/green]
if(restricted_chars[mychar]){
alert("Character not allowed");
txtObj.value=txtObj.value.substr(0,txtObj.value.length-1);
}

}
</script>

<input type="text" name="mytextbox" value="" onKeypress="checkcharacters(this);">

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

 

[TurboSRT4]

thanks bro you had a couple typos but i got the jist of it and it works excellent! thanks so much

 

[TurboSRT4]

Hi again the script you gave me works great. Here is a test page i made to test various things while trying to learn javascript basics. I have implemented your script into span 5 on this test page. Please try entering dissalowed characters in the form field in span 5. You will see that the character is displayed, and then when the next key is pressed it deletes the previous disallowed character. Is there a way to not even allow the character to display in the first place? or make disappear right away?

 

[TurboSRT4]

http://www.iboost.biz/iboost/TEST.html

 

[TurboSRT4]

please help im a rookie lolbut i learn fast

 

[feherke]

Hi

You will see that the character is displayed, and then when the next key is pressed it deletes the previous disallowed character.

That happens only if you are entering the characters in order.
[ul]
[li]Type, for example, 'bd' into the [tt]input[/tt][/li]
[li]Move the cursor back 1 character[/li]
[li]Type '@' to have 'b@d' in the [tt]input[/tt][/li]
[/ul]
That @ will not be removed neither later.

The problem you mentioned ( and I quoted above ) can be solved by changing the [tt]onkeypress[/tt] to [tt]onkeyup[/tt].

But that not solves the problem I mentioned.

Even more, pasting the text ( or just the forbidden characters ) with mouse is still possible.

And is also possible to type this in the browser's location bar :

javascript:document.test_press.key_field.value='b@d';void(0)

So hopefully you are not relying too much on JavaScript and have server-side validation also implemented.

Feherke.

http://free.rootshell.be/~feherke/

 

[TurboSRT4]

hey thanks for your advice that is just apage i set up to learn some javascript on my site my perl program will not be allowing any variables to be passed through the browser. it is going to die instantly upon trying such. My whole site is and is going to be one single cgi file reading subroutines from other server side files.. are there any total solutions to my problem for instance using keyup and onchange? thanks.

 

[feherke]

Hi

are there any total solutions

Total solution ? Well, I would say not in this forum. When I wanted better control, I wrote a Java applet instead. :-( ( For Java or Flash alternative see forum250 or forum269. )

But of course there are various approaches, some better, other worst. Searching this forum ( and its FAQ area ) will probably reveal some better too.

Personally I can not help you more. I not used to use JavaScript for any task described with the word "disallowing".

Feherke.

http://free.rootshell.be/~feherke/

 

[vicvirk]

here is what I use to do this exact task - this won't allow any even numbers into the input box.

function isNotBad(strInput) {
	var badRa = "48,50,52,54,56".split(",");
	blnReturn = true;
	for (var i = 0 ; i < badRa.length ; i++) {
		if (parseInt(strInput) == parseInt(badRa[i])) {
			blnReturn = false;
			break;
		}
	}
	return blnReturn;
}

function checkKey(e) {
	var evt = window.event ? event : e;
	var intAction = evt.charCode ? evt.charCode : evt.keyCode;
	return isNotBad(intAction);
}

<input type="text" id="tbx" name="tbx" onkeypress="return checkKey(event);" />

It won't stop someone from pasting an even number into the box from their clipboard, but will prevent a number typed in - just be sure to do a server side check once it's submitted.

Fo a full list of keyCodes:

http://tinyurl.com/yf8vq38

--------

GOOGLE is a great resource to find answers to questions like "how do i..."

http://www.google.com/webhp?complete=1&hl=en

--------

 

[vacunita]

Sorry I didn't come back to this sooner.

Yes the code I posted checks for the last character in the string which normally is the last one entered. If you are moving around the textbox when inputting then it won't work.

You'll have to check the character at the event level. Then you can return a false so the character is not typed into the box.

However doing it at the event level brings other problems. The first of which is the difference in the way IE and FF handle the events.

Your best bet is to do some JS handling just to avoid most of the characters, but then as was suggested to finish the confirmation server side to avoid any illegal characters. That may have slipped through.

You'll have many more headaches if you ant to catch it all in JS.

And even if you could do it all in JS, people can just turn of Js in their browsers, and still attempt to submit illegal characters.

so yeah its never a good idea to completely rely on JS.


----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

 

[TurboSRT4]

ok i seem to have gotten it with this
onkeyup="valid(this)" onblur="valid(this)"

<script language=javascript>
function valid(f) {
!(/^[A-zÑñ0-9]*$/i).test(f.value)?f.value = f.value.replace(/[^A-zÑñ0-9]/ig,''):null;
}
</script>

however....you say that you can disable javascript and still try to submit? so i will need perl to also do a second validation of characters?? wow that blows lol is there anyway to have my perl sscript die; or redirect if javascript is not allowed? can perl detect if javascript is enabled? thanks

 

[vicvirk]

^ you could use the <noscript></noscript> tag to alert the user that javascript is required and write your "submit" button via javascript:

<html>
<head>
</head>
<body>
<script language="javascript">
document.write("<input type=\"submit\" />");
</script>
<noscript>Javascript must be enabled to submit this form</noscript>
</body>
</html>

^ using this method if the user has javascript disabled, they will never see the "submit" button.

I got into a heated discussion with somebody on this forum a while back about accesibility, and if you are opening your site up to the general population use an extra server side check just be sure. If it is an Intranet and your company has the ability to force javascript enabling, this will work fine.




--------

GOOGLE is a great resource to find answers to questions like "how do i..."

http://www.google.com/webhp?complete=1&hl=en

--------

 

[feherke]

Hi

you say that you can disable javascript and still try to submit?

People can do it. Robots will not even need that because most of them not interpret JavaScript at all. So a form spam bot will always be able to submit random sh!t to your [tt]perl[/tt] script.

so i will need perl to also do a second validation of characters??

Rule number one is never trust anything received from outside.

can perl detect if javascript is enabled?

No. Server-side software can "see" only what receives from the client. And you can not know what was the client-side software which sent the data.

using this method if the user has javascript disabled, they will never see the "submit" button.

The [tt]form[/tt] can be submitted without having [tt]submit[/tt] button and without JavaScript.

Feherke.

http://free.rootshell.be/~feherke/

 

[vicvirk]

The form can be submitted without having submit button and without JavaScript.

Ok, then write the entire form on the screen using Javascript.


--------

GOOGLE is a great resource to find answers to questions like "how do i..."

http://www.google.com/webhp?complete=1&hl=en

--------

 

[feherke]

Hi

Ok, then write the entire form on the screen using Javascript.

Or just set the most essential part with JavaScript - the [tt]form[/tt]'s [tt]action[/tt] :

[b]<form[/b] [maroon]action[/maroon][teal]=[/teal][green][i]"error403.htm"[/i][/green][b]>[/b]
[b]<input[/b] [maroon]type[/maroon][teal]=[/teal][green][i]"text"[/i][/green] [maroon]id[/maroon][teal]=[/teal][green][i]"tbx"[/i][/green] [maroon]name[/maroon][teal]=[/teal][green][i]"tbx"[/i][/green][b]/>[/b]
[b]<input[/b] [maroon]type[/maroon][teal]=[/teal][green][i]"submit"[/i][/green][b]/>[/b]
[b]</form>[/b]

window[teal].[/teal]onload[teal]=[/teal][b]function[/b][teal]()[/teal] [teal]{[/teal]
  document[teal].[/teal]forms[teal][[/teal][purple]0[/purple][teal]].[/teal]action[teal]=[/teal][green][i]'/cgi-bin/the_real_form_handler_script.pl'[/i][/green]
[teal]}[/teal]

Feherke.

http://free.rootshell.be/~feherke/