2

So very recently I launched a website for a nonprofit organization that I’m a part of. But there’s a black hole somewhere. Users register in order to see parts that are private for our organization’s eyes only. I made the field required - email field that is. Yet the registration is slipping through that are blank because they have no email and therefore we can’t finish the process of registration. I cannot for the life of me find the black hole. Any ideas? This isn’t my first rodeo I’ve been doing the stuff for 28 years and I am beside myself.

Comments
  • 1
    Maybe they are people outside the organization who want to find a way in?
  • 0
    How are you validating the email,could there be invisible chars there?
  • 0
    @Voxera using html 5 and I just put N error on the backend warning that this fiend vapor he left blank
  • 2
    Call me the grumpy cat, but if you have been doing this for 28 years and *this* stumps you...

    I dunno, Rick, seems bogus ...
  • 0
    @cr8zycatcodr a what error? Do tell 😎
  • 2
    @CoreFusionX I know it shouldn’t be stumping me - that’s why I’m banging my head on the desk. I’ll try to shake off the jab at me but this is what really sucks- it should not be an issue at all. Since you don’t know me I won’t go off and cry in a corner
  • 0
    @Nanos nope! It’s a designated email field and required and now I have a kick back in the script disallowing a blank entry for that field. Thing is, html5 takes care of it on the front end and I’ve tried on diff browsers to see if I could replicate the error but no no and no. Makes me want to hang up a shingle and do nails for $100/hour….
  • 0
    @Nanos no. When I go check my user registrations, they are listed in a script I wrote. When I’ve tested, it sends me a message telling me someone has registered. Gmail.
  • 0
    @Nanos host gator is my host. I ran it on a local wamp server before moving it to the host. I miss my old school hosting co
  • 0
    @Nanos forgot to answer question 1 - Php
  • 0
    @cr8zycatcodr so backend only checks for empty field, did I understand that right?

    If so a space, zwsp or other “invisible” char like a ctrl char could fool the check if someone bypasses the frontend verification.

    You never trust client side validation, that is just for user convenience:)
  • 0
    @Nanos I’m glad to hear that and not be flogged for it again!
  • 0
    @Voxera hadntbthoughtbofbsn emoty character. Any ideas how to check on the backend? I’m just checking for am empty field now - I stuck in an up capture this morning. I do sonethibg to detect a truly empty string for image uploads….not sure how to do this in other $_POST fields…..this is a downside of being self taught
  • 1
    @jestdotty I might be a lot of things but a liar isn’t one of them
  • 0
    @Nanos yep and when you call for tech support it’s hopeless!
  • 0
    @Nanos thanks so much! I hate having people be mean to me and I thank you for standing up for me. Self taught makes problems. I don’t give up easily and am continuing to experiment with possible ways to find the hole!!!
  • -1
    @jestdotty my security issues stem from my work in the private sector for most of my career where I was looked down upon. I also get mad at myself because there are holes in my knowledge. So that’s why. I’ve been in the public sector for 6.5 years and never happier or more respected. I appreciate this GroupMe and I’m glad I found it. I’m I secure when easy shit fails and I am my own worst critic. What can I say? I’ve learned since joining a certain groups about lifestyle improvement that having a big ego gets us into more trouble than anything!

    Meanwhile….still trying some things. Going to play with hidden fields and validating those … I will get to the bottom of it eventually if not sooner!!!
  • 0
    @jestdotty oh we might. I don’t judge. I take a person in. Never up to me to judge
  • 1
    @jestdotty I’m not desperate. Old yes but too old to he desperate. I don’t get to talk to many developers. Maybe that shows
  • 0
    @Nanos I got a flash of Zip drives when I read this
  • 1
    @Nanos my dad worked on classic main frames. He brought home punch cards which my mom used for grocery lists
  • 0
    @cr8zycatcodr Dependson language but the point is that with empty chars the string is not empty.

    In C# we have a IsEmptyOrWhitespace that works.

    In other languages it could be harder depending on if there is some built in solution or if you meed to build from scratch.

    Regex might work but depends a bit on the implementation and regex is hard, there is a reason they say that if you try to solve a problem with regex you end up with two problems ;).

    But for en email field you can check that length is at least 6 chars and contains a @ char.

    No valid public email can be shorter that 6 and no way to write an email can exclude the @.

    It will not ensure its a valid email but it will at least look like one.
Add Comment