0

I know its good to use serverside validation for security, except this is just to get my head around validation.

My efforts so far have amounted to the following

function validateUser()
{
    var x=document.forms["myForm"]["email"].value;
    var y=document.forms["myForm"]["password"].value;
    var atpos=x.indexOf("@");
    var dotpos=x.lastIndexOf(".");
    var uppercase = password.match(/[A-Z]/)
    var lowercase = password.match(/[a-z]/g)
    var number = password.match(/[0-9]/g)
    if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length)
    {
    alert("Not a valid e-mail address or password");
    return false;
    }else{ 
    alert("Valid Email Address and Password");
    return true;

    }
    }

Basically, I need an alert box to pop up when the password doesn't have at least 1 lowercase, uppercase and a number. So far my code is just throwing an error when the email is in the wrong format. What do I add to the if statement to check the password characters?

Thanks in advance,

James

Sim
  • 570
  • 1
  • 10
  • 22

2 Answers2

2

Few issues we have in your current implementation:

a. The error you're likely getting is that password is undefined.

Right now you're doing:

var y=document.forms["myForm"]["password"].value;

but you refer to it as "password" further on:

var uppercase = password.match(/[A-Z]/)
var lowercase = password.match(/[a-z]/g)

change the var y to:

var password=document.forms["myForm"]["password"].value;

b. To validate email, you should use a Regex such as:

var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;

var isValidEmail = re.test(email);

c. To check for the password rules, you should just rely on the regular expressions you have in place already (and strip out the atpos, dotpos usage - that makes it much more complicated than it even needs to be).

Example:

var email='me@mailinator.com';
var password='test-P1assword';
var hasUpper = password.match(/[A-Z]/)
var hasLower = password.match(/[a-z]/g)
var hasNumber = password.match(/[0-9]/g)

var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;

var isValidEmail = re.test(email);

if (isValidEmail && hasUpper && hasLower && hasNumber) {
    alert("Valid Email Address and Password");
    return true;
} else { 
    alert("Not a valid e-mail address or password");
    return false;
}

JSFiddle example, complete with Regex to validate email AND password: http://jsfiddle.net/4hH3T/2/

The regex was taken from: Validate email address in JavaScript?

Community
  • 1
  • 1
jrace
  • 351
  • 3
  • 8
  • Oh i see thanks for that, didn't pick that up, i'm still in a bit of mystery as how you incorporate the check for all the Regex characters though – Sim May 03 '13 at 01:46
  • Updated with regex implementation for you :-) – jrace May 03 '13 at 01:51
  • Hmm... i tried this for the password implementation without regex, what am I doing wrong? if (atpos<1 || dotpos=x.length || password.match(uppercase) || password.match(lowercase) || password.match(number)) – Sim May 03 '13 at 01:55
  • The vars you're putting in password.match() was already ran through a the match() method. Please see the following link for the correct usage: http://www.w3schools.com/jsref/jsref_match.asp NOTE: the match() method takes a regex and outputs a boolean. You're putting a boolean inside the match() method when you run through "password.match(uppercase) || password.match(lowercase) || password.match(number)" – jrace May 03 '13 at 01:59
  • @jameskensington - Just forget about your code and use a regex. You're making this **WAY** too complicated. – jahroy May 03 '13 at 01:59
  • @jrace - Better yet, check out the [MDN documentation](https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/RegExp/test). It's way more thorough and easier to read. – jahroy May 03 '13 at 02:00
  • @jameskensington - I meant forget about all that _atpos, dotpos_ stuff and do it all with a regex. – jahroy May 03 '13 at 02:02
  • @jrace - I'm sorry... Those comments were meant for JamesKensington (I directed them at you by accident). I am endorsing the approach you have suggested in your answer. – jahroy May 03 '13 at 02:03
  • @jahoy no worries, I have since updated my JSFiddle example to include the password validation rules he needs using match() - that should simplify things a bit. – jrace May 03 '13 at 02:08
  • @jrace sorry had to step away from the computer for a while, accepted answer thanks for the help! – Sim May 04 '13 at 06:56
0

you can use regex to validate. 

 var reg=/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*(_|[^\w])).+$/;
 var isValid=reg.test(inputemail);
Ravi Gadag
  • 15,735
  • 5
  • 57
  • 83
  • 1
    http://rick.measham.id.au/paste/explain.pl?regex=%5E%28%3F%3D.*%5Ba-z%5D%29%28%3F%3D.*%5BA-Z%5D%29%28%3F%3D.*%5Cd%29%28%3F%3D.*%28_%7C%5B%5E%5Cw%5D%29%29.%2B%24 – Ravi Gadag May 03 '13 at 01:40
  • Oh i see what you mean, how to i check it vs the Strings though? password/email – Sim May 03 '13 at 01:40
  • 2
    @Ravi, The `//` form is always prefered over using the `RegExp` constructor, unless you are dealing with dynamic patterns. – plalx May 03 '13 at 01:41
  • would i do something like if (atpos<1 || dotpos=x.length || password.contains(reg)?? i'm not too familiar with the syntax around this, i know theres a contains for string in java, not sure about script – Sim May 03 '13 at 01:43
  • @jameskensington - The second line of this answer demonstrates how to use the regex. The first line defines a regex named `reg`. The second line calls `reg.test()` and passes a string as an argument. If the string matches the regex, `reg.test()` will return true. Here is some more reading on the [RegExp.test()](https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/RegExp/test) method. – jahroy May 03 '13 at 01:56