/    Sign up×
Community /Pin to ProfileBookmark

Rejecting illegal characters for Asian char sets

Copy linkTweet thisAlerts:
Apr 13.2005

I manage a site which registers students via a form which is used to update MySql tables and email back registration confirmations via a set of php scripts.

Most of the registering students are resident in Asia and I assume normally use their computers with their native language character sets.

Although we ask for forms input to be in English we dont always get it. The resultant havok that the equivalent control characters reak on the data base tables can be catastrophic when input is in Korean, Japanese or one of the Chinese character sets.

Can anyone suggest a way of checking the character set used as soon as the user starts form filling and poping up an alert to prevent input of, to me illegal characters ?

to post a comment
JavaScript

4 Comments(s)

Copy linkTweet thisAlerts:
@HaganeNoKokoroApr 13.2005 — It would be better to do this in your php code; you should [b][u]always[/u][/b] have server-side validation of form input. In PHP, you would use preg_match to find out if there were any illegal characters, and return an error. For example, to find out if there are any characters aside from a-z, A-Z, 0-9, and _, you would use something like <i>
</i>...

$input=$_POST['forminput'];
$pattern='/^[w]/';
if(preg_match($pattern, $input)&gt;0) {
//do something to tell the user they must only input valid characters
} else {
//input OK
}I am not very experienced at PHP, you may want to look over www.php.net for more information on how to use the preg functions.

You can still have client-side validation as well. The way to do this is similar &lt;script type="text/javascript"&gt;
function check(elem) {
if(/^[w]/.test(elem.value)) {
alert("You have entered invalid characters.");
elem.focus();
}
}
&lt;/script&gt;

...

&lt;input name="input1" type="text" onchange="check(this)"&gt;

...In some browsers, the onchange event will fire as the user types, in others it will fire when the input loses focus. You could use key events, but they are not as well supported and will not catch changes due to pasting text.

Also note this type of client-side checking could get very irritating because it will not let the user leave until they remove all invalid characters, and is easily bypassed (intentionally or unintentionally) by disabling javascript, so the server-side is far more important.
Copy linkTweet thisAlerts:
@SpectreReturnsApr 13.2005 — In php, just check if the ord() of a certain character is less than 255.
Copy linkTweet thisAlerts:
@ozconnectauthorApr 13.2005 — My own experience is that server side validation is too late. Yes it would stop the bad characters corrupting my data base but I want to fix it at the source.
Copy linkTweet thisAlerts:
@SpectreReturnsApr 13.2005 — However, it's easy enough to bypass javascript security, so you're going to need to do it serverside if you want it to be secure.
×

Success!

Help @ozconnect spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.19,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...