Rectangle 27 2

Of course it is possible. You just need to programmatically trigger form validation when the dialog is closed, and prevent it from being closed if validation fails:

var valid = $("#myform").validate().form();
if (valid)
{
    // allow the dialog to be closed
}
else
{
    // keep the dialog open
}

In fact, the demo you linked uses (custom) validation. Have a look at the JS source - actual validation logic aside, it's not too different from what your code will do.

You should just need to remove the first -? to make that regex allow only positive numbers:

/^(?:\d+|\d{1,3}(?:,\d{3})+)(?:.\d+)?$/

Ok, but is it possible to do this: $("#MaterForm").validate() ; $("#DialogForm").validate() ; ?? I'm not sure :(

@eddy: what do you mean, "is it possible"? Sure, you can validate multiple forms programmatically - but that's not what that code does. What exactly are you trying to do? What hasn't worked, and in what way?

javascript - Using jquery Dialog with the Validation plugin - Stack Ov...

javascript jquery regex jquery-validate
Rectangle 27 2

Of course it is possible. You just need to programmatically trigger form validation when the dialog is closed, and prevent it from being closed if validation fails:

var valid = $("#myform").validate().form();
if (valid)
{
    // allow the dialog to be closed
}
else
{
    // keep the dialog open
}

In fact, the demo you linked uses (custom) validation. Have a look at the JS source - actual validation logic aside, it's not too different from what your code will do.

You should just need to remove the first -? to make that regex allow only positive numbers:

/^(?:\d+|\d{1,3}(?:,\d{3})+)(?:.\d+)?$/

Ok, but is it possible to do this: $("#MaterForm").validate() ; $("#DialogForm").validate() ; ?? I'm not sure :(

@eddy: what do you mean, "is it possible"? Sure, you can validate multiple forms programmatically - but that's not what that code does. What exactly are you trying to do? What hasn't worked, and in what way?

javascript - Using jquery Dialog with the Validation plugin - Stack Ov...

javascript jquery regex jquery-validate
Rectangle 27 59

The HTML5 form validation process is limited to situations where the form is being submitted via a submit button. The Form submission algorithm explicitly says that validation is not performed when the form is submitted via the submit() method. Apparently, the idea is that if you submit a form via JavaScript, you are supposed to do validation.

However, you can request (static) form validation against the constraints defined by HTML5 attributes, using the checkValidity() method. If you would like to display the same error messages as the browser would do in HTML5 form validation, Im afraid you would need to check all the constrained fields, since the validityMessage property is a property of fields (controls), not the form. In the case of a single constrained field, as in the case presented, this is trivial of course:

function submitform() {
  var f = document.getElementsByTagName('form')[0];
  if(f.checkValidity()) {
    f.submit();
  } else {
    alert(document.getElementById('example').validationMessage);
  }
}

can we use two buttons in a single form it shows error required fields alerts for both buttons why? how to solve?

@HTMLDeveloper, you should present your problem, with code, as a new question (and formulate it in more detail I really cant see what you are asking here).

html - HTML5 validation when the input type is not "submit" - Stack Ov...

html html5 forms validation html5-validation
Rectangle 27 25

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

For the example I will use a minimal form, only with two fields and a submit button.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Normally all would start from something near this (I removed all extra stuff not important):

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

The problem is that the form is always submitted, no matter if onclick returns true or false.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

On such way it works as I need.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

javascript - How to prevent buttons from submitting forms - Stack Over...

javascript html forms button submit
Rectangle 27 24

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

For the example I will use a minimal form, only with two fields and a submit button.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Normally all would start from something near this (I removed all extra stuff not important):

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

The problem is that the form is always submitted, no matter if onclick returns true or false.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

On such way it works as I need.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

javascript - How to prevent buttons from submitting forms - Stack Over...

javascript html forms button submit
Rectangle 27 24

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

For the example I will use a minimal form, only with two fields and a submit button.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Normally all would start from something near this (I removed all extra stuff not important):

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

The problem is that the form is always submitted, no matter if onclick returns true or false.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

On such way it works as I need.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

javascript - How to prevent buttons from submitting forms - Stack Over...

javascript html forms button submit
Rectangle 27 24

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

For the example I will use a minimal form, only with two fields and a submit button.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Normally all would start from something near this (I removed all extra stuff not important):

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

The problem is that the form is always submitted, no matter if onclick returns true or false.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

On such way it works as I need.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

javascript - How to prevent buttons from submitting forms - Stack Over...

javascript html forms button submit
Rectangle 27 24

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

So what I put here is how I do the tricks to have a form able to be submitted by JavaScript without any validating and execute validation only when the user presses a button (typically a send button).

For the example I will use a minimal form, only with two fields and a submit button.

For the example I will use a minimal form, only with two fields and a submit button.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Remember what is wanted: From JavaScript it must be able to be submitted without any checking. However, if the user presses such a button, the validation must be done and form sent only if pass the validation.

Normally all would start from something near this (I removed all extra stuff not important):

Normally all would start from something near this (I removed all extra stuff not important):

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="submit" value="Send" onclick="JavaScript:return Validator();" />
</form>

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

See how form tag has no onsubmit="..." (remember it was a condition not to have it).

The problem is that the form is always submitted, no matter if onclick returns true or false.

The problem is that the form is always submitted, no matter if onclick returns true or false.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

If I change type="submit" for type="button", it seems to work but does not. It never sends the form, but that can be done easily.

<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>
<form method="post" id="theFormID" name="theFormID" action="">
   <input type="text" id="Field1" name="Field1" />
   <input type="text" id="Field2" name="Field2" />
   <input type="button" value="Send" onclick="JavaScript:return Validator();" />
</form>

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

And on function Validator, where return True; is, I also add a JavaScript submit sentence, something similar to this:

function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}
function Validator(){
   //  ...bla bla bla... the checks
   if(                              ){
      document.getElementById('theFormID').submit();
      return(true);
   }else{
      return(false);
   }
}

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

The id="" is just for JavaScript getElementById, the name="" is just for it to appear on POST data.

On such way it works as I need.

On such way it works as I need.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

I put this just for people that need no onsubmit function on the form, but make some validation when a button is press by user.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

Why I need no onsubmit on form tag? Easy, on other JavaScript parts I need to perform a submit but I do not want there to be any validation.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

The reason: If user is the one that performs the submit I want and need the validation to be done, but if it is JavaScript sometimes I need to perform the submit while such validations would avoid it.

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

It may sounds strange, but not when thinking for example: on a Login ... with some restrictions... like not allow to be used PHP sessions and neither cookies are allowed!

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

So any link must be converted to such form submit, so the login data is not lost. When no login is yet done, it must also work. So no validation must be performed on links. But I want to present a message to the user if the user has not entered both fields, user and pass. So if one is missing, the form must not be sent! there is the problem.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

See the problem: the form must not be sent when one field is empty only if the user has pressed a button, if it is a JavaScript code it must be able to be sent.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

If I do the work on onsubmit on the form tag, I would need to know if it is the user or other JavaScript. Since no parameters can be passed, it is not possible directly, so some people add a variable to tell if validation must be done or not. First thing on validation function is to check that variable value, etc... Too complicated and code does not say what is really wanted.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

So the solution is not to have onsubmit on the form tag. Insead put it where it really is needed, on the button.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

For the other side, why put onsubmit code since conceptually I do not want onsubmit validation. I really want button validation.

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

Not only the code is more clear, it is where it must be. Just remember this: - I do not want JavaScript to validate the form (that must be always done by PHP on the server side) - I want to show to the user a message telling all fields must not be empty, that needs JavaScript (client side)

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

So why some people (think or tell me) it must be done on an onsumbit validation? No, conceptually I am not doing a onsumbit validating at client side. I am just doing something on a button get pressed, so why not just let that to be implemented?

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

Well that code and style does the trick perfectly. On any JavaScript that I need to send the form I just put:

document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there
document.getElementById('theFormID').action='./GoToThisPage.php'; // Where to go
document.getElementById('theFormID').submit(); // Send POST data and go there

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

And that skips validation when I do not need it. It just sends the form and loads a different page, etc.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

But if the user clicks the submit button (aka type="button" not type="submit") the validation is done before letting the form be submitted and if not valid not sent.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

Well hope this helps others not to try long and complicated code. Just not use onsubmit if not needed, and use onclick. But just remember to change type="submit" to type="button" and please do not forget to do the submit() by JavaScript.

javascript - How to prevent buttons from submitting forms - Stack Over...

javascript html forms button submit
Rectangle 27 4

Not ideal but it will do the job; use JavaScript in your master template to remove the validation:

$(document).ready(function(){
    $("input[data-val-date]").removeAttr("data-val-date");
});

c# - How can I prevent a validation attribute from being generated? - ...

c# .net asp.net-mvc jquery-validate asp.net-mvc-4
Rectangle 27 1

I have tried setting the value of the input field as a javascript date object, which in turn passed the validation of the unobtrusive validation.

$("#date-input-field").val(new Date(1,0,1970));
$.validator.unobtrusive.parse('#form');
var form = $('#form');
form.validate();

This is done with jQuery 1.7.2, validation.unobtrusive and mvc4.

c# - How can I prevent a validation attribute from being generated? - ...

c# .net asp.net-mvc jquery-validate asp.net-mvc-4
Rectangle 27 1

I'm doing some validation on a HTML form using min and max attributes. I also want to prevent form submission if the submit button is clicked once to prevent multiple form submissions before a page is reloaded.

As you said, you want to prevent form submission, so you must point your bullets to the <form> tag. When you need to handle the submit event, always attack the <form>, so let's add an onsubmit attribute:

<form method="post" action="my-script.php" onsubmit="return something();">

Now let's add a little funtion which tells to our <form> what to do. In this case let's show the result from the input:

id
<input type="number" id="endNo" name="endNo" placeholder="END" min="5" max="20">

The submit button only shows the disabled event in the onclick attribute because return false is already being executed on the <form> tag:

<input type="submit" name="name" value="REGISTER" onclick="this.disabled=true;">
<script type="text/javascript">
function something() {
    var v = document.getElementById( "endNo" ).value;
    alert( "The value is " + v );
    return false;
}
</script>

<form method="post" action="" onsubmit="return something();">
<input type="number" id="endNo" name="endNo" placeholder="END" min="5" max="20">
<input type="submit" name="name" value="REGISTER" onclick="this.disabled=true;">
</form>

See it in action:

javascript - Why is disabling form submission affecting min and max at...

javascript html google-chrome
Rectangle 27 8

You have to keep in mind that to prevent xss, you've GOT TO DO IT ON THE SERVER SIDE. If your rich text editor (ex YUI or tinyMCE) has some javascript to prevent a script tag from being inputted, that doesn't stop me from inspecting your http post requests, looking at the variable names you're using, and then using firefox poster to send whatever string I like to your server to bypass all client side validation. If you aren't validating user input SERVER SIDE then you're doing almost nothing productive to protect from XSS.

Any client side xss protection would have to do with how you render user input; not how you receive it. So, for example, if you encoded all input so it does not render as html. This goes away from what you want to accomplish though (just anchor and img tags). Just keep in mind the more you allow to be rendered the more possible vulnerabilities you expose.

That being said the bulk of your protection should come from the server side and there are a lot of XSS filters out there depending on what you're writing with (ex, asp.net or tomcat/derby/jboss) that you can look into.

I think you're on the right path by allowing ONLY a and img tags. The one thing you have to keep in mind is that you can put javascript commands into the src attributes of a tags, so take care to validate the href attributes. But the basic idea of "allow nothing and then change the filters to only allow certain things" (AKA whitelist filtering) is better than "allow everything and then filter out what I don't want" (AKA blacklist filtering).

In the comments below, Brian Nickel also said this which illustrates the point:

The other thing you're going to want to do is define a XSSFilterRequest object (or something along those lines) and in a filter, override your requests so that any call to whatever your "getUrlParameter" and "getRequestParameter" objects run the request values through your xss filter. This provides a clean way to filter everything without rewriting existing code.

EDIT: A python example of xss filtering:

The first answer mentioned is incorrect, as stated in the other answers/comments. And, same with the other answer.

Are you talking about the answers I posted in the links?

Alright, just making sure. But ya, I don't think there is a "best" solution out there, which is why I'm recommending the "strip everything, and then write code to allow what you want and ONLY what you want" approach.

Everything but the elements and attributes you want to keep. I know you mentioned it in your answer but that bears repeating since it is so scary. <img onerror="stealMoney()"> fall under "elements you want to keep" after all. You almost want an SGML parser that parses the document, filters it, and then rebuilds it with only the desired subset. This Q confirmed why I love Markdown.

javascript - div contenteditable, XSS - Stack Overflow

javascript jquery html xss
Rectangle 27 2

When using the attribute to restrict the maximum input length for text from a form on a webpage, the StringLength seems to generate the maxlength html attribute (at least in my test with MVC 5). The one to choose then depnds on how you want to alert the user that this is the maximum text length. With the stringlength attribute, the user will simply not be able to type beyond the allowed length. The maxlength attribute doesn't add this html attribute, instead it generates data validation attributes, meaning the user can type beyond the indicated length and that preventing longer input depends on the validation in javascript when he moves to the next field or clicks submit (or if javascript is disabled, server side validation). In this case the user can be notified of the restriction by an error message.

StringLength vs MaxLength attributes ASP.NET MVC with Entity Framework...

asp.net-mvc-3 ef-code-first entity-framework-4.1
Rectangle 27 0

you can do it client side by using Javascript or you can do it on php by validation and if validation fails display error and no redirect to the next page.

php - How do I prevent users from submitting this form blank? - Stack ...

php forms
Rectangle 27 0

As I've said in my comments, it is difficult to prevent all ways that an input field can be manipulated (drag/drop, paste, cut, delete) and thus you will ultimately need to validate the field before using it.

That said if you want to prevent a number being typed into the first character in the field, you can use this:

document.getElementById("test").addEventListener("keypress", function(e) {
    var key = e.which || e.keyCode;
    if (this.selectionStart === 0) {
        if (key > 48 && key < 57) {
            e.preventDefault();
        }
    }
});

The event oninput covers all cases.

@Derek - Except the field is already modified on the input event.

that's true. But what I usually do is I also do a quick check after each input and remove invalid characters. Quick enough not to slow stuff down.

regex - In JavaScript, how can I prevent a number from being typed as ...

javascript regex validation
Rectangle 27 0

function getCaretPosition(oField) {
  var iCaretPos = 0;
  if (document.selection) {
    oField.focus();
    var oSel = document.selection.createRange();
    oSel.moveStart ('character', -oField.value.length);
    iCaretPos = oSel.text.length;
  }
  else if (oField.selectionStart || oField.selectionStart == '0')
    iCaretPos = oField.selectionStart;

  return (iCaretPos);
}

function LettersOnly(e){
    return getCaretPosition(e.target) === 1 && e.keyCode > 48 && e.keyCode < 58;
}

This should work if you bind LettersOnly to the oninput event of your input.

regex - In JavaScript, how can I prevent a number from being typed as ...

javascript regex validation
Rectangle 27 0

Could you do validation on the client-side with javascript rather than server side? This would prevent a post from occurring and any data from being lost in the validation process. Here's a very basic, simple example from the sourced site to give you an idea of what I mean:

<script type='text/javascript'>
function notEmpty(elem, helperMsg){
    if(elem.value.length == 0){
        alert(helperMsg);
        elem.focus();
        return false;
    }
        return true;
}
</script>
<form>
Required Field: <input type='text' id='req1'/>
<input type='button' 
onclick="notEmpty(document.getElementById('req1'), 'Please Enter a Value')"
value='Check Field' />
</form>

EDIT: Since you mention in your comment that client-side validation is not an option, my next suggestion would be to save the data in a ViewState (or Session State if you're navigating more than one page) prior to the PostBack to persist the data through the PostBack.

Hello Sam, thanks for the reply. Yes, obviously - there's client-side validation by default, but not all browsers support Javascript and not all things can be validated on client side (OldPassword validation in a password-change situation, for example).

In response to your edit - that seems like quite a messy solution. I am not set in stone with regards to any part of it - if there's a better way to have independent forms, without relying on separate models, or a way to have tabbed view with independent updates - I'd be open to hearing about it.

Unfortunately that's all I have to offer :-/. I don't think persisting data in View/Session state is very uncommon, in fact, if you google around you will find many solutions offered that way for persisting data during post. Sorry I couldn't be of more help, hopefully someone else here will have a better example and we can both learn.

ASP.NET MVC3 Server-Side Validations and Partial View forms - Stack Ov...

asp.net asp.net-mvc-3 validation viewmodel asp.net-mvc-partialview
Rectangle 27 0

If you are checking the username/password in a Click event, make sure to check the page's IsValid property before continuing. If username/password are being validated through a validation control, set its EnableClientScript to false and the RequiredFieldValidator to true. This will prevent the form from submitting without a password and the second validator from being called, unless they have JavaScript turned off.

c# - validation in asp.net login control - Stack Overflow

c# asp.net
Rectangle 27 0

I have tried setting the value of the input field as a javascript date object, which in turn passed the validation of the unobtrusive validation.

$("#date-input-field").val(new Date(1,0,1970));
$.validator.unobtrusive.parse('#form');
var form = $('#form');
form.validate();

This is done with jQuery 1.7.2, validation.unobtrusive and mvc4.

c# - How can I prevent a validation attribute from being generated? - ...

c# .net asp.net-mvc jquery-validate asp.net-mvc-4
Rectangle 27 0

What you actually need is server side (not client side/Javascript) validation in order to prevent "invalid data" (however you define it) from being sent/saved to your database.

If Javascript is turned off on the client (browser) none of your Javascript will run, the form will POST (or GET) to whatever action you define (editPost.php). You need to add validation code/handling to editPost.php

mysql - Submitting form via javascript - Stack Overflow

javascript mysql html-form