Jump to content

block similar character sequence


Recommended Posts

I'm looking for a way to block input in a text field occuring more than 5 times. For example

 

aaaaaa

 

is wrong but:

 

A sentence having an input of a happening several times or even more is okay.

 

above sentence has 7 inputs and shouldnt be blocked.

 

What is the solution?

Link to post
Share on other sites

There is almost certainly a regex solution, but I would just use a simple loop to step though the string.

 

Here is a Javascript version. Php would be similar.

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"/><title>title</title><style>[type=text]{width:600px;}</style><script>window.onerror = function(a,b,c){alert('Javascript Error: '+a+'nURL: '+b+'nLine Number: '+c);return true;}</script><script>'use strict';function init() {document.getElementById('btn1').onclick = process;}function process(){var max = 5;var instr = document.getElementById('in1').value;var dupes = 0;var fail = false;for(var i=1,len=instr.length; i<len ; i++){  if (instr[i]===instr[i-1]){    dupes++;  }else{    dupes=0;  }  if(dupes>max-1){    fail = true;  }}if(!fail){  document.getElementById('out1').innerHTML = instr;}else{  document.getElementById('out1').innerHTML = 'input string failed test';}}//end of functionwindow.onload = init;</script></head><body><input type="text" id="in1"/><input type="button" id="btn1" value="Enter"/><div id="out1"></div></body>    </html>
Link to post
Share on other sites

Just loop through the string. Much better and more efficient than a regex for this case.

 

The logic would be this:

Set counter to zero

Loop through the string

For each letter in the string

- If the letter is the same as before, add 1 to the counter

- If the letter is different than the one before then set the counter to zero

If the counter is greater than five set a flag to indicate that the string is invalid.

Link to post
Share on other sites

Well I could use Javascript possibly, but I prefer PHP.

 

The reason is that sometimes browsers dont process javascript. I want to avoid that problem. So for me it is either PHP unless there is a waterproof script that tracks down browsers not using javascript.

 

Is there?

Link to post
Share on other sites

I'm looking for a way to block input in a text field occurring more than 5 times.

 

What is this input? What are you going to do with this input? Validation of user inputs is commonly done both in Javascript for speedy response and then again in Php for security.

Link to post
Share on other sites

 

What is this input? What are you going to do with this input? Validation of user inputs is commonly done both in Javascript for speedy response and then again in Php for security.

 

The input is a link or a description. My goal is to make it safe first. If I'm ready with the 'network' part the part that is done with PHP and MySQL then I'll do javascript.

 

But one other thing: I figured out programmers also use perl for validation.

 

What is the difference or (dis)advantage of perl validation in relation to php?

Link to post
Share on other sites

Are you going to store this string in a database?

yes.

 

But I have another question about correcting wrong input.

 

If a user types his name like: JohnEastwoodJohnEastwood I would consider it as wrong because it's double and so I would like to stop it by modifying the entire string. Is that possible?

 

I searched for it but coud not find if a string could be used as a modifier.

 

Does anyone know that?

Link to post
Share on other sites

You can't allow for every combination, you can filter out attempts to inject code, invalid characters etc but you have to allow proper users to use common sense to check details and fill out a form correctly, and the use of confirmation page and confirm email page, can help to weed out undesirables, but that won't catch all because there are sites where you can create a 10min email (google).

Link to post
Share on other sites

You can't allow for every combination, you can filter out attempts to inject code, invalid characters etc but you have to allow proper users to use common sense to check details and fill out a form correctly, and the use of confirmation page and confirm email page, can help to weed out undesirables, but that won't catch all because there are sites where you can create a 10min email (google).

 

Yes I think it is not possible to secure something a 100%. But why not try to get as close as possible. But security is now not yet the issue for me as validating is more then just having crappy code in your database. An empty record is also useless even if it is done by accident.

 

I found some code I changed:

    <?php    $string = "namename";    $newstring = str_replace("name", "Foo", $string, $count);       print "$count changes were made.n";     if ($count>1)    {    echo "<br> ". $newstring;}    ?>

But the problem is that if you make a string like this;

    <?php    $string = "Hey name you can type your name in this field. Bye name";    $newstring = str_replace("name", "", $string, $count);       print "$count changes were made.n";     if ($count>1)    {    echo "<br> ". $newstring;}    ?>

This causes the wrong output and I want to have the correct one, is there a solution?

Link to post
Share on other sites

This attempt at filtering, if it even works, will actually block out legitimate users. Some names actually have repeating sequences in them and are valid.

 

The only thing you should try to filter is data that is not good for the system, such as an empty field or attempts at code injection; otherwise you risk losing real clients.

 

If you want to stop robots, try the honeypot technique. This technique involves putting an invisible form field on your page with something generic such as "name" or "email" but making it invisible. If the field is filled in then you know a robot did it, because humans can't see that field.

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...