Skip to Content (Press Enter)
OutSystems.com
Personal Edition
Community
Support
Training
Training
Online Training
Developer Schools
Boot Camps
Certifications
Tech Talks
Documentation
Documentation
Overview
ODC
O11
Forums
Forge
Get Involved
Get Involved
Jobs
Ideas
Members
Mentorship
User Groups
Platform
Platform
ODC
O11
Search in OutSystems
Log in
Get Started
Back to Forums
Braxton
166
Views
5
Comments
Allowed characters on input
Question
The text field allows nearly all forms of ASCII characters.
For many fields, such as a name text box this is not appropriate.
Names should not have numbers, periods, or any other special characters.
Is there a way to - on the server side - only allow characters A-Z, a-z and the space character.
In addition to using this to clean up user input for name fields it also helps to prevent SQL injections. (I noticed there was already a SQL formatting function, as well as an email format check, but I do not see one to prevent special characters in text fields.
Again, I want this on the server side to prevent any malicious inputs, so java or jquery will not be accepable for this functionality.
Thanks,
Braxton Bragg
Joshua Austin
Inputs are already sanitized in OutSystems, so, SQL injections are blocked by default. To limit user input, have you taken a look at this video?
https://www.outsystems.com/academy/11/1685/582/add-custom-server-side-validations/#VideoTitle
1 reply
06 Mar 2015
Show thread
Hide thread
Braxton
Joshua,
Thanks for the link.
Indeed I have watched that video, and just re-watched it. For numeric values there is a good bit of validation options in Outsystems.
However, I would like to prevent characters like `~!@#$%^&*()_+:"{}|<>?-=[]\;',./1234567890 from being allowed in the name field.
With escape content set to NO, or possibly other unforseen circumstances, users could inject HTML, Java, etc.
I'm looking for a way to prevent anything except letters and the space character from being considered valid.
Gerry
Try this https://www.outsystems.com/forge/component-discussions/476/RemoveDiacritics
Braxton
Gerry,
Thanks for the link, hadn't thought to search the forge yet.
Unfortunately it does not seem to want to compile on Outsystems Version 9.0.0.23.
Error:
.NET Compilation.
C:\Users\username\Downloads\RemoveDiacritics-1.0\Source\NET\RemoveDiacritics.sln.metaproj : error MSB3202: The project file "C:\Users\username\Downloads\RemoveDiacritics-1.0\Source\NET\..\TestDiacritics\TestDiacritics.csproj" was not found. [C:\Users\username\Downloads\RemoveDiacritics-1.0\Source\NET\RemoveDiacritics.sln]
RemoveDiacritics -> C:\Users\username\Downloads\RemoveDiacritics-1.0\Source\NET\bin\OutSystems.NssRemoveDiacritics.dll
Gerry
You could also try something like this: Regex_Replace(PostedText,"[^\w\s]","",True,True)
Regex_Replace in the Text extension built into the platform.
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
See the full guidelines
Loading...