Assumptions when validating user data (Re: [Techtalk] SQL learning pointers)

[Mary]

On Mon, Dec 02, 2002, Kai MacTane wrote:
> Actually, the way I generally handle this sort of thing is to *only*
> give them the characters they need. Who the hell has a semicolon in
> their name?  If the field is "Phone Number", they get 0-9, ( ) and -,
> plus space. That's it. If the user enters anything containing any
> other character, they get a message asking them to enter a valid phone
> number.

On a tangent, you need to be fairly careful with assumptions like these.

For example, if you have international customers, and they have the
option of providing a phone number, you need to allow the + character,
because the standard way of specifying international calling codes is
+[code], eg +1 for the USA, +61 for Australia - the + means that you
need to dial a carrier dependent number to get the international line.

There's also an obvious problem for international customers if you
assume phone numbers are a certain length.

USA-based sites regularly ask for state details, but only allow two
characters for the state field, as the US Postal Service has helpfully
given each state a two letter code. Other countries with states are not
so lucky - I live in an Australian state with a three digit code, and I
need to identify my address by either state or postal (not zip) code,
preferrably both, to receive mail. There are suburbs with the same name
as my suburb in several Australian states.

It really discourages me from ordering anything online when I can't
specify my address sufficiently well that I'm convinced it will be
delivered to within 1000km of my physical residence.

I know a couple of people who have only one name, ie no surname, or no
first name if you think of it the other way. They regularly have
difficulty with computers or forms that require two names.

-Mary