All field validations should take place in-line and on field-focus-out. Doing this enables users to know their errors right away without waiting for a form submission. On certain fields, like free text fields, you need not put a validation for the content. However, ensure that when the form is submitted standard injection preventions are added before the form data is accepted into the data.
Gravity Forms runs validation when the submit button is clicked, before saving the entry, doing live validation without clicking the submit button is not a feature of Gravity Forms. There’s a third-party add-on for it, but it’s not receiving updates since long time ago, so probably not compatible with current versions of Gravity Forms.
Regarding to code injection prevention, that doesn’t has any relation with how the validation is done, Gravity Forms already takes care of it by sanitizing and escaping the values using WordPress core functions for this purpose as noted in our security best practices documentation: Security Best Practices - Gravity Forms Documentation
Perhaps, I posted this in the wrong forum, but I was hoping to add it as a feature request for a better UX.
You can suggest to our product team any feature you wish using the (+) button at the bottom of our roadmap page: Gravity Forms Roadmap - Gravity Forms
That way your request will reach the product team directly and they will be able to consider your request and queue it in the workflow of a future version if it’s accepted.
1 Like
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.