Definitely validate at the server. Here's one way to do the client-side JS:
<SCRIPT LANGUAGE="JavaScript">
function doValidate(oForm) {
if (oForm.FieldName.value.length > 7500) {
alert("Your data has exceeded its length");
oForm.FieldName.focus();
return false;
}
return true;
}
</SCRIPT>
<FORM NAME="FormName" ... onSubmit="return doValidate(this);">
<INPUT TYPE="text" NAME="FieldName">
<INPUT TYPE="submit">
</FORM>
Chris Lofback
Sr. Web Developer
TRX Integration
28051 US 19 N., Ste. C
Clearwater, FL 33761
www.trxi.com
-----Original Message-----
From: Kevin Miller [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 09, 2002 4:09 PM
To: CF-Talk
Subject: Re: Server Side Checking: Is this OK?
IMHO, even if you use client-side data checks, you still need to do it on
the back-end as well. It's way to easy to subvert client-side only checks.
Keep in mind that CF code will only execute on the server side, so the alert
will only get returned when the user submits the page.
Kevin
>>> [EMAIL PROTECTED] 07/09/02 01:00PM >>>
Its been awhile since I subscribed to the list. Its nice to be back. A
quick question. I'm checking data when the user submits a form and was
wondering if something like this is OK to do. I can't get the javascript to
work so I tried this. This is a textarea field.
<cfif len(form.education) gt 7500>
<script>
alert(" Your data has exceeded its length");
</script>
</cfif>
Daniel Bogesdorfer
Senior Programmer / Analyst
Office Of Research Health Sciences
University of Pittsburgh
412.648.2366
______________________________________________________________________
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community. http://www.fusionauthority.com/ads.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
