DFW5013

ADVANCED WEB DEVELOPMENT

2.0 DEVELOPING SERVLETS
2.3 Validating Data
 2.3.1 VALIDATING DATA ON THE CLIENT
 For simple validation work, JAVASCRIPT code can be embedded into an HTML page to
perform simple validation work client-side, before the form data is transmitted across the
internet and alert the user to any problems. Below is a example of modified FORM which
can be used to check that the user has entered some text before submitting it to the
servlet.The servlet itself is unchanged.
<HTML>
Note : Whilst Javascript is
<HEAD> very useful, your back end
<script language="javascript">
<!–
servlets should not rely on
function validateForm() { javascript checking to ensure
if (document.entryForm.yourname.value=="") {
alert("You haven't entered your name !");
the validity of the
return false; information being submitted
}
document.entryForm.submit(); return true;
and to stop users doing
} // --> things they shouldn't. Always
</script>
</HEAD>
re-check submitted data if
<BODY> there is a security/data
<FORM METHOD=POST ACTION="/servlets/demoServlets.MyNameServlet" NAME="entryForm">
<INPUT TYPE="TEXT" SIZE="30" NAME="yourname">
integrity implication to the
<INPUT TYPE="BUTTON" VALUE=" Submit " OnClick="validateForm()"> requested function. Malicious
</FORM>
</BODY>
users can easily bypass
</HTML> Javascript checks!

This technique is quite general and can be used with CGI-Scripts, JSP's or any other webserver
technology that works with HTML forms.
 2.3.2 VALIDATING DATA ON SERVER
 Example Login Screen Validation
 There will be two programs – one running on client machine and the other on server.

I. Client Program – UserPass.html

<body>
<h2 align="center">Login Validation</h2>
<form method="get" action="http://localhost:8080/JTMK/user">
Enter Course Name <input type="text" name="t1"> <br>
Enter Password <input type="text" name="t2"> <br>
<input type="submit" value="SEND">
<input type="reset" value="CLEAR">
</form>
</body>

http://localhost:8080/JTMK/user">

localhost: It is the system where Netbeans the alias name of the

server is running. Localhost is treated as Name of the folder you created Validation servlet given
the server. In realtime, actual name of and placed in web-app folder web.xml file
server comes. The port number
on which Netbeans
is running
2.3.2 VALIDATING DATA ON SERVER
II. Servlet program – Validation.java
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;

public class Validation extends HttpServlet {

public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
res.setContentType("text/html");
PrintWriter out = res.getWriter();
String str1 = req.getParameter("t1"); // extract the user name and password from reqister object sent by client
String str2 = req.getParameter("t2");
// some validation code
if(str1.equals("Advanced Web Development") && str2.equals(“DFW5013")) {
out.println("VALID");
}
else {
out.println("<b>INVALID</b>");
}
out.close();
}
}
2.3.2 VALIDATING DATA ON SERVER
Your Output should look like this

OR