• Best CPA Networks
  • Best Cost-Per-Sale Affiliate Networks
  • Best Pay-Per-Call Networks
  • mThink Digital
  • Thought Leadership
    • White Papers
  • About
    • Content Marketing
    • Content Strategy
      • Web Content
      • Social Media Strategy
      • Webinars & Video
      • Thought Leadership
    • Performance Marketing
    • Portfolio
      • Revenue Performance
      • Accenture
      • Microsoft
      • Java Detour
      • Our Process
    • Contact Us

mThink

Blue Book Logo

BlueBook Logo

The Trusted Name in Performance Marketing

ROS Leaderboard

  • Home
  • Blue Book
    • About Blue Book
    • Blue Ribbon Panel
    • Interviews
    • Research Methodology
    • Back Issues
    • Advertising
      • Website Creative Specifications
      • Newsletter Creative Specifications
  • Best CPA Networks
  • Best Cost-Per-Sale Affiliate Networks
  • Best Pay-Per-Call Networks
  • Best European CPA Networks
  • Best CPA Networks for Affiliates
  • Best CPA Networks for Advertisers

Using Data With Integrity

July 1, 2004 by Chris Trayhorn, Publisher of mThink Blue Book

A crucial element of building and maintaining a database is data integrity – making sure your information is accurate and in the correct format, unchanged by technical glitches. You can personally verify information if you are entering it manually, but when users are filling out forms on your Web site, and that information goes directly into your database, you need another approach.

There are two places to check data validity: on the client and on the server. Checking data on the client involves adding scripts to your Web pages that examine what the users enter before they submit forms to your server. A script checks that the data in the form meets the criteria you have established. If there is a violation, the script can pop up an alert message and request a correction.

To check data on the server, the user must submit the form and let the code on your server verify the data. If there is a violation, your server can return the form again with a notation of the error that needs correction.

In general, server-side checks can be more thorough, as you can check other resources on your server to validate the information. For example, you might have a database of valid discount codes, or you might check that an email address is not already in your system. However, client-side checks provide more immediate feedback to the user, and can save iterations of submitting a form and then correcting any errors. A balanced combination may prove the best choice.

A simple check on the client side could be a matter of confirming whether the user entered any value at all.

More Sophistication

Your checks can be more sophisticated. For example, you can make sure an area code was entered as three digits. And you can see if an email address contains invalid characters like a space, or if it’s missing the @ character.

In some cases you may need to examine more than one form element at the same time, such as only validating an area code if the user has selected the US or Canada. You can add a name property to the form tag. Your JavaScript function would be passed the name of the form, let’s call it “myform,” and could reference a specific form element value like “myform.test.value.”

Once your form has passed all of its client-side checks, it gets sent to your server where more sophisticated checks can be performed. If you have a database of area codes, you can validate that the user entered a legitimate one. Or, you can ensure that a user has not already signed up for your program or for your service.

If the data you receive from a form is placed directly into a database, then it is even more important that you check the information on the server before storing it. Depending on how your server performs its database access, it is possible that users may include data-base commands in their submission that could directly affect your database.

Another example is a search form, where your server performs a search through your database. If the user can search for an email address based on a name in your maillist, and the server executes “select email from maillist where name=”<name>'”, where <name> comes directly from a form submission, then the user could get your entire maillist.

If they submit the name text “‘; select * from maillist where name matches “*”, then both selects would get executed. The first would produce no results, but the second would match every entry in your maillist. If your code looped through and displayed the results of the select, assuming that only one or two matches would occur, then this example would end up displaying your entire maillist.

In both cases the user would have to guess the name of your table, but it seems there are people out there with nothing better to do.

EDWARD ARENBERG, vice president and CTO of EPage, created one of the first fully dynamic Web sites. He manages and develops for EP.com, Epage.com and AdConnect.com.

Related posts:

  1. Indie Labels As the affiliate manager for Calendars.com, Hilary Poseski hawks more...
  2. Setting the Data Table The last issue of Revenue gave an overview of databases...
  3. A Nose For Data As a canny entrepreneur, you'll want to monitor all aspects...
  4. Databasics 101 Most small business operators have dabbled with databases, but relatively...

Filed Under: Revenue Tagged With: 03 - Summer 2004, Data Management, Features, mtadmin, Software, Tools, Website Infrastructure

Search

ROS Col 2 Top

ROS Col 2 Mid

ROS Col 2 Low

Subscribe to our newsletter!

* indicates required

ROS Col 2 – 4 Misc

ROS Col 2 – 5 Misc

ROS Col 2 – 6 Misc

Recent Posts

  • 2023: Challenges, Opportunities & Predictions
  • Top 4 Best Practices For Consumer Finance Campaigns
  • Four Moments That Changed Performance Marketing Forever
  • New additions, improvements, and added perks from your favorite CPA network
  • Your Top 5 Affiliate Marketing Questions Answered
  • 5 strategies to create better content
  • FCC Says Ringless Voicemails Require Prior Consent
  • Top 5 Free Methods to Increase Affiliate Traffic
  •  3 Top Lead Generation Best Practices To Scale Your Business
  • Automation, Conversions, Profitability, Oh My – Breaking Affiliate Campaign Roadblocks
  • 5 tips for a better brand image
  • How Mac of All Trades Found Multi-Channel Success
  • Winning In A Changing World: An Interview with Taras Kiseliuk, CEO of ClickDealer
  • Survey: What Consumers Want from Financial Services Providers
  • The influencer marketing era: what does the future of web marketing hold?

About mThink

mThink is a specialist digital marketing company based in San Francisco. We focus on media buying, Facebook marketing, direct response, social and mobile. In addition mThink produces the annual Blue Book Rankings of major performance marketing networks. Read More »

Baseboard

Copyright ©2023 · mThink. All rights reserved.
3053 Fillmore Street, Suite 325 | (415) 787-0250
Disclaimer | Privacy Policy