Input validation

Similar Messages

• Input validation in an OO-friendly fashion

  Okay, so "input validation" may sound a bit like an issue for the security division of the forum, but I'm concerned with the most OO way to verify the inputs of users. The situation is that I have about five or six different blanks in a GUI (not that it matters) where a user can input something to change the GUI's model. The GUI's model is, itself, an interface and therefore supports pluggability.
  Now, each of the inputs has potentially different "policies" or business rules for what can be entered. For example, one may be a date, etc. You guys know what I mean. Anyway, I know that I could just have some validation method for every field, but this doesn't seem to be very OO-esque.
  I'd like to have some kind of an interface called "StringValidator" or something that would have a method "validate()," but I don't know how this would play out. Maybe I could have a map in my GUI model where the key is the field name and the associated value is an appropriate implementation of StringValidator? I don't know, though. Even though it would be easier to implement five specific methods, one for each field, I'd rather not.
  If I use some kind of StringValidator, maybe I could require a method that returns an array of Strings with all illegal forms, but then again, that's bad form...
  I really just don't know.
  So, in summary, my two questions are as follows:
  1. What is the best way to implement an OO, easily scalable way to validate Strings in my app?
  2. How do I protect against things like SQL statements, HTML scripts, etc.? I know I should (in many cases), but I don't know how to.
  Thanks for any help, and for wading through that description.
  theAmerican
  PS I just remembered something about some Scanner class or something. Maybe that would help?

  It depends quite what you're doing; if you're working with a db then using prepared statements would handle all the escaping for you, but if you allow the users to input raw SQL then you can't realistically stop them from screwing things up.
  Similarly if you're having the users create html somewhere, then the more flexibility there is the harder it is to control. You don't have to worry about scripting if you're just using JLabel to render the html as it doesn't support it; if you're creating a web UI then you may have to.
  Pete

• MM41/MM42/(MM43) - Sales view: How to add own input validation for CALP-END

  Hello.
  I am looking for an easy way, if any to create an own input validation for a certain field in the article master on the sales view tab. In addition to any standard input validation I would a like to add an own validation (for CALP-ENDPR) depending on the input.
  How can that be achieved in the easiest and proper manner - in general and for the specific case?
  There are no screen exits etc. here, if I am correct.
  Any ideas?
  Thanks.
  C.N.

  Hi,
  Please refer the below link.
  This is for MM01. I understand that you are into Retail system. Hope the same processing logic can be done in your scenario also.
  saptechnical(dot)com(slash)Tutorials(slash)ExitsBADIs(slash)MM(slash)MM01(dot)htm
  Replace the bracket words with the correct symbols.
  With Regards,
  Sumodh.P

• Input validations using bsp code

  hai all,
     i want to check user input whether he/she entered correct values r not, i know how to do using javascript.
  but i need to do the same without using javascript.. is there any way
  leoiz

  No, this was not a joke, but it would be possible theoretically.
  Doing a quick search on Google got me this nice link:
  http://www.permadi.com/tutorial/flashjscommand/
  It shows an example of Flash interacting with JavaScript, hence proving the possibility.
  As for really using Flash/ActionScript for input validation ...
  If you are thinking about just including a little Flash-Validation for input fields - why do it with Flash if you can use JavaScript?
  And if your page is a Flash-Page anyway, well, you would not have to go back to HTML input fields, as you work within your Flash applet.
  Maybe you have a specific situation I didn't think of yet.
  Max

• How do I return to the top of a form when input validation fails?

  I have a form that I am using spry input validation that I
  would like the user to be returned to the top of the page when
  validation fails. If that can't be done somewhat easily, can I have
  a message appear next to the submit button that says "Errors found.
  The field(s) marked in red need to be corrected" when there are any
  errors that prevent the form from submitting.

  The break statement in Java is similar to last in Perl.
  The continue statement in Java is similar to next in Perl.

• [solved][C] input validation with strtod()

  I'm using strtod() in an RPN implementation, and I'm working on input validation. As per strtod(3), I've written the following conditional to catch input overflow.
  errno = 0;
  op1 = strtod(token, &endPtr);
  if ((errno == ERANGE && (op1 == HUGE_VALF || op1 == HUGE_VALL)) || (errno != 0 && op1 == 0)) {
  printf("Error: Input overflow.\n");
  clearstack();
  return 1;
  Except that when I enter something that would definitely overflow, this conditional is never entered. Furthermore, errno is never set. What am I missing?
  A link to the full code can be found here
  Last edited by falconindy (2010-04-13 17:49:15)

  tavianator wrote:
  Well the first wrong thing I see is that you should really test if fabs(op1) is HUGE_VAL{F,L}.
  The second thing is, why so complicated a test?  errno != 0 should be all you need.
  Fair enough. This is the first time I'm really dealing with floating point ops in C.
  tavianator wrote:The third thing is, if errno is really not being set, are you sure you're really overflowing?  doubles go up to about
  1.8e308 on most arches.
  Huh... wouldn't an unsigned double be, at most, 2^128 - 1 and more likely 2^64 - 1? I'm dealing with signed, so its then half that. Sure enough, sizeof(double) returns 8.
  Also, this is what made me think I'm hitting overflow.
  > 111111111111111111111111111111111111111111111111111111111111111111111111111111111111 1 *
  = 111111111111111105547424803279259724863245197668615715838829352563602489955831513088.000
  >
  Hmm. If I go even further, I eventually do hit an overflow error. However, that still leaves me a little baffled as to the results above. Is this a result of the decimal precision inherent in a double?

• Element Input Validation - Table Values

  Hi All,
  Forum newbie.
  Can anyone tell me if its possible to do an Element Input Validation that is using table values?
  eg.
  This was my thinking -
  DEFAULT FOR TableLower IS 0
  DEFAULT FOR TableUpper IS 0
  INPUTS ARE entry_value (text)
  entry = TO_NUM(entry_value)
  Lower = TO_NUM(GET_TABLE_VALUE('Table Selected', 'Level', TableLower))
  Upper = TO_NUM(GET_TABLE_VALUE('Table Selected', 'Level', TableUpper))
  IF entry > Upper OR entry < Lower THEN
  formula_status = 'E'
  formula_message = 'Entry Value Must Be In The Table Range 1'
  ELSE
  formula_status = 's'
  RETURN formula_status, formula_message
  Any help would be very much appreciated.
  Dean

  Hello,
  It is possible to use GET_TABLE_VALUE function in element input validation.
  Thanks,
  Sudhakar

• How to do input validation in BDC's?

  hai,
     I am Rajesh, I want to know how and where to write input validation code in BDC's. Please help me on this.
  Thanking you

  Hi and welcome
  all key-fields (and fields with a check-table) are checked by SAP-standard in your called transaction in BDC too.
  if you want to validate additional:
  1)load you data from flat file into itab
  2)check fields:
  -against checktable
  -format (date,currency)
  -value
  A.
  pls reward usful answers
  Message was edited by: Andreas Mann

• Date and Time Input Validation

  Anyone know a good way to validate date and time that a user is entering on the screen.  Our users want to enter AM and PM time vs. Military time. 
  Also, since Input fields don't have an "onBlur" command, what are other companies using in java script.

  What type of DATE/TIME validation are you looking for?
  If you want to validate the format you could simply set the type to date/time and enable the dovalidate attribute to "TRUE".
  for getting onBlur, onChange, etc for your input field you can use bsp:findandreplace.
     <%
    tmp_string =`<input onBlur="javascript:yourjsfunction();"`.
        %>
        <bsp:findAndReplace find    = "<input"
                            replace = "<%= tmp_string %>" >
          <htmlb:inputField id        = "myInputField2"
                            value     = "12345"
                            alignment = "left" />
        </bsp:findAndReplace>
  (courtesy Ulli Hoffmann)
  Hope this helps.
  Regards
  Raja

• BEx WAD - Input validation

  Hi All,
  I'm using BEx WAD to call a query that allows me to see cost center information according to user authorizations thru the Portal. However, if I type an invalid entry then the application returns everything, including nodes that the user is not supposed to be authorized to see. How do I resolve this? Can I do it thru input data validation? Is there another simpler solution?
  Thanks
  Marshall.

  Marshall,
      How are you providing authorization to Query?
  Nagesh Ganisetti.

• Input Validations

  hi,
  My program require 4 inputs. One parameter(obligatory) and remaining are select-options.I am validating all the fields.
  When I enter wrong value for obligatory field remaining select-options are being disabled(grayed) untill I click on them.
  How to enable them automatically.
  Please help me.

  - Put the parameters/select-options in a [SELECTION-SCREEN BLOCK|http://help.sap.com/abapdocu/en/ABAPSELECTION-SCREEN_BLOCK.htm].
  - Execute you check in a [AT SELECTION-SCREEN|http://help.sap.com/abapdocu/en/ABAPAT_SELECTION-SCREEN.htm] [ON BLOCK|http://help.sap.com/abapdocu/en/ABAPAT_SELECTION-SCREEN_EVENTS.htm#!ABAP_ALTERNATIVE_4@4@] blo.
  When the error will be sent, the whole block keeps editable and the cursor is at the first field of the block.
  Regards,
  Raymond

• Regarding input validation

  Hy to all,
             we are taking purchase order no from  user and  want to validate the user input.
  Can some one tell me how to implement validation....
  thanks in advance

  Hi,
  Pls check things like
  http://www.w3schools.com/js/js_form_validation.asp
  http://www.developertutorials.com/tutorials/javascript/javascript-form-validation-correction-050412/page1.html
  http://www.yourhtmlsource.com/javascript/formvalidation.html
  Eddy

• Number Input Validation

  I'm having a lot of trouble validating that only a number within the specified range can be taken as input in this program that calculates payments on a loan. The loops repeat and prompt for correct input IF the values inputted are numbers. I need the program to account for Strings and characters, so that if a string or char is entered in the loan amount, year amount, or interest rate amount, the user is prompted again until a number with no chars or strings present is input. I tried everything; I've changed all of my methods to strings and tried to parse the strings into integers, a waste of about 2 hours; I've tried using exception handling, I cannot get it to work right and there's too much overhead for that anyway. If there was just a static method such as NotANumber (NaN) for primitive types so that I could validate at the same time as I take the <variable>.nextDouble, I wouldn't have a problem. Any help please?
  public class Payment
      private double la;
      private double mir;
      private int yrs;
      private double monthlyPayment;
      Scanner inp = new Scanner(System.in);
      public Payment()     //no argument constructor
          la =  0;
          mir = 0;
          yrs = 0;
      public static double monthlyPayment(double loanAmount, double monthlyInterestRate, int years)
          int months = 12;// *= years;
          double temp = monthlyInterestRate;
          months *= years;
          monthlyInterestRate = monthlyInterestRate * .01;
          monthlyInterestRate /= 12;
          double monthlyPayment = loanAmount * monthlyInterestRate / (1 - 1/Math.pow(1 + monthlyInterestRate, months));
          System.out.println("Loan amount: " + loanAmount);
          System.out.println("Yearly interest rate: " + temp);
          System.out.println("Years: " + years);
          System.out.println("Monthly payment: " + monthlyPayment);
          return 1;
      public void input()
          char c = ' ';
          String s = "";
          double loan;
          double monthlyInterestRate;
          int years;
          Scanner in = new Scanner(System.in);
          do
              do
                  System.out.println("Enter loan amount: ");
                  loan = in.nextDouble();
              while(loanAmountFalse(loan));
              setLoanAmount(loan);
              do
                  System.out.print("Enter monthly interest rate: ");
                  monthlyInterestRate = in.nextDouble();
              while(monthlyInterestRateFalse(monthlyInterestRate));
              setMonthlyInterestRate(monthlyInterestRate);
              do
                  System.out.print("Enter years: ");
                  years = in.nextInt();
              while(yearsFalse(years));
              setYears(years);
              monthlyPayment(loan, monthlyInterestRate, years);
          while(continueOK());       
      private boolean continueOK()
          boolean cont = true;
          String s = "";
          char c = ' ';
          Scanner in = new Scanner(System.in);
          do                                   //allows prompt to repeat if 'y' or 'n' is not entered
              System.out.print("Enter 'y' to continue or 'n' to end program:");
              s = in.next();
              s = s.toLowerCase();            //input is not case sensitive
              c = s.charAt(0);
              if(c == 'n')
                  System.out.println("System exiting...");
                  System.exit(0);
          while(c != 'y');
          return true;
      private boolean loanAmountFalse(double loanAmount)
          if(loanAmount < 0)
              System.out.println("Loan amount UNDER 0... error...");
              return true;
          else if(loanAmount > 1000000)
              System.out.println("loan amount OVER 1000000...");
              return true;
          else
              System.out.println("loanAmOK method reached...");
              return false;
      private boolean monthlyInterestRateFalse(double monthlyInterestRate)
          if(monthlyInterestRate < 0)
              System.out.println("ERROR: Interest rate must be over 0...");
              return true;
          else if(monthlyInterestRate > 20)
              System.out.println("Error: Interest rate must be under 20...");
              return true;
          else
              System.out.println("good to go...");
              return false;
      private boolean yearsFalse(int years)
          if(years < 0)
              System.out.println("ERROR: years must be over 0...");
              return true;
          else if(years > 100)
              System.out.println("ERROR: years must be under 100...");
              return true;
          else
              System.out.println("Years ok");
              return false;
      public void setLoanAmount(double loanAmount)
          if(loanAmountFalse(loanAmount))
              System.out.print("Error: loan amount must be greater than 0 and less than $1,000,000.");
          else
              this.la = loanAmount;
      public void setMonthlyInterestRate(double monthlyInterestRate)
          if(monthlyInterestRateFalse(monthlyInterestRate))
              System.out.println("Error: interest rate must be greater than 0 and less than 20.");
          else
              this.mir = monthlyInterestRate;
      public void setYears(int years)
          if(yearsFalse(years))
              System.out.println("Error: years must be greater than 0 and less than 100.");
          else
              this.yrs = years;
  }

  flounder wrote:
  Or wrap a try statement around the call to nextDouble.Or use Scanner.hasNextDouble() to determine if the next token can successfully be parsed as a double.

• Message Input validation

  How to do validation for user input in MessageInput. How to make the user to enter a number only or text only and numbers without decimal points
  thank you
  Velpandian .S

  Hi Patrick and Ian,
  Thank you very much for giving me the solution to the validation problem.
  But I get the validation error for example need a number, but I am not getting the label instead I get "".
  I also have one more problem with UIX and BC4J. I don't know how to handle data's in multiple tables. I need to solve this problem urgently. Could you please help me?
  I have to handle data from four different tables in the database. The scenario is as follows:
  The tables are
  1. user
  fields are: userid number, name varchar2
  2. business
  fields are: businessId number, name varchar2
  3. service
  fields are: serviceId number, serviceName varchar2
  4. userBusiness
  userid,businessid (both are foreign keys) & form complex primary keys.
  and userid,businessid, serviceId are primary keys.
  Now my problem is: to create a webpage where
  1. The userid is available in the httpSession Variable as string.
  2. according to the userId stored in the session variable I have to retrieve the business names and show them in a choice i.e., pull down box.
  3. I have to show the services provided by the business for the business name selected in the combo box.
  Could anyone Please help me solve this problem? Could you please give me hints? I have truncated the other fields in the tables.
  Thank you very much.
  Velpandian .S

• Error  handling  for input  validations

  hi,
  Problem:I'm writing  FM  for the material plant details  on inputs material and plant.
                     if  material is not valied  and i need to show  error messages
                      if material is not in plant  then it shows relevent Error messages
                     i need to handle all  possiable  error messages.
  Requirement:I need standard  FM  to handle any type of error messages that will eraise,
                     that i need to show.
  could anyone tel me any standard FM to handle any type Error messages.
  Thanks in Advance.
  sivakumar

  Hi siva,
  In the past I have used the following function modules to handle multiple error messages;
  1.
    CALL FUNCTION 'MESSAGES_INITIALIZE' "To initialise the storage table
      EXPORTING
        collect_and_send   = ' '
        reset              = 'X'
        line_from          = ' '
        line_to            = ' '
        i_store_duplicates = ' '
        check_on_commit    = 'X'
        i_reset_line       = ' '.
  2.
    CALL FUNCTION 'MESSAGE_STORE' " Use to store each message one by one as they occur
      EXPORTING
        arbgb                  = p_msid
        msgty                  = p_tipo
        msgv1                  = p_var1
        msgv2                  = p_var2
        msgv3                  = p_var3
        msgv4                  = p_var4
        txtnr                  = p_txtnr
      EXCEPTIONS
        message_type_not_valid = 1
        not_active             = 2
        OTHERS                 = 3.
  3.
    CALL FUNCTION 'MESSAGES_SHOW' " Use at the end to finally display the messages
      EXPORTING
        object             = text-004
        send_if_one        = 'X'
        i_use_grid         = 'X'
      EXCEPTIONS
        inconsistent_range = 1
        no_messages        = 2
        OTHERS             = 3.
  I hope this will help you.
  Regards,
  Simon

• Input validation in datatable

  Hi all,
  I have a datatable displaying some records and allowing for each record to press a link to to something with that line. I am however facing problems with the field validation. Here's what I have:
  <t:dataTable style="width: 100%" id="tfopts" binding="#{quoteOptions.freeFormOptionTable}" value="#{quoteOptions.unselectedFreeFormOptions}" var="option">
       <t:column width="70%">
            <h:inputText style="width: 98%" value="#{option.description}" />
       </t:column>
       <t:column style="white-space:nowrap" width="15%">
            <h:inputText style="width: 100%" value="#{option.catalogPrice}">
                 <f:convertNumber/>
            </h:inputText>
       </t:column>
       <t:column style="white-space:nowrap" width="15%">
            <a4j:commandLink action="#{quoteOptions.addFreeFormOption}" value="#{msg.options_addoption}" reRender="selopts,tfopts" />
       </t:column>
  </t:dataTable>Now, I need to make sure that the description is not empty when hitting the commandLink. I have tried by setting the required attribute, but then it's set for all rows, which I do not want.
  Alternatively I approached it via Javascript, but it occurred to me that I don't know the id of the field on the row where the commandlink is clicked.
  Can anyone help me out with this?
  Thanks

  tombatore wrote:
  Now, I need to make sure that the description is not empty when hitting the commandLink. I have tried by setting the required attribute, but then it's set for all rows, which I do not want.This should work:required="#{!empty param['formId:dataTableId:rowId:commandLinkId']}"The 'rowId' part can be obtained from UIData#getRowIndex().
  Alternatively I approached it via Javascript, but it occurred to me that I don't know the id of the field on the row where the commandlink is clicked.Make use of the 'this' reference and pass the commandlink element itself as argument to the JS function.
  onclick="foo(this)"
  function foo(element) {
      var id = element.id;
      // You can do substring and/or replace here and then get element by id from document.
  }