Hi all,
Im hoping someone can support me with my question..
I have an asp page that has an application form and a user fill it in and the application comes to me for approval.
I use javascript to validate the textboxes in the form to ensure correct data input from the user and on the whole its working fine..
But I have a user who truns off javascript or a bot and all the javascript is useless and the applications get sent to me with missing or wrong details etc...
How can I validate such a form if a user does this?
Im guessing they are trying to access the site and not have to log in or are up to no good im just not sure but can I prevent this?
Can I add code to the page that says if javascript is disbled in the browser bounce to a page or something similar?
Up to no good? Not at all. I always surf the internet with JavaScript turned off. Sites load much faster and I'm free from certain annoyances. And it could be that other user is blind or otherwise disabled and using an adaptive browser that doesn't support JavaScript.
It is you responsibility to make sure that the site works well with and without JavaScript. Here your solution is simple. Give your form a hidden field with the name "validated" and have your JavaScript validation set the value of "validated" to true. When your script receives the form it can check the value of that field and know if server side validation is required. Another method is to give the form an action that points to your server side validation but have the JavaScript validation change that action as appropriate.
“The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.”
—Tim Berners-Lee, W3C Director and inventor of the World Wide Web
You don't want to think of this as an either/or (with apologies to Kierkegaard). The people who do use JavaScript would be poorly served if you did the validating server side. The trick is to do it both places, one or the other as required. JavaScript is like that. It's great when it works just have a back up ready for when it doesn't.
“The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.”
—Tim Berners-Lee, W3C Director and inventor of the World Wide Web
A bit of an inflexible position, but at least you're sticking with the method that actually works.
“The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.”
—Tim Berners-Lee, W3C Director and inventor of the World Wide Web
No it isn't. It is a way of saving the user time because the page doesn't have to be reloaded. I particularly like it when checking whether user names are available, and whether all required fields are filled in.
Originally Posted by ryanlund
I believe [it] often looks tacky and unprofessional.
Depends on the implementation, has nothing to do with the concept.
Great wit and madness are near allied, and fine a line their bounds divide.
I think I follow but you guys seem to differ?
At present I use JS to make sure the user adds what I want and also I have some Ajax to do a background check on username and email address added so as not to alow duplicates and do all the checking on the same page as the user types to save sending the user to a new page or reloading the page...
If JS is off on the browser none of this will work so Am I right in thinking that I have to do some server side scripts that back up my JS in this event?
I did think I was being rather clever with the Ajax as it searches as the user types and if the user name etc are taken it tells them, but all of this is all worthless if JS is disabled.
Im a bit puzzled as to the best method?
Do any of you guys have any examples of similar forms and script?
Hi,
Thanks for your reply,
Ive never used <noscript></noscript> tags beofre but after reading your post I see its for browsers that do not have the JS enabled..
If I have understood this will bounce anyone with no java script enabled to a page of my choosing and therfore stop them hitting the submit button on my form?
That's mixing client and server side in a way in which they can't be mixed. What you need is BOTH. Use the JavaScript as a clever convenience thing to check if the name is taken, but then check if they're using a valid name on the server as well. You should do this with ALL forms, the clients are not to be trusted, otherwise someone could easily alter the JS and submit a name which is already taken, and if you're not checking server side then you'll mess things up.
Write your site, get it fully working THEN add the JavaScript, don't try integrate it from the start (although design with it in mind). That way you know the site and validation work without JavaScript, but you can use the JS to add extra bits of convenience for those who want them.
That's mixing client and server side in a way in which they can't be mixed. What you need is BOTH. Use the JavaScript as a clever convenience thing to check if the name is taken, but then check if they're using a valid name on the server as well. You should do this with ALL forms, the clients are not to be trusted, otherwise someone could easily alter the JS and submit a name which is already taken, and if you're not checking server side then you'll mess things up.
Write your site, get it fully working THEN add the JavaScript, don't try integrate it from the start (although design with it in mind). That way you know the site and validation work without JavaScript, but you can use the JS to add extra bits of convenience for those who want them.
Bypassing Javascripts
Reply With Quote
Originally Posted by ryanlund
Bookmarks