Reputation: 13
How can I prevent users with javascript disabled from submiting a form?
We have an inquiry form where users are required with JS to at least enter their name, location, contact information, comment/question, etc. We've been getting A LOT of completely blank and semi-blank forms. We know that if the user has JS disabled, they can click the submit button with nothing filled in. I've looked into the possibility of disabling the submit button unless JS is enabled, but I've read that a lot of people think this is a bad idea. Suggestions? Thank you!
Upvotes: 1
Views: 196
Answers (3)
Reputation: 707446
You can't prevent a blank form from being submitted by various techniques. Your server should be validating the form and rejecting submissions that are not proper. This is a core fundamental of any server that accepts data from any outside source. It must do its own data validation before accepting the data.
It is possible to make a form such that the browser can't submit it to your site via a plain browser without javascript being enabled. For example, if there's no default action for the form in the HTML and the submit action is only implemented in javascript, then the form wouldn't submit if javascript was disabled. There would still be other ways to submit the data without client-side verification which is why server-side validation is always required, but this might stop some user mistakes before they get to your server.
You can also use the <noscript> tag to advise the user that javascript is required.
You can identify many form submissions from robots server-side immediately by just including a form in your field that is populated with a known value via javascript. If, when the form is received on your server, that known value is not present in the form, then the form is likely submitted by something other than a browser with javascript enabled.
You can prevent automatic robot submissions by just not using a regular form action in your HTML. If the submission URL is only in your javascript and the submissions is only done via javascript, then most robots will never see it and never even know to try (because they don't run javascript).
FYI, neither of these last two techniques will prevent hackers from submitting rogue forms/data since they may analyze things enough to understand what is missing, but they can help identify automated attempts at submissions.
Upvotes: 4
Reputation: 65
First, use the noscript tag to tell users they need javascript when they load the form.
Second, since form submission can't always completely prevented have the HTML form submit to a page which does not process the submission but instead tells them they must have javascript. To handle correct submissions on your form page use javascript to change the form submit action to the correct submit page.
Upvotes: 0
Reputation: 1666
On your server side, thais php trim the data before putting in database or any other operation. Trim removes the empty spaces away.. Also check for sql injections
Upvotes: 0
Related Questions
- Ajax form submit even when JavaScript is disabled in a browser?
- Disable form submit button using javascript
- Submitting form with disabled input
- Form submission in javascript disabled Browser
- Prevent a form that's submitted using AJAX from submitting when JavaScript is disabled or not available
- How to stop the user from submitting form when javascript is disabled on the user's browser?
- prevent the user from submitting
- disable submit button when javascript is disabled
- preventing the form submission with javascript and php
- Validating forms using javascript only and preventing users from submitting JS disabled forms?