Results 1 to 2 of 2

Thread: Serious back-end validation needed in next release

  1. #1
    Thread Starter
    Rookie nikahmad's Avatar
    Join Date
    Dec 2010
    Location
    Malaysia
    Posts
    9
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Thumbs up Serious back-end validation needed in next release

    Here are my suggestion for an improvement.

    VERSION: ClassiPress 3.0.5
    AFFECTED CODE:
    step-functions.php - line 695
    step3.php

    THE SITUATION:

    I noticed ClassiPress rely only on jQuery.validation to validate input on Insert Ad forms. Thus, if there is a javascript error occured or javascript is disabled, one can submit the form up till the end of the ad submission process even with errors. (such as submitting blank form)

    Related thread: This thread here is an example of such problem. The javascript error affect validation.

    ClassiPress did send email to Admin and the ad poster regarding the new (false) ad submission. All related operation when creating an ad listing is carried out; Although the returned post_id==0 (refer step-functions.php - starting line 695 to 745)

    MY SUGGESTIONS:
    1. Stopping unnecessary execution of code if returned post_id==0

    add exception on step-functions.php - after line 695
    Code:
    if( $post_id == 0 ) return 0;
    add exception on step3.php - after line 43
    Code:
    if( $post_id != 0 ):
    ...
    endif;
    // just before removing the temp session option from the database : line 90
    Note: You may add custom error message saying that the submission didn't happen. Because post_id==0.


    2. Prevent user from submitting the form (if the form is not validated)
    Actually step2.php needs a lot of improvement on validation. It seems that even if the fields value are null, the process seems to validate and allow submission to proceed. This should not happen. (I leave this to ClassiPress development team for next release)

    For an express alternative solution, you can use the following:
    Replace the submit button like so: step1.php - line 98:
    Code:
    <script>document.write('<input type="submit" name="step1" id="step1" class="btn_orange" value="<?php _e('Continue &rsaquo;&rsaquo;','appthemes'); ?>" />');</script>
    <noscript><ul class="errors"><li><b><?php _e('This form requires javascript support to work.  Please enable javascript on your browser.','appthemes');?></b></li></ul></noscript>

    Hope this info helps.


    Nik Ahmad
    Beezby.com

  2. #2
    jomarkosabel's Avatar
    Join Date
    Mar 2009
    Location
    Philippines
    Posts
    41,010
    Thanks
    170
    Thanked 3,409 Times in 3,280 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    Please help our moderating team work more efficiently by not sending us support questions via PM. You can read more about how AppThemes support works here. However, you can send a PM to follow up and remind me if I missed your support request/thread.

    Thank you and have a nice day.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ad validation and google map no showing
    By bastiani2b in forum Help Using ClassiPress
    Replies: 5
    Last Post: December 15th, 2010, 09:25 AM
  2. Exact rules needed for ClassiPress htaccess file needed
    By cloudybright in forum Help Using ClassiPress
    Replies: 2
    Last Post: November 27th, 2010, 07:37 PM
  3. For Validation
    By jaidev in forum Report ClassiPress Bugs
    Replies: 3
    Last Post: September 19th, 2010, 10:09 AM
  4. Zip code validation
    By featured in forum Help Using ClassiPress
    Replies: 2
    Last Post: May 4th, 2010, 01:31 PM