I need some help with the secure signup form in html, css, and javascript for my medical billing website. Is there anyone available to help me out?

HTML & CSS
, ,
1

Hi guys, Is there anyone to help me out for coding issue I am facing. I asked ChatGPT to give me a secure code:

<!DOCTYPE html>
<html>
<head>
    <title>Complex Form Validation</title>
    <script>
        function validateForm() {
            var name = document.forms["myForm"]["name"].value;
            var email = document.forms["myForm"]["email"].value;
            var password = document.forms["myForm"]["password"].value;

            if (name === "") {
                alert("Name must be filled out");
                return false;
            }

            if (email === "") {
                alert("Email must be filled out");
                return false;
            } else {
                var emailPattern = /^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/;
                if (!email.match(emailPattern)) {
                    alert("Invalid email address");
                    return false;
                }
            }

            if (password === "") {
                alert("Password must be filled out");
                return false;
            } else if (password.length < 8) {
                alert("Password must be at least 8 characters long");
                return false;
            } else if (!password.match(/[A-Z]/)) {
                alert("Password must contain at least one uppercase letter");
                return false;
            } else if (!password.match(/[0-9]/)) {
                alert("Password must contain at least one digit");
                return false;
            }

            return true;
        }
    </script>
</head>
<body>
    <form name="myForm" onsubmit="return validateForm()" method="post">
        <label for="name">Name:</label>
        <input type="text" id="name" name="name"><br>

        <label for="email">Email:</label>
        <input type="text" id="email" name="email"><br>

        <label for="password">Password:</label>
        <input type="password" id="password" name="password"><br>

        <input type="submit" value="Submit">
    </form>
</body>
</html>

Now I can’t understand it and don’t know how to implement in my website. Currently I have a signup form on my medical billing and coding website but it doesn’t seem secure to a programmer I showed earlier.

2

Client-side validation is a nicety for legitimate visitors. It has nothing to do with security. Data submitted to a web site can come from anywhere, not just your form/links/cookies, can be set to anything, and MUST be validated on the server to make sure it meets the ‘business’ needs of your application, before securely using it in whatever context it is being used in. Security is accomplished by how you use the data.

When you do validate user submitted data, you should first trim it, mainly so that you can detect if it was all white-space characters, then validate all the inputs at once (by stopping, returning, exiting, … after each validation error, the user must repeatedly submit the form to see each successive validation error), storing validation errors in an array, using the field name as the main array index. After the end of all the validation logic, if the array holding the errors is empty, use the submitted form data. If the array is not empty, you can either display all the errors at once, or individually display them adjacent to the form field they correspond to, when you redisplay the form.

1 Like
3

I highly recommend you purchase the services of a company that handles security for you. Based on the hacker news going on, you would be a sitting duck should they take a look at your site.

Medical billing? Sounds like a PR nightmare just waiting to happen, once they find out the website was created by people who don’t know how to secure their information.

2 Likes
4

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.