I have this as my registration validation code(client side). I want to follow the pattern i used for my javascript on the server side script. All i want to know is if my script is enough to counter any user error attack. Thanks function regvalidate(){ var gender=$j("#gen").val(); var surname=$j("#nsn").val(); var firstname=$j("#nfn").val(); var othername=$j("#notn").val(); var username=$j("#un").val(); var phone=$j("#tel").val(); var password=$j("#pw").val(); var rpassword=$j("#rpw").val(); var sorigin=$j("#sor").val(); var age=$j("#age").val(); var churchname=$j("#cname").val(); var churchname2=churchname.replace(/[~!@#$%^&*()_| \-=?;:'",.<>\{\}\[\]\\\/ ]/gi,''); var schoolname=$j("#sn").val(); var schoolname2=schoolname.replace(/[
~!@#$%^&*()_| -=?;:'",.<>{}[]\\/ ]/gi,''); var secquestion=$j("#sq").val(); var secanswer=$j("#sqa").val(); var secanswer2=secanswer.replace(/\s/g,""); var originalcaptcha=$j("#ocaptcha").text(); var usercaptcha=$j("#ucaptcha").val();
var chkb=$j("#chkb").prop("checked"); if(gender!='female' && gender!='male'){alert("please select a valid gender");} else if(!surname.match(/^[a-zA-Z]{2,50}$/)){alert("please enter a valid surname. Alphabets only and no space.");} else if(!firstname.match(/^[a-zA-Z]{2,50}$/)){alert("please enter a valid firstname. Alphabets only and no space.");} else if(!othername.match(/^[a-zA-Z]{2,50}$/)){alert("please enter a valid other name. Alphabets only and no space.");} else if(!username.match(/^[a-zA-Z0-9]{4,20}$/)){alert("enter a valid username please. Alphanumeric supported only. Min: 4 Max: 20");} else if(!password.match(/^[a-zA-Z0-9]{5,20}$/)){alert("password should only contain alphabets or numbers. Min: 5 Max: 20");} else if(pw!=rpassword){alert("password is not the same");} else if(!phone.match(/^[0-9]{11,13}$/)){alert("please enter a valid phone number");} else if(!sorigin.match(/^[a-zA-Z. ]{3,15}$/)||sorigin.length<3){alert("select your state");} else if(!age.match(/^[0-9]{2}$/)){alert("input your correct age. Atleast Ten years of age");} else if(!churchname.match(/^[a-zA-Z0-9',.-_() ]{13,100}$/)){alert("enter a valid church name. Do not abbreviate!");} else if(churchname.match(/(.)\1{3,}/)){alert("enter a valid church name");} else if(churchname2.length<13){alert("church name too short");} else if(!schoolname.match(/^[a-zA-Z0-9',.-_() ]{13,100}$/)){alert("enter a valid school name. Do not abbreviate!");} else if(schoolname2.length<13){alert("school name too short");} else if(schoolname.match(/(.)\1{3,}/)){alert("enter a valid school name");} else if(!secquestion.match(/^[a-zA-Z0-9.\? ]{10,100}$/)||secquestion.length<10){alert("select security question");} else if(!secanswer.match(/^[a-zA-Z0-9.,- ]{1,50}$/)){alert("enter security answer. Alphabets, numbers, dots, hyphens or commas supported and not more than 50 characters");} else if(secanswer2.length<1){alert("security answer too short");} else if(originalcaptcha!=usercaptcha){alert("invalid captcha");} else if(chkb==false){alert("accept terms and conditions");} else{$j("#reghloading").show();$j.post("processorthis.php",$j("#regform").serialize(),function(data){$j(".regresult").html(data);}).done(function(){$j("#reghloading").hide();}).fail(function(){ alert("unable to process your request now. Check back later");});}
return false;}
It looks like you're new here. If you want to get involved, click one of these buttons!