Client Validation Problem

asked 2009-09-14 18:55:25 +0800

jyluo gravatar image jyluo
147 1 1

For a editor like textbox, the constraint will be activated before a onChange event (or similar). However, oftentimes users type in the textbox and directly click a button (like a submit button). In those cases, the constraint will be skipped and the unvalidated text value will be passed back to the server. Is there anyway to prevent that? Thanks!

delete flag offensive retag edit

4 Replies

Sort by ยป oldest newest

answered 2009-09-14 19:40:37 +0800

jyluo gravatar image jyluo
147 1 1

updated 2009-09-14 19:47:10 +0800

I found this small talk http://docs.zkoss.org/wiki/How_to_Secure_User%27s_Password_with_Encryption is dedicated to this topic.
However, this small talk did NOT answer the question raised by itself: the onChange event is not suppressed, and the onChange event keep bring back the unencrypted, plain text value to the password textbox. In other words, the "alert" function will show an encrypted value, but later the onChange event will set the value back to plain text. If you use a separate button to click and print the password textbox's value you will see it's the plain text value.
The method isClientComplete() does not suppress onChange event (I did not listen to onChange).

link publish delete flag offensive edit

answered 2009-09-14 22:53:08 +0800

jj gravatar image jj
638 3

I am not sure I understand the relationship between your second post and first post. I am just trying to help with the first post. Same problem occurs with submit button on a regular html form, when user clicks the submit directly without losing focus of the input box, then the checking logic on that inputbox will not be fired. In javascript, people would implement onSubmit() and check all the inputs again. I assume that you could do the same thing with ZK, and fire the onChange events from your submt event handler, then all the logic for client side validation should be carried out. The question that I have is how do you know if any validation fails and abort the submission, but I don't have time to look into that in details right now.


link publish delete flag offensive edit

answered 2009-09-14 23:16:23 +0800

jyluo gravatar image jyluo
147 1 1

According to the small talk, an onChange event will always pass client input back to server in plain text. What the small talk does is to use a client side JavaScript function to encrypt the text and pass it to server through a custom command "onEncryption", and in ClientConstraint if we let isClientComplete() return true then the onChange event should not be fired. But in practice the onChange event is still fired and keep sending the plain text to server.

link publish delete flag offensive edit

answered 2011-07-15 00:01:01 +0800

ajaidka gravatar image ajaidka
196 4

<textbox id="txt1" constraint="/+/"/>
<textbox id="txt2" constraint="/+/"/>
<button label="check" onClick="check();"/>



Hope it will help

original thread http://www.zkoss.org/forum/listComment/7078/1/20

link publish delete flag offensive edit
Your reply
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools




Asked: 2009-09-14 18:55:25 +0800

Seen: 343 times

Last updated: Jul 15 '11

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More