Onchange function does not work

1

Good afternoon, I have a function that verifies if the typed email exists in the database, and if the email is valid. Here is the function:

<script type = "text/javascript" >
  function validateEmail(emailField) {
    var reg = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/;

    if (reg.test(emailField.value) == false) {
      alert('Email inválido.');
      emailField.value = '';
      return false;
    }
    document.getElementById("btnValidaEmail").click()
    return true;

  }

  </script>

This is the html of the txtemail field:

<asp:TextBox ID="txtEmail" runat="server" class="form-control" onChange="validateEmail(this);"></asp:TextBox>

The button Validates email:

<asp:Button ID="btnValidaEmail" runat="server" Text="Button" Style="display: none" OnClick="btnValidaEmail_Click" />

And the function that is in the btnValidaEmail:

clslogin pegaid = new clslogin();
SqlConnection conConexao3 = clsdb.AbreBanco();
if (txtid.Text != "") {
  clslogin log = new clslogin();
  SqlCommand cmd3 = new SqlCommand("SELECT email from pessoa where email ='" + txtEmail.Text + "' and id != '" + txtid.Text + "'", conConexao3);

  SqlDataReader dr3 = cmd3.ExecuteReader();

  if (dr3.HasRows == true) {
    if (dr3.Read()) {
      veremail = true;
      txtEmail.Text = "";
      ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Email já existe em outro cadastro.');", true);
    }
  }
} else {
  clslogin log = new clslogin();
  SqlCommand cmd3 = new SqlCommand("SELECT email from pessoa where email ='" + txtEmail.Text + "'", conConexao3);

  SqlDataReader dr3 = cmd3.ExecuteReader();

  if (dr3.HasRows == true) {
    if (dr3.Read()) {
      veremail = true;
      txtEmail.Text = "";
      ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Email já existe em outro cadastro.');", true);
    }
  }
}

In a form that already has txtid, it works perfectly, however in a new form without data, when filling the email it only checks if the email is valid, and does not check if it exists in the system, it does not even get into the function, I put an alert before the if (txtid!=""), and neither alert came in, any idea of what might be happening? Thanks.

    
asked by anonymous 12.12.2017 / 14:53

1 answer

1

You can use jQuery to do the following to call OnChange.

$(document).ready(function () {
    function validateEmail(emailField) {
        var reg = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/;

        if (reg.test(emailField) == false) {
            alert('Email inválido.');
            emailField.value = '';
            return false;
        }
        $("[id$='btnValidaEmail']").click();
        return true;

    }

    $("[id$='txtEmail']").on('change', function () {
        validateEmail($(this).val());
    })
});

Another very important thing, but related to your button code to validate if email already exists, never use string concatenation to mount SQL clauses. If you use concatenation, you are leaving your system vulnerable to SQL Injection

Rewrite an example of your validation using the select

SqlCommand cmd3 = new SqlCommand("SELECT email from pessoa where email = @email and id != @id", conConexao3);
cmd3.Parameters.AddWithValue("@email", txtEmail.Text);
cmd3.Parameters.AddWithValue("@id", txtid.Text);

In my github you can see the sample code I put together for the answer.

    
12.12.2017 / 16:52