Upgrade to Pro — share decks privately, control downloads, hide ads and more …

APEX: Validate user input by Richard Martens

Riga Dev Day
March 13, 2016
77

APEX: Validate user input by Richard Martens

Riga Dev Day

March 13, 2016
Tweet

More Decks by Riga Dev Day

Transcript

  1. Who am I? • Independent Consultant since 2012 • smart4apex

    founding member (2010) • Oracle since 2002 (Oracle 8i) • PL/SQL, Apex, HTML(5), CSS(3), JavaScript, XML, XSLT • Special interest in UI • Trainer at skillbuilders.com • RIMA on Oracle Forums @rhjmartens richardmartens.blogspot.nl Richard Martens
  2. Why this presentation ? • System security • Prevent SQL

    injection • Improve data quality • Help your users • Applications should be usable without reading documentation 4
  3. Agenda • Apex Validations • Database constraints – Using the

    Error Handling Function • Client side validation – HTML5 validations – Using a JavaScript library
  4. Apex Validations • 23 !! Different options for validations –

    SQL • (no) Rows • Expression – PL/SQL • Expression • Error • Function body (Boolean / error-text) – Item comparison • (not) Null or zero • (not) Contains something • IS (not) a value • Regular Expression – Validations pass when the validation is “true” 6 MOSTLY used
  5. Apex Validations Regular validations • reference item using :BIND notation

    for page item • page vs item validations Tabular Form validations • reference column using :BIND notation for column or pageitem • row vs column validations 7
  6. Database constraints • Using real constraints – Table constraints –

    Column constraints (not null) – Advantage: easy to maintain at table definition – Disadvantage: cannot use your own code • Using triggers – Advantage: • Can use PLSQL code • Before / After / Statement triggers – Disadvantages • Not as easy to maintain • Error handling function cannot focus on element by default (must write specific plsql code) • Use apex’s “Error handling function” to get meaningful error messages 8
  7. The Error Handling Function • Set at application definition •

    Map ORA messages to meaningful messages • When check constraint, the element automatically gets selected in the form • Can utilize error messages thrown by triggers (no automatic element-selection) 9
  8. Client side validation • HTML(5) / CSS(3) • Dynamic Actions

    • JavaScript: – www.w3schools.com/js/js_validation.asp – Validate.js framework • Setup using JavaScript – Parseley framework • Setup using field attributes 10
  9. HTML5 / CSS3 validations • Built-in into HTML • Specific

    rendering of keyboard on mobile devices – http://html5doctor.com/html5-forms-input-types/ • Apex does not support all types – only text, email, phone-number and url – other types by using a dynamic action to overwrite the “type” attribute • Uses elements attributes – type • color / date / datetime / datetime-local / email / month / number / range / search / tel / time / url / week – autocomplete – formnovalidate – list – min and max – multiple (email / file) – pattern (regexp) – placeholder – required – step – <form> autocomplete – <form> novalidate 11
  10. HTML5 / CSS3 validations • Facts & Features – con:

    not enforcing • But you can write JavaScript for that – pro: built into the browser, no installation required and backwards compatible – pro: can use CSS to style element 12
  11. Javascript frameworks • validatious.org(stand-alone) – http://validatious.org (site seems to be

    offline a lot) • validate.js(stand-alone) – http://rickharrison.github.io/validate.js/ • jqueryvalidation.org(jQuery) – http://jqueryvalidation.org/rules • valid8 (jQuery) – http://unwrongest.com/projects/valid8/ • GentleForm – https://github.com/Zhouzi/GentleForm • parsley – http://parsleyjs.org. . . 13
  12. Parsley • Uses element attributes • HTML5 compliant • Can

    prevent submit when set on form level • http://parsleyjs.org/ • Validators – required – type=“email”/”url” – data-parsley-type=“number” – data-parsley-type=“integer” – data-parsley-type=“digits” – data-parsley-minlegth=“5” – data-parsley-maxlength=“5” – data-parsley-length=“[5, 10]” – data-parsley-equalto="#anotherfield” – … 14