hwg-languages archives May 2001 new search results previous next

Re: Javascript redundant code...

by Andrej Kostresevic <temporalassassin(at)yahoo.com>

 Date:  Wed, 23 May 2001 07:35:10 -0700 (PDT)
 To:  JOSE ADRIANO BALTIERI <JABALTIE(at)iep-cen.unimep.br>,
hwg-languages(at)hwg.org
 In-Reply-To:  cen
  todo: View Thread, Original 
This is a very simple solution to it.
Have your Javascript set a hidden form field to a certain value if all
validation goes ok.
Then look for that value inside your CGI script. If its there, let it go
through. If not, validate again, or return to the page.
Hope it helps,
Andrej
--- JOSE ADRIANO BALTIERI <JABALTIE(at)iep-cen.unimep.br> wrote:
> Hello List !
> 
> We have a lot of Javascripts, mostly to validate forms. These forms are 
> submitted to our CGI programs. These CGI programs have to validate again
> 
> everything that had just been validated by Javascript. That's because
> one can 
> edit the page and remove the scripts from it, submitting an incorrect
> form. 
> Or more simply, just disable Javascript and submit the form (Netscape
> allows 
> that).
> 
> Then, if we were able to prevent or detect this situation, that is, be
> sure 
> that the form has been passed through our Javascript code, we would save
> time 
> (programming and machine) by avoiding redundant checks. Smaller CGI's
> also 
> would be a benefit. They would have to do only the other checks that 
> Javascript couldn't do, probably those against databases.
> 
> Have heard about signed scripts but don't know neither what they mean
> nor if 
> they would solve this problem.
> 
> Have thought also about delivering/receiving tokens but, they're not
> secure at 
> all...
> 
> Thanks for any kind of help !
> 
> 
>                                 Obrigado/Thanks a lot,
> 
>                                 Jose Adriano Baltieri
>                                 Analista de Sistemas
>                                 CPD - CENTRO
>                                 UNIMEP - Universidade Metodista de
> Piracicaba
>                                 PIRACICABA - SP - BRASIL
>                                 Fone : 055 0 XX 19 430-1858 (english
> spoken)
>                                 Fax  : 055 0 XX 19 430-1898 (cx postal
42778)


__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

HWG: hwg-languages mailing list archives, maintained by Webmasters @ IWA