Validate User Inputs
In order to combine a good user experience with maximum security, user inputs are validated in two steps.
The first validation is triggerd, when a user clicks the submit button, and is a browser side validation that uses Javascript. Aim of the browser side validation is, to display invalide inputs immediately to the user, in order to help them to fill the form correctly before it is submitted and the data are processed. Due to reasons which are beyond your reach, browser side validation may in some cases not work as expected, for example because the user has disabled Javascirpt on their browser or even circumvents the validation with code.
The second validation of the user inputs is performed on your server, after user inputs are submitted and send to the server. This validation is performed using php and kicks in before transmitted data are processed or stored in any other way. Other than browser side validation server side validation can not be manipulated or circumvented by the user. Server side validation protects your website by making sure that user inputs do really fit your specifications and are "clean". If server side validation detects invalide user inputs, Visforms will stopp processing the data and display the form again including error messages according to the invalide inputs. Valide inputs, which the user has already made, will be entered into the form by automatic action, then.
Supported Validation Types/Rules
Which kind of validation is available for a field depends on the field type. Please not, if you want to force a user to make a not empty input for a given field, you have to enable the validation option "Required" for this field. Any other validation type will only check, that a given user inputs has a proper format accoring to the validation rules set for the field but will accept an empty user input as valide.
If not indicated otherwise, all validation options are set in the field configuration tab "Basic Options".
Validation Rule | Description | Supported in Field Type | Additional Information |
---|---|---|---|
Required | Field cannot be left empty | All field types except hidden fields | Please note: Only this validation rule forces a user to make an into |
Check for a valide email address format. | Field type specific validation, which will be applied to any field of type e-mail by automatic action. | ||
Url | Check for a valide url address format that starts with http. |
| Field type specific validation, which will be applied to any field of type url by automatic action. |
Number | Checks for a valide number |
| Field type specific validation, which will be applied to any field of type number by automatic action. |
Date | Checks the user input against the date format selected in the field configuration |
| Field type specific validation, which will be applied to any field of type date by automatic action. Suported date formats are: DD.MM.YYYY, MM/DD/YYYY and YYYY-MM-DD |
Minimum Length | "Text" fields: Minimal number of characters a user has to type in. Checkbox Group: Minimal number of checkbox controls the user has to check. |
| If you have enabled the use of "HTML-Editor" for a field of type "Textarea" the number of charachters added by the user is sometimes evaluated incorrect (to big). | Maximum Length | "Text" fields: Maximum number of characters a user can type in. Checkbox Group: Maximum number of checkbox controls the user can check. |
| If you have enabled the use of "HTML-Editor" for a field of type "Textarea" the number of charachters added by the user is sometimes evaluated incorrect (to big). If you do not set this option for a Checkbox Group, a user can check all checkboxes. |
Minimum value | Lowest number possible. |
| |
Maximum value | Highest number possible. |
| |
Minimum Date Value | Earliest date value allowed . This validation value can be set as:
|
| You need a Visforms Subscription, if you want to use this validation rule. |
Maximum Date Value | Highest date value allowed . This validation value can be set as:
|
| You need a Visforms Subscription, if you want to use this validation rule. |
Digits only | Allow digits only. No negative numbers, no decimals... |
| |
Custom validation | Perform a custom validation as defined by an individual regular expression. |
| |
Allow multiple selection | A user can select more than one option at a time. |
| The default behavior, when this option is disabled, is, that a user can only select one option. |
Equal to | User input in two (or more) fields have to be identical. |
| Fields, used for "Equal to" validation must be of the same field type. |
Allowed File Extensions | Allowed File Extension(s) for files that can be uploaded with the field. |
| |
File Upload Maximum Size | Maximum file size of files that can be uploaded with the form. |
| This option is set in the form configuration tab "Advanced". |
Unique values only | The form can only be submitted, if a given value for this field does not already exist in a recordset that was submitted for this form previously. |
| This validation option is set in the field configuration tab "Advanced". It can only be performed if user inputs are stored in the database. (Which is trigged by the form option "Save Results" which is set in the form configuration tab "Result".) Validation for "Unique values only" is only performed server side. |
Visforms uses the jQuery Validator Plugin for browser side validation.
Visforms allows you to create custom error messages, which will be used in the broweser side validation, if user inputs are not valide. If no custom error message is set, Visforms will use the default error messages. If the validation of user inputs fails on server side valiation and the form is displayed again, Visforms will always use default error messages. You can use the Joomla! language manager in order to customize the default error messages, if need be.