I'm trying to add additional security/validation to an online form that has AJAX backend. When I try to add a filter to remove spaces (such as trying trim or replace), the functionality breaks; no error, just no action in general. What's the best way to acheive this without breaking the app? The code segment is below (including some of the latest attempts).

    //var LastName = trim(document.getElementById('last_name').value)
    //var Email = trim(document.getElementById('email').value)
    //var City = trim(document.getElementById('city').value)
    //var State = trim(document.getElementById('state').value)

    //if(LastName == "" || Email == "" || City == "" || State == "" || document.getElementById('country').value == "-1" || document.getElementById('heard').value == "-1")
    if(document.getElementById('last_name').value == "" || document.getElementById('email').value == "" || document.getElementById('city').value == "" || document.getElementById('state').value == "" || document.getElementById('country').value=="-1" || document.getElementById('heard').value=="-1")
//if(document.getElementById('last_name').value.replace(/^\s+|\s+$*/gm,"") == "" || document.getElementById('email').value.replace(/^\s+|\s+$*/gm,"") == "" || document.getElementById('city').value.replace(/^\s+|\s+$*/gm,"") == "" || document.getElementById('state').value.replace(/^\s+|\s+$*/gm,"") == "" || document.getElementById('country').value =="-1" || document.getElementById('heard').value =="-1")
            alert("Please fill out required fields.")
2 Years
Discussion Span
Last Post by CaffeineCoder

So... a couple questions I guess...

If you have a form, why are you using AJAX?
What is trim()?
Have you used F12 tools to see if you are generating an error? If so, what is it?

I also don't understand your regex...
try using a too like: https://regex101.com/ to build your regexes. It looks like your regex is actually the cause of your script error, and why you are failing.

I doubt that you will need both multiline and * to be greedy when you already have + modifiers. Also, the * is outside the 'end of the line' marker... which is not right at all.


Thanks. Why is it not as the below? (this pattern was based off a different article)

var value = trim(document.getElementById("test").value)

You said that you want to do this for security. If that is the case, then trim the data server side, not client side.


trim used like that does not exist in native javascript - maybe the other article had a trim function in there?

Edited by DaveAmour: typo



Good questions.  I'll give a little background.  The form includes a CAPTCHA challege to weed out bots.  I'm using the Ajax to go between the server and user's session to check status of the challenge.  What "trim" is to do is remove spaces from the beginning and end of a given string.  I want to remove spaces, as well as special characters so that people filling out the form can't simply just put one or two spaces and move on.  Root cause for all of this is that we are getting spammed, but I don't think it's all bot-based as some required fields are just answered with a space vs gibberish.
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.