In my struts2 application I have field named carrierNo that accepts integer, when i put string in it gives me this validation error message:
*Invalid field value for field "carrierNo".*
i can customize this error message in the properties file like this
invalid.fieldvalue.carrierNo=this field does not accept characters
but i don't want to write a customized message for every non String field in my web application, i want to make it general, i tried the following but it did not work
invalid.fieldvalue.%{getText(fieldName)}=this field does not accept characters
if there is no way to make general, please help me disable this message at all.
then i will use converstion field validator with single message that i define in the properties file.
so my request is to help me make this invalid.fieldvalue.carrierNo general something like this form invalid.fieldvalue.%{getText(fieldName)}
or disable the display of this error message Invalid field value for field "carrierNo".
You could create your own implementation of ConversionErrorInterceptor which finds out the class of failed field and gets your custom message.
Edit:
See source code for ConversionErrorInterceptor. For example you could do something like this in your custom interceptor inside intercept method
// get field by name from action
Field f = invocation.getAction().getClass().getDeclaredField(propertyName);
// get type of field
Class clz = f.getType();
String message = LocalizedTextUtil.findDefaultText(XWorkMessages.DEFAULT_INVALID_FIELDVALUE + "." + clz,
invocationContext.getLocale());
And in your messages.properties file put xwork.default.invalid.fieldvalue.int, xwork.default.invalid.fieldvalue.float, etc.
The easiest way to remove conversion messages is to remove the "conversionError" interceptor from your default stack. One problem with removing it, however, is that IIRC it's also responsible for putting the original (non-converted) value back into fields instead of having them replaced by the value of the failed conversion. This can lead to an unpleasant user experience, IMO.
Making a "... does not accept characters" conversion error message doesn't feel right: conversion errors encompass the entire application, and characters may not be the reason for a conversion error.
Related
Is it possible to replace the "Value is invalid, it does not match the correct pattern" with customized message?
There is no way to change this message to a custom one without writing custom code or changing the language files.
What you can do however to make the field more user friendly, is adding a description to the field that explains the expected formatting of the field.
I am making a rails site and I am trying to take a text box input and convert it to a big decimal value to pass to a backend service however when I take the input (params[:amount]) and do what I think should convert this to a BigDecimal I get an error when attempting to call the service saying "error cannot convert String to BigDecimal" on the line of the service call. See approximate code below
#amt = BigDecimal(params[:amount])
Service.call(#amt)
The error message indicates it is expecting a string in Service.call and wants to do the conversion itself. Assuming you have reasons for creating #amt (such as validation/error checking), I would pass in #amt.to_s and see what happens
Barring that, we need the code behind Service.call() to know more.
I have a basic form that asks the user to enter some text in a regular html input control and I am also using jquery-tokeninput to allow users to choose tags from a pre-filled list.
One of the tags in the pre-filled list happens to be the word café, which I have got from the server and populating the tag list by calling
mytaglist.push({id: 'café', name: 'café'});
The problem is that when they attempt to enter a word like 'café' as a tag, asp.net mvc rejects the input saying that:
A potentially dangerous Request.Form value was detected from the client (articleTags="café").
Inspection using firebug shows my post data to be something like:
UserName=neo&category=&Title=caf%C3%A9&Text=sometext&articleTags=caf%26%23233%3B&IsAgreedTerms=true
As you can see, Title has value caf%C3%A9 which is correct but articleTags has value caf%26%23233%3B which I was not expecting.
I absolutely need to make sure that café (and not some encoded value) appears on the screen.
How can I make sure that I send the correct post data and still display café everytime?
Should I change how my server sends the text?
sending the data via Html.Raw solves the problem..
I am working on an email validation link for a website. When a user registers and finishes filling in their personal data (and it passes all the checks), they are sent to a jsp page saying that an email has been sent to the address they entered as the username, with a link to click to validate the email address. So that part is all well and good, I generate the link (for now just using my localhost) and it looks like this as an example http://localhost:9999/javawork/msc/validate/?6FRQ8RAT&u=1s3w1Iih64egX01188HT. When they click the link it goes to the jsp page index.jsp in the validation folder. At this point I need to grab the entire URL and send it to a function to make sure the URL is formatted properly (for security purposes). If it passes and the format is fine, I need to grab the 8 digit code immediately after the '?' and also the value of 'u'. I then send those values to a function that checks that they match what we have in our DB, and if they do, I update the DB record with a validation date so we know they have validated their email address.
So my question is first, how do I grab the entire URL to check the format, and second, how do I grab the 8 digit code, and the value of 'u'? I have been looking online and all examples require creating multiple functions or classes, and using the URL class. And they all want me to make an instance of a URL object and initialize it using the entire URL. But it is not a static URL, it will be different for every user that registers, as it generates a random 8 digit code to check against, and the value of 'u' is the masked user id from the DB. I don't understand how it can require you to initialize the entire URL in order to get the values, when you don't know what the values are until you get them from the URL.
Is there a simple way to grab the values, and the entire URL? Even if I can just get everything after the '?', I know the base URL and can build a new String to check the formatting if I can get from the '?' and after. Please help with that part. Thanks.
The Interface HTTPServletRequest contains a method getRequestURL which returns a StringBuffer which you may use to check the format of the entire URL.
You can get it, in a jsp page with :
<%=request.getRequestURL()%>
If you are using the format of request that you specified above, then your second question :
how do I grab the 8 digit code, and the value of 'u'?
May be answered by manipulating that StringBuffer to split at the ? and & for the 8 digit code.
Or use another request method,
ServletRequest.getParameter(java.lang.String name)
To grab each parameters, though, i'm not certain how it will end up handling the unnamed parameter of the 8 digit code. Let me know how that goes.
Don't think of the 8-digit code as an unnamed parameter. Think of it as a parameter without a value.
request.getParameterNames() will give you the 8-digit code as well as "u". So you can loop through like so:
String code = "";
for(String paramName : request.getParameterNames()) {
if(!paramName.equalsIgnoreCase("u"))
code = paramName;
}
There's a ton of questions about this particular exception but I couldn't find any that would suit my needs. I don't want to disable validation and neither wouldn't want to manually escape each form input value.
Is there a way to display this error message to the user in the same way as ASP.NET MVC informs the user of not providing a required value in the form? I think this would be the cleanest way to deal with this kind of error.
$("form").submit(function(e){
var invalid = $("form").find("input:text,input:hidden,textarea").filter(function() {
var value = $(this).val();
var encoded = $("<div>").html(value).text();
return value != encoded;
}).length > 0;
if (invalid)
{
e.preventDefault();
//show validation message
}
}
This error is just a safety net in ASP.NET; Microsoft would expect you to disable this error once you've checked you are encoding your text properly.
It's not about manually escaping each input form value. It's about HTML encoding all user-facing text that is rendered to the page. It's just that text that is entered in forms is frequently displayed back to the user.
For example, the string "My age is > 21 & < 90" is not valid HTML and won't appear correctly to the user (this could be abused in a cross-site script attack). If any string you are displaying is not already valid HTML, you have to HTML-encode it. Fortunately in MVC there are plenty of easy ways to do this (using <%: %> operators is one). If you are doing this correctly, then there is no need to have this error enabled.
Sorry I know this isn't the answer you asked for, but I believe keeping this error switched on is just user-unfriendly for many reasons.