3

This script is supposed to check if the submitted value is an Url but it doesn't do that. I'm not too familiar with regex and my buddy who made this for me is away for a trip.

      <script type="text/javascript">// <![CDATA[
       window.onload=init;

        function init(){
        document.forms[0].onsubmit= function (){
        var url= document.getElementById("url").value;
        var desc= document.getElementById("description").value;
        var regex=new RegExp("^(https?:\/\/)?([\da-z\.-]+)\.([a-z\.]{2,6})([\/\w \.-]*)*\/?$");
        var match=regex.test(url);
        if(!match)
        {
            alert("The URL you entered is not valid");
            return false;
        }
        if(desc.length<10)
        {
            alert("There must be at least 10 characters in the description");
            return false;
        }
    };
}
  // ]]></script>
Alberto Falso
  • 103
  • 1
  • 5

3 Answers3

6

PHP 5 has a built in function for that. You can use filter_var() to do it.

function is_url($url)
{
    return filter_var($url, FILTER_VALIDATE_URL) !== false;
}

EDIT: Client validation is only a convenience for the user. It doesn't actually validate the data, and I could just use Firefox TamperData to submit you whatever I want in there. You should do server validation instead as shown above.

Artless
  • 4,522
  • 1
  • 25
  • 40
  • Not getting it to work for some reason, can you show me where to put that exactly in the script in my opening post? – Alberto Falso Sep 23 '12 at 09:11
  • 1
    This is not Javascript, this is PHP. As I said earlier: `Client validation is only a convenience for the user. It doesn't actually validate the data, and I could just use Firefox TamperData to submit you whatever I want in there. You should do server validation instead as shown above.` You're going through a whole lot of trouble for a client convenience but your server remains vulnerable. – Artless Sep 23 '12 at 09:32
0
if(/^([a-z]([a-z]|\d|\+|-|\.)*):(\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?((\[(|(v[\da-f]{1,}\.(([a-z]|\d|-|\.|_|~)|[!\$&'\(\)\*\+,;=]|:)+))\])|((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=])*)(:\d*)?)(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*|(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)|((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)){0})(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?\/$/i.test(url)) {
    alert("URL is valid");
}
else {
    alert("URL is not valid");
}

Source: here

Community
  • 1
  • 1
mrjimoy_05
  • 3,452
  • 9
  • 58
  • 95
0

I recommend you start learning regular expressions. They are fun to learn. I am currently learning them too. O'reilly's Mastering Regular Expressions by Jeffrey E.F. Friedl is a very good book, you can download it for free from some sites. Check it out.

rationalboss
  • 5,330
  • 3
  • 30
  • 50
geekman
  • 2,224
  • 13
  • 17