jquery validation with ip and http

Question

I have a field where people enter their IP. So I try to validate that field with jquery:

$.validator.addMethod("http-ipvalidation", 
    function(value, element) {
        return /^[\d.]+$/.test(value);
    }, 
   "Sorry, only numbers and dots allowed here"
);

But some people are using DynDNS which can then use an url. So now I need to allow both. Is there a way to combine the default jquery url validation with my custom IP validation?

I could alter the jquery url check but this regex is crazy, so I wouldn't know where to begin:

return /^(https?|ftp):\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?(((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?)(:\d*)?)(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)?(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i.test(val);

Plus I think it would be nice to allow people to enter without the http(s):// as part of it. So to summarize I want to create validation where users can enter:

12.34.56.78 or my.domain.com or http://my.domain.com

Perhaps, I should just take a simple validation to take out some special characters and leave it at that? Thanks in advance.

Answer 1

I recommend doing nearly nothing to validate this field; IDN means that users can legitimately enter nearly anything into the field: █▄ִ█▄█ִ▀▄▀.tk (currently a domain-squatter) or █ִ̲̲̲̅̅̅bִ̲̲̅̅oִ̲̲̅̅xִ̲̲̅̅eִ̲̲̅̅dִ̲̲̲̅̅̅█.tk (a website cataloging some IDN domain names) or other horrible-looking-yet legal addresses that most browsers can turn into their behind-the-scenes ASCII counterparts.

Answer 2

This is where UI developers me (and you, it sounds like) actually get into fun computer science stuff. You're probably only looking at a few hours of regex learning, and you'll use regex for the rest of your career.

I think the most straightforward way to do this would be in two passes:

1. Determine whether they've entered a url or an ip address. It should be pretty easy to determine it's an IP. Maybe you strip out all the "."s and then check to make sure there are only numbers.
2. Run the validation for ip address or url based on the outcome of step 1. As SArnold says, there's probably not much you can validate for URLs, but you can make the http:// optional for them this way.

resources: http://www.regular-expressions.info/javascript.html http://txt2re.com/

Answer 3

This might be sidestepping the problem a little bit, but I would probably defer it to a unix program like ping, curl or nslookup. I don't know if you want to do this for other reason but I think it would work.

$.validator.addMethod("http-ipvalidation", 
    function(value, element) {
      result = false
      $.getJSON({async:false,url:verify.php,success:function(resp){result=resp.result}})
      return result;
    }, 
  "Sorry, ip address invalid"
);

And in verify.php you'd have something like: Ping site and return result in PHP

$ch = curl_init($url);  
curl_setopt($ch, CURLOPT_TIMEOUT, 5);  
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);  
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);  
$data = curl_exec($ch);  
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);  
curl_close($ch);  
if($httpcode>=200 && $httpcode<300) {  
    return true;  
} else {  
    return false;  
}

So this way it throws an error whether or not the ip address they're entering is invalid, OR if it's not a real IP address. I don't know if this is behavior that you want.