We Keep Coding

Promo Code Validation

I need to validate a Promo Code for one of my html Booking form field. If the entered promo code is correct, users can submit the Booking details. Only one unique promo code. Something like "15OFFNOW" How should I do it? Please help.
Thanks.

First, don't put the promo code in your page. Anyone can see it.
I would do this, but it depends on actually functionality.
Do client side check (this can be bypassed by a malicious user)
Do server side check
Do client side check
Use a good non-reversible hashing algorithm and verify what you have in the prom text box to the hash you have stored in a JavaScript variable or in a data-hash attribute.
So if hash(text box value) == valueOf(data-hash), then proceed to sever validation.
Do server side check
In server no need of hash. Just check the post string with the promo code you have.

i try your code
<form method="post">
<input class="form-control form-control-light bdr-2 rd-0" required
data-label="Promo Code"
data-msg="Please enter a valid promo code."
type="text" name="promo-code"
placeholder="Promo Code"
pattern="15OFFNOW" required>
<input type="submit" value="submit"/>
</form>
validation is work . show this message .

You can use Javascript for that , I fyou want to match promocode or you can validate it at backend using any backend language like PHP or java
for JQuery
//previous Ajax code here
if($("#input_id").val() !== "15OFFNOW"){
return false ;
}
// here you can proceed for Ajax request

You are looking for an input pattern, also called regexp (though I would instead suggest doing it js way (but not global) or on server side as advanced users can simply inspect html code). Most probably something like this
<input type="text" name="promo" pattern="15OFFNOW" required >
Also, please try googling it, there're similar questions like this answered also on StackOwerflow, e.g.
html: Can we match an exact string using html pattern attribute only?
js & php: check if input value not equal to integer then don't submit form

How to disable a rails form input without creating vulnerability.

So I have an input field that I have set to be disabled on the front end using the code below. The issue is that if the user modifies the code in the browser they can change it to be whatever they want. How to I prevent this on the backend?
<input type="text" class="text party_name disabled-textfield" id="party_name" name="party_name" disabled="disabled" value="<%= #current_user.name %>" />

Normally you handle this with strong parameters where you don't blindly accept anything you're given. You write a method like this:
def input_params
params.permit(:editable_name, :favorite)
end
There you'd enumerate the allowed fields and the rest are simply ignored. I'm not sure what other parameters you have, but you can split them out in to "required" and "permitted" groups. These can even vary depending on privilege or ownership of the record in question.

http://jsfiddle.net/vfvsLj0n/
$('.party_name.disabled-textfield').attr('disabled', 'disabled');
Is this a possibility for you?

Turn off autocompletion without affecting session history caching

I would like to
(1) not show any suggestions to the user while typing in an input field.
This can be done like this:
<input autocomplete="off">
However, I noticed that this also
(2) disables the history chaching, e.g. when you go to another site and click on the history back button the input field will be empty.
You can try it here:
http://jsfiddle.net/LC53F/
Only text inserted into the first field will survive going to a new page and back again.
Is there a way to only have effect (1), but not (2)?

This solution should work, but is not ideal: just sharing an idea.
I don't think you will be able to preserve history with 'autocomplete', so let's try to fiddle out something.
Here's an idea: the history is based on input names, so you can turn off the autocompletion from other sites by using an uncommon name (but still constant, for example: 'email_fakeSuffix_194h5g48').
Then, to turn off autocompletion from this input previous values, you can change its name everytime the page is loaded (ie. append a random number). The problem is that, doing this, you will also turn off the history.
So, the main idea is to use an uncommon input's name and to change it just before submitting the form:
The value won't be saved by the browser because the name has changed
If you navigate to another page without submitting, the value will
still be set because you haven't change the name yet.
Here's an example using JQuery (you can use anything else, or even vanilla JS)
JSFiddle: http://jsfiddle.net/vse9jx3r/
HTML
<form>
<input id="input1" name="email_fakeSuffix_194h5g48">
<input name="input2">
<input type="submit">
</form>
JS
$('form').submit(function() {
$('#input1').attr('name', 'email_fakeSuffix_194h5g48_' + Date.now());
//SUBMIT THE FORM (MAY DO NOTHING AT ALL)
});
You can tell me if I'm not clear enough.

This works for me (using jQuery 1.9.1):
$(function(){
$('input[type=text]').prop('autocomplete','off');
$('#formid').on('submit', function(e){
$('input[type=text]').removeProp('autocomplete');
});
});

Input value doesn't display. How is that possible?

This must be something utterly stupid that I've done or am doing, but I have an input with a value attribute that simply isn't being displayed:
<div class="input text required">
<label for="Product0Make">Make</label>
<input name="data[Product][0][make]"
type="text"
maxlength="255"
value="AC Make"
id="Product0Make">
</div>
Has anyone ever seen this before? Do I have some kind of typo that I'm just blind to? For whatever it may be worth, here's the CakePHP code that's generating this line:
<?php echo $this->Form->input( 'Product.' . $index . '.make', array( 'default' => $product['Product']['make'] ) ) ?>
I have a small form with a handful of text inputs, 1 textarea and 2 selects. None of the text input values display, but everything else is fine.
Any thoughts would be appreciated. I can't even believe I'm having to ask this question, but that's how crazy it's making me.

Argh. I knew this was going to be something beyond stupid. There was a bit of Javascript that was clearing data. The clearing was useful in other places, but I didn't know it was executing so it was a serious pain to track down. Once I prevented the clearing in this scenario, my values actually appeared. Because I was looking at the code in web inspector, I assumed that it would be a "live" view, but I guess that's not entirely true.
Thanks for your help, everyone.

For my side, it was a problem only for Firefox.
I resolved by adding the attribute autocomplete="off" in the input field.
<input type="text" value="value must appear" autocomplete="off"/>

Mine was related to AngularJS
I was trying to put both an HTML Value and an ng-Model, thinking that the ng-Model would default to the Value, because I was too lazy to add the Model to the $scope in the Controller...
So the answer was to assign that default value to the $scope.variable in the controller.

For me it was browser caching. Changing the URL string or clearing history can help.

For Googler's who may have the same issue: This can happen if you have a non-numeric value in a number type input field.
For example:
<input type="number" value="<? echo $myNumberValue; ?> "/>
This will show nothing even though Dev tools says the value is there, since the extra space after ?> makes it non-numeric. Simply remove the extra space.

Are you confusing the uses of the 'default' and the 'value' parameters for $html->input()?
If you're are using 'default' => $product['Product']['make'] and $this->data is present, the field will not be populated. The purpose of the 'default' parameter is to display a default value when no form data ($this->data) is present.
If you want to force display of a value, you should use the 'value' parameter instead. 'value' => $product['Product']['make']

For me it was because I was using the <input> tag without enclosing it inside a <form> tag

Had a similar problem with input value retrieved via ajax, correctly set and verifiable via browser console, but not visible. The issue was another input field having the same id, and it was not evident because of several JSP files included, many of them having forms.

I even set autocomplete to "off" with no result. I ended up putting the next jquery snippet at the document.ready event.
myForm.find("input").each((i, el) => {
$(el).val($(el).attr("value"));
});
Adittionally, this would be the equivalent in pure es2015:
document.querySelectorAll("myForm input").forEach(el => {
el.value = el.getAttribute("value");
});
If your not using a precompilor like Babel and you need compatibility for old browser's versions, change the "(el) =>" for "function(el)". I tried both codes in my scenario and worked fine.

For me the problem was that I had multiple inputs with the same id. I could see the value in the field, but reading it via javascript gave an empty value because it was reading a different input with the same id - I was surprised that there was no javascript error, just could not read the values I could see in the form.

For me it was wrong number format: Chrome expected "49.1", but ASP.NET passed "49,1", and it just didn't display!
<input type="number" value="49,1"/> // Should have been 49.1 !!!

Same problem occured on electron:
I was clearing the field with document.getElementById('_name').value = '' instead of document.getElementById('_name').setAttribute('value', "").
So I guess simple quote broke the field or input has a second value hidden attribute because I could rewrite on the fields and it won't change the value on the inspector

I had the same problem of #Rob Wilkerson, a onchange() was cleaning the value of the input with "", so i changed to 1. Such a dumb problem!
HTML
<input class="form-control inputCustomDay" type="text" id="txtNumIntervalo" onkeyup="changeTipoOptions()" value="1" min="1" />
Jquery
$("#txtNumIntervalo").val(1);

Mine was related to Angular.
I just ran into the same issue recently and realized that when you use NgIf to display a template, the said template does not automatically use display the data from the variables in the component.
As a quick fix I used ngClass just to Hide it and display it.

If anybody happens to be here because their input with type="dateTime-local" is not displaying the value... the value must be in format YYYY-MM-DDThh:mm

set var value from input field value

I started short time ago with JSP, JSTL, HTML and JavaScript so here is my problem:
I need to set the value of a var the value of an input hidden. Other option is if it possible to compare using
<c:if test="....">
the value of a variable that I sent with the request with the value of the hidden input.
Thanks.
Update
I've been trying but can't make it work.
I have this field that contains the id of and object. I also have the list with the objects so what I have to do is find the object related to that ID.
<input type="text" name="id1" />
but if I do this:
<c:set var="dd" value="${param.id1}" />
<input type="text" value="${dd}" />
The input text is empty but the text related to id1 displays 850 (i.e. the value is dinamic)
Any suggestion why is not working?
Update 2
I need the "multipart/form-data" because in the form I need to upload a picture. I understand how to get the parameters from Java, but since I'm not using the server but the JSP pages, there's any way to do it? Just need to read that input element and save it in a variable.

You can access request parameters by implicit ${param} variable.
E.g. http://example.com/context/page.jsp?foo=bar in combination with
<c:if test="${param.foo == 'bar'}">
The foo's param value is bar!
</c:if>
<c:if test="${param.foo != 'bar'}">
The foo's param value is not bar, it is: ${param.foo}
</c:if>
would show the first condition.
If you actually want to retain some hidden input element in subsequent requests (which wasn't really made clear in your question), then all you basically need to do is:
<input type="hidden" name="foo" value="${param.foo}">
Update: as per your update: you need to give the input element a name as well. Thus, e.g.
<input type="text" name="id1" value="${param.id1}" />
This way it's available by request.getParameter("id1") and inherently also ${param.id1}. Do you see it now?
Update 2: as per your comment here: certainly this is related to enctype="multipart/form-data". With this encoding, the request parameters aren't in the parameter map anymore, but instead in the request body, because of the mixup with binary data (file uploads). It's going to be a long story to explain it all, but basically you need to parse the request yourself. If you're on Servlet 2.5 or older, then the Apache Commons FileUpload is very helpful here. Read especially "User Guide" and "Frequently Asked Questions" over there to see code examples and to learn how to use it the right way (also in MSIE!). You can even decide to abstract the FileUpload away so that you can stick using HttpServletRequest#getParameter() and ${param} the usual way, also see this article.
If you're already on Servlet 3.0, then you can just make use of HttpServletRequest#getParts(). You can even abstract it away so that you can stick using HttpServletRequest#getParameter() and ${param} the usual way, also see this article.
Update 3: Oh, you really don't want to use JSP to do all the processing. There it is not for. It's high time to learn Servlet. Besides, when using a Filter which puts all parameters from the request body back in the request parameter map (as described in the both articles), you also don't necessarily need a Servlet after all.