1

I have a simple form validator that checks to make for some field values are present and it works great, however we have recently been getting lots of BOT submissions in the form of entering a URL in the "Name" fields. I tried inserting s function to look for "http://" in the first_name field string but the form ignores the check. Ideally I think it might make more sense to check for the "http://" value in any of the form fields just to really stick it back to the bot but am unsure how to call both functions at the same time for each field and stuck just getting it to recognize one.

Here is (most) of the validator itself.

function checkForm( form ){
  function BogusUrl(str) {
      var pattern = new RegExp('^(http?:\\/\\/)?'); // look for URL in string
      if(pattern.form.first_name(str)) {
          alert( 'First Name is Bogus' ); // for testing
      return false;
       }
}
if( isEmpty( form.first_name ) ){
    alert( 'First Name is required field!' );
    return false;
    }
    if( isEmpty( form.last_name ) ){
    alert( 'Last Name is required field!' );
    return false;
    }
return true;
}

Edited for Alex and Manolo suggestions:

function BogusUrl(str) {
var pattern = new RegExp('^https?:\\/\\/'); // look for URL in string
    if(str.match(pattern)) {
    //alert( 'First Name is Bogus' ); // for testing
    return false;
  }
}


function checkForm( form ){
 if( BogusUrl(form.first_name.value.match(pattern))) {
    alert( 'First Name is Bogus' );
    return false;
} 
return true;
}
Improve this question
1
  • Javascript validation doesn't allow you to get rid of bot submissions. You have to duplicate such validation on server side. Commented Jan 28, 2014 at 15:01

2 Answers 2

Reset to default
2

I think you're missing the match part of that:

if(form.first_name.value.match(pattern))

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Adding the "match" makes perfect sense, however the function still seems to be ignored and the script jumps to the next field for validation (see modified code block above).
2 
var pattern = new RegExp('^(http?:\\/\\/)?'); // look for URL in string

Here you're checking "htt" and optionally "p". You should do:

var pattern = new RegExp('^(https?:\\/\\/)?'); // look for URL in string

or just:

var pattern = new RegExp('^(http:\\/\\/)?'); // look for URL in string

In your second option, you're not using the str parameter in the function. You should do:

function BogusUrl(str) {
  var pattern = new RegExp('^(https?:\\/\\/)?'); // look for URL in string
  if(str.match(pattern)) {
  alert( 'First Name is Bogus' ); // for testing
  return false;
  }
}

Also, you are testing if the string contains http(s):// or not! ?, so you should delete the interrogant:

function BogusUrl(str) {
  var pattern = new RegExp('^https?:\\/\\/'); // look for URL in string
  if(str.match(pattern)) {
  alert( 'First Name is Bogus' ); // for testing
  return false;
  }
}
Improve this answer

5 Comments

I thing your second option makes the most sens as it checks for both and have modified the function but for some reason it is going ignored. See my modified codeblock above.
Maybe my syntax is off trying to grab the form field value as it is still skipping over the first_name field 'if(form.first_name.str.match(pattern)) {'
I don't see you calling BogusUrl function. Just declaring it.
Modified my codeblock again above to separate out the function and the call. Now it ignores all validation unless I remove the call.
But, are you calling the checkForm( form ) function anywhere?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.