CodeIgniter Forums
Dynamic form field evalutation - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forum-5.html)
+--- Forum: General Help (https://forum.codeigniter.com/forum-24.html)
+--- Thread: Dynamic form field evalutation (/thread-78383.html)



Dynamic form field evalutation - bogus - 01-11-2021

Hello

I want to evaluate user form field input 'as she types' versus the database to check if the value already exists (ex. username).
If this is the case I want to inform her interactively below the form field. I guess you have a grasp of what I mean.

How can I accomplish that?
Any code examples?

Any help as always very appreciated.

Cheers

Gee


RE: Dynamic form field evalutation - InsiteFX - 01-11-2021

Then you would need to use JavaScript or jQuery to do it.


RE: Dynamic form field evalutation - bogus - 01-12-2021

I was afraid so :-(

Don't like these technologies.


RE: Dynamic form field evalutation - paulbalandan - 01-12-2021

You need to use Javascript to make an AJAX call to the database whenever your user types. However, it is not advisable to use that method on usernames and other sensitive information because it can be exploited by malicious people using brute force attacks.


RE: Dynamic form field evalutation - bogus - 01-12-2021

Interesting and a valid answer.
However, if someone wants to brute or map the db she can try.
As long the db is set up properly (escaping), the username and password inputs are sanitized and both have appropriate length the attacker can hack himself to death because Apache too does a pretty nice job to prevent things like that... correct?

The only remaining thing to fear here is a quantum computer or worse.... a cluster of it.
Then we are all through and you'll never know when it hits .-\
Sometimes totally paranoid I dream' about it in conjunction with nano-tech...

Nice scenario right?

I'd find it rather annoying to redirect the user every time he has chosen a username just to try again until he finally found some valid one.

Although I appreciate your engagement I don't like to ask for help to find a solution just to be confronted with another problem.
That's not very productive.

Any suggestions?


RE: Dynamic form field evalutation - includebeer - 01-12-2021

You can use the Throttler class to limit the number of request for that particular service. This way, brute force attack are somewhat disabled because they can’t call the service 100 times per second, you force them to wait a certain amount of time before they are allowed to call it again.

And like others have already said, you will need javascript to accomplish this. It’s easy to do if you know javascript. There are tons of example on the web. You just need to fire an event on your input field when a key is pressed, that will launch an ajax request to validate the input text.


RE: Dynamic form field evalutation - bogus - 01-12-2021

(01-12-2021, 03:01 PM)includebeer Wrote: You can use the Throttler class to limit the number of request for that particular service. This way, brute force attack are somewhat disabled because they can’t call the service 100 times per second, you force them to wait a certain amount of time before they are allowed to call it again.

And like others have already said, you will need javascript to accomplish this. It’s easy to do if you know javascript. There are tons of example on the web. You just need to fire an event on your input field when a key is pressed, that will launch an ajax request to validate the input text.


Nice.
Yes, I put an eye on it already a whole ago besides thinking about an own implementation.
Thumbs up!