1

I have a form that contains information fields for potential customers. Spammers are entering web addresses in the address field. I want to have an error message when the field contains "http://"

Here is the form code:

<label>First Name:</label> <input id="first_name" name="first_name" type="text" size="20" />
<label>Last Name:</label> <input id="last_name" name="last_name" type="text" size="20" />
<label>Address:</label> <input name="address" type="text" size="30" />
<label>City, State &nbsp;Zip:</label> <input name="city" type="text" size="20" value="City, State Zip"/>
<label>Phone Number:</label> <input name="phone" type="text" size="20" />
<label>Email:</label> <input id="email" name="email" type="text" size="30" />

Here is the error code I have:

    function validateForm(){
    message = '';
    error = 0;

    if (document.contact_form.first_name.value == '') { 
        message = 'First name is a required field\n'; 
        error = 1;
    }
    if (document.contact_form.last_name.value == '') { 
        message = message + 'Last name is a required field\n'; 
        error = 1;
    }
    if (document.contact_form.phone.value == '') { 
        message = message + 'Phone Number is a required field\n'; 
        error = 1;
    }
    if (document.contact_form.email.value == '') { 
        message = message + 'Email is a required field\n'; 
        error = 1;
    }   
    if (WHAT GOES HERE TO SHOW THAT THE FIELD CAN'T CONTAIN ANY VARIATION OF 'http://?') { 
        message = message + 'That is not a valid address\n'; 
        error = 1;
    }


    if (error) {
        alert(message);
        return false;
    } else {
        return true;
    }
}
bmp415
  • 11
  • 4
  • You should validate this on the server. Bots will usually bypass javascript validation – Ortiga Aug 11 '12 at 03:21
  • Actually, you should validate it both on client for better user experience and on server as a means of additional layer of validation in-case client side validation is bypassed. – Moon Aug 11 '12 at 03:55

3 Answers3

0

Use a regular expression.

if (/^http:\/\//.test(document.contact_form.email.value)) {
    message = message + 'That is not a valid address\n'; 
    error = 1;
}

I'm assuming you only want to test for http:// at the beginning of the string (just remove ^ if you want to test for it anywhere in the string).

Jordan
  • 4,510
  • 7
  • 34
  • 42
0

You can use indexOf function as below:

if(document.contact_form.address.value.indexOf("http://") !== -1) {
    message = message + "That is not a valid address\n"; 
    error = true;
}

indexOf will return -1 if the value specified in the indexOf function parameter is not found in the string.

References:

Community
  • 1
  • 1
Moon
  • 33,439
  • 20
  • 81
  • 132
-1

Give your inputs in question a class, maybe something other than what I've done. give your id's a useful name.

Makes coding a lot easier.

function validate() {

                    var inputs = document.querySelectorAll('.inputs'),
                        i = 0;
                    for (; i < inputs.length; i++) {
                        if (inputs[i].value == '') {
                            message = message + ' ' + inputs[i].id + ' is a required field\n';
                        };
                    };
                };
Vinyl Windows
  • 503
  • 1
  • 7
  • 19
  • I am not sure who some of you rogue people are that give -1 ones out; however, I am helping by posting the code above. First things first over what the poster is trying to achieve, is to clean that code up. – Vinyl Windows Aug 11 '12 at 12:36