Forgot your password?
typodupeerror
Patents IBM

IBM Wants Patent For Regex SSN Validation 281

Posted by timothy
from the noteworthy-inventions dept.
theodp writes "What do you get when you combine IBM contributors with the Dojo Foundation? A patent for Real-Time Validation of Text Input Fields Using Regular Expression Evaluation During Text Entry, assuming the newly-disclosed Big Blue patent application passes muster with the USPTO. IBM explains that the invention of four IBMers addresses a 'persistent problem that plagues Web form fields' — e.g., 'a social security number can be entered with or without dashes.' A non-legalese description of IBM's patent-pending invention can be found in The Official Dojo Documentation. While IBM has formed a Strategic Partnership With the Dojo Foundation which may protect one from a patent infringement lawsuit over validating phone numbers, concerns have been voiced over an exception clause in IBM's open source pledge."
This discussion has been archived. No new comments can be posted.

IBM Wants Patent For Regex SSN Validation

Comments Filter:
  • by eldavojohn (898314) * <eldavojohn.gmail@com> on Tuesday May 26, 2009 @12:39PM (#28096827) Journal
    Application Patent [uspto.gov] Date: November 20, 2007
    Online Prior Art at the Regex Library [regexlib.com] from 2004:

    ^(?!000)([0-6]\d{2}|7([0-6]\d|7[012]))([ -]?)(?!00)\d\d\3(?!0000)\d{4}$

    Put that into your favorite Javascript regular expression object and write a stupid onChange reference to it in your HTML and ... tada! Too complicated? Here's some more prior art [internet.com]. Or here [breakingpar.com]. A little bit of Googling [google.com] must be too much for the USPTO.

    Are we suddenly shocked to discover one line of code can be patented when a whole mess of code can be patented?

    • I wish I could mod this up to "6". "Prior Art so Prior It Hurts". I love it.
    • by Rei (128717) on Tuesday May 26, 2009 @12:54PM (#28097037) Homepage

      The amazing part is that IBM is wasting this kind of money applying for a patent that has no chance of standing up in court, if they're even dumb enough to grant it in the first place. I'm in the process of applying for a software patent myself (I know, summon the chorus of boos; but having it could be the difference between being able to raise VC and not being able to raise VC for my starting business; loans, too, are often secured against your IP). These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so. Also, from discussions with my attorney, it's really hard to get away with the "bloody obvious" software patents anymore after all of the blowback from things like the Amazon 1-click patent.

      I'm surprised they'd waste the money trying. Perhaps their legal department didn't have enough work to do but they didn't want to cut staff.

      • by Shakrai (717556)

        These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so.

        What makes you think that's anything more than pocket change for IBM?

      • by Zordak (123132) on Tuesday May 26, 2009 @01:19PM (#28097363) Homepage Journal

        Also, from discussions with my attorney, it's really hard to get away with the "bloody obvious" software patents anymore after all of the blowback from things like the Amazon 1-click patent.

        Somebody mod parent up. The days of the patent office just rubber stamping software patents (if there ever were such days) are over. Those guys have gone absolutely freakin' nuts with KSR. Seriously, you could send them an application for a working FTL drive, and they'd just shoot back an obviousness rejection combining one of Einstein's publications with an episode of Star Trek. I'm not saying it's bad to treat obviousness as a hard fact question where we have to actually use our heads rather than mechanically use the Teaching/Suggestion/Motivation test. But these guys have gone totally the other way. They don't use their heads. They just mechanically reject everything as obvious if they can find the pieces in any prior art, regardless of whether it was obvious to put them together (and for those who think this is a good thing, the result of this line is there's no such thing as an invention, because everybody builds on what's already there).

        And now with Bilski, the examiners are all hot to reject any software claim as not patentable subject matter. Really, the landscape has changed. Anybody sitting around posting on Slashdot and grousing about the USPTO rubber stamping software patents really has no idea what they're talking about.

        • by ttyRazor (20815) on Tuesday May 26, 2009 @01:30PM (#28097561)

          More true than you know. A friend of mine started working for the the patent office not too long ago with the explicit instruction to reject everything that comes across his desk.

          • by Zordak (123132) on Tuesday May 26, 2009 @01:52PM (#28097861) Homepage Journal
            My post is flamebait and yours is "funny"? [Shakes head in disbelief]. This isn't a flame or a joke. It's absolutely true. I've seen a former examiner say, on the record in a deposition, that he had to get permission from his boss's boss to allow an application on the first action. The assumption is that you will reject all applications at least once (and preferably at least twice so you can draw an RCE with those yummy fees).
            • by Ninja Programmer (145252) on Tuesday May 26, 2009 @03:54PM (#28099803) Homepage
              The initial rejections are just a smoke screen. The USPTO just does that to try to disincentivise appliers from doing "blanket patents". They are forced to come back and justify the patent a second time, which costs lawyer money, which the applying corporation (rarely is it a person) will have to consider before they try to push through their patent.

              But in the end, as long as the applying company has the money (like IBM) and people willing to explain the spin on their patent, the USPTO is basically powerless to stop them. The USPTO does not hire talented people who can actually assess patents and understand what is obvious and what is not (such people would rather be working for a start-up or a big corporation or whatever). I know this because of the questions on the patent I applied for as principle (and got). They asked the wrong questions -- where I was being innovative they challenged me on prior art (clearly not the case) rather than obviousness.

              Nothing changes the fact that the USPTO is in way over their heads. All because they allow software patents in the first place, and there are too many cynical software engineers trying to get their little bonus incentive to file the patent and throw it on their resume. (I should know, that's what I did.)

      • Re: (Score:2, Informative)

        by EvanED (569694)

        I'm in the process of applying for a software patent myself (I know, summon the chorus of boos; but having it could be the difference between being able to raise VC and not being able to raise VC for my starting business; loans, too, are often secured against your IP). These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up

        • by Rei (128717)

          It doesn't matter if they don't have to pay a retainer; they still have to pay them.

    • In the 1990s at Cranfield University, Peter Lister developed a mod_perl Apache handler for creating web forms. (I wrote the documentation and trained people to use it). At one point we added the ability for form creators to list perl regular expressions for validating input. This was in the UK, so social security numbers were never an issue, but we did provided a general mechanism for this kind of input validation using REs.

      Somewhere I probably have an old hard drive or tape with the code, but I really

    • Re: (Score:3, Insightful)

      by _Swank (118097)

      really, i'm not trying to defend IBM here, but you realize that the prior art you list at regexlib.com fails *Claim 1* of the actual patent application don't you?

      the patent claims that the specific character(s) that breaks the regex is flagged. which the method at regexlib.com (as well as your other examples) does not do.

      you recognized that the patent also claims real-time checking, but passed that off as trivial. but if either or both of these differences are really trivial where are all the examples of

  • What bullshit? (Score:5, Insightful)

    by Pig Hogger (10379) <pig.hogger@NoSpAM.gmail.com> on Tuesday May 26, 2009 @12:42PM (#28096853) Journal

    What is this buillshit? "A persistent problem is dashes in SSNs"???

    How fucking hard is it to strip non-numeric characters from a string?

    I cannot believe there could be such programmer incompetence; no, it has to be some managerial cluelessness and hard-headness.

    • by fizzup (788545) on Tuesday May 26, 2009 @01:23PM (#28097439)

      Maybe if we put it in a format IBM can understand:

      SOCIAL-SECURITY-NUMBER PIC 99-999-9999

    • by Tablizer (95088)

      How...hard is it to strip non-numeric characters from a string [SSN]? I cannot believe there could be such programmer incompetence;

      I once worked on software for a campus e-store for a large university. The credit-card input didn't accept spaces. I find it difficult to visually check credit card numbers without spaces. Unfortunately, I had no control to fix that particular issue. A real head-slapper.

      That being said, the idea of character "input templates" is quite old. These templates are kind of like regula

    • by Jurily (900488)

      How fucking hard is it to strip non-numeric characters from a string?

      So you're suggesting we write one for loop with one switch statement in it, instead of a complete general-purpose parser library and a syntax that makes programmers a bad name? Now what's the fun in that?

      • by idontgno (624372) on Tuesday May 26, 2009 @03:59PM (#28099881) Journal

        Exactly.

        Being mostly a Perl hacker now, I'm as guilty as most in trying to find the perfect regex solution to a blindingly simple problem. It's seductive, it's cool, it's mystical, it's insider cant and sacred dweomer and secret handshake all rolled together.

        I have, posted on my cube wall, a particularly good quote from Jamie Zawinski:

        Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems.

    • Re: (Score:2, Insightful)

      by obarel (670863)
      How can you not believe programmer incompetence?

      I still see the old "1 object(s) processed" (in multiple forms, of course). How hard can it be?

      "%d object%s processed", num, num == 1 ? "" : "s"

      I even see the odd "1 objects processed" every now and again. How hard can it be?!

      I see these things on the PS3 and my blood boils - with the price of the hardware and the games, how can they justify this incompetence? How can a usability tester pass this "object(s)" non-word? Do they also talk like that? "I take two b
      • Your solution will break the code horribly when you try to localise it. Because plural nouns also require agreement from other words in the sentence, you really need to localise both "%d objects processed" and "One object processed", then select the correct one. You've now added work for your translation team, as well as complicating your code. Was it worth it?
    • How fucking hard is it to strip non-numeric characters from a string?

      Damned hard, based on my testing over the last few years.

      As an exercise in futility -- the next time you're buying something online, try entering your credit card number with spaces in it, so it's legible, and easier to compare to what's on your card.

      It used to be that it'd occasionally work -- but I don't think I've had a single success in the last year or two. They either put in limits so I can't type enough characters, or it gets rej

  • by Glendale2x (210533) <slashdot@ninj a m o n k e y . us> on Tuesday May 26, 2009 @12:43PM (#28096883) Homepage

    Are you fucking kidding me? Did they just really patent the format "###-##-####"? I didn't RTFA because I didn't want my head to explode.

    • by EricWright (16803)

      I think they're trying to patent the regex /\d{3}-?\d{2}-?\d{4}/. ...Waits for the patent infringement lawsuit...

      • That's what I thought. If that's true I'd better go file my patent for email address validation and sue the internet for infringement.

      • Actually (Score:4, Funny)

        by Zordak (123132) on Tuesday May 26, 2009 @01:22PM (#28097429) Homepage Journal

        Actually, they're trying to patent "A system for providing real-time validation of text input fields in a Web page comprising:a validation-enhanced text input element configured to contain an attribute for a validation expression for a text field in a rendered Web page, wherein the validation-enhanced text input element is contained within a source code document corresponding to the rendered Web page; andan input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters," and "A method for providing real-time validation of text input fields in a Web page comprising:receiving a user-entered character in a text field displayed in a Web page;immediately validating the user-entered character against a validation expression contained within a validation-enhanced text input element associated with the text field, wherein the validation expression defines a set of acceptable characters and character positions for the text field; andwhen the user-entered character is determined invalid, visually marking the user-entered character," and "An input text validator for validating a text field of a Web page in real-time comprising:a partial input expression generator configured to generate an expanded version of a validation expression, wherein the expanded version of the validation expression defines a set of acceptable characters and character positions for a text field of a Web page; andan invalid text highlighter configured to visually highlight a user-entered character in the text field when the user-entered character is determined as invalid for the expanded validation expression."

        Remember, patents are all about the claims. You don't know what they're "trying to patent" until you have read and understand the claims.

  • by Anonymous Coward

    ^\d{3}-\d{2}-\d{4}$

    ahh thats right baby, patent infringement!
    I live on the edge...

  • Cuff me... (Score:2, Redundant)

    by EkriirkE (1075937)
    ^\d{3}-\d{2}-\d{4}$
    • Re: (Score:3, Funny)

      Sorry, you forgot to put question marks after the hyphens. Obviously, you'll need to license IBM's patent, because that additional tweak makes it a non-obvious invention.
    • by EkriirkE (1075937)
      Err, after RTFA, I suppose this is more on topic:

      <input name=ssn id=ssn onblur="if (!this.value.match(/^\d{3}-\d{2}-\d{4}$/)) {alert('Invalid SSN, blah blah NNN-NN-NNNN.');this.focus();}" />
      • by PitaBred (632671)

        000-00-000

        Success!

      • by ShinmaWa (449201)

        Seems like you need to read more. You completely missed the point of the patent. The idea is not to validate a field against a regexp. That's easy. This patent will check to see if a partial string will EVER be able to match a regexp and if not indicate what prevents it. (See line 0007 of the application).

        Let's take email addresses:
        These will validate DURING typing:
        cmdr_ta
        cmdr_taco
        cmdr_taco@sla
        cmdr_taco@slashdot

        This will fail DURING typing:
        cmdr_taco@slashdot,

        In addition, the "," will be highlighted a

  • this is bullshit.

    We parse SSNs all day long. I think WE may have prior art.
    • I was writing Unix Medical billing systems in the mid 80's on Unix (and using regex), when you gov ppl were still on mainframes. So, I SERIOUSLY DOUBT IT. And I doubt that I wrote the first regex for an SSN. Back then, the ssn WAS a single ID for everybody.
  • Look, it's easy (Score:2, Redundant)

    by riceboy50 (631755)
    /^\d{3}-?\d{2}-?\d{4}$/g
    How is that a persistent problem?
  • by Anonymous Coward

    I see lots of comments coming up about how ridiculous this is. Maybe that's the point. Maybe the best way to bring out patent reform to to patent every simple thing there is. You have to remember that IBM is paying to patent something as simple as:

    s/(^[0-9])+//g

    which most certainly has prior art all over the web. Why would it be worth IBMs money and time to do such a thing? The best reason I can come up with is that they want to prove a point. There's probably quite a bit an open-source firm can gain

    • Sure, but IBM has a lot of money to lobby congress with, that would allow for more rapid reform rather then applying for prior art patents.
      • The problem is that software patents are the result of court rulings, not the result of intentional law changes (I'm not sure if there was a law change that led to the court ruling or not--but my impression is not).
        • But congress has the power to invalidate software patents because the patent system was created by congress.
          • But congress has the power to invalidate software patents because the patent system was created by congress.

            Yes, but for that to happen, Congress would have to do something other than posture, and that's "above their pay grade."

            Everything Congress does is solely for appearance's sake. Any actual consequences of their actions are completely unpredictable.

    • by eldavojohn (898314) * <eldavojohn.gmail@com> on Tuesday May 26, 2009 @01:13PM (#28097285) Journal
      Program Manager: What the hell is happening?! Why is the website down [thewebsiteisdown.com]?!
      Web Programmer: It's the users, sir, one of them put dashes in their SSN on the form!
      Program Manager: I don't have time for this mumbo jumbo geek jargon ... what are you trying to tell me? This is an emergency, accounting said our money is leaving!
      Web Programmer: Well, you see the dashes are inside the string.
      Program Manager: Inside? How is this possible?
      Web Programmer: Well, the user must have paused to push the dash key, sir.
      Program Manager: So if the dashes are inside the string, we have to get them out. Is there someone we can pay for this service?
      Web Programmer: I'm afraid it's too complicated for that. But maybe if we had it write to a file and one of us kept refreshing a text editor on that file ... we could remove it and then it could read back the file after waiting for a few seconds. We would have to hope that more users don't come while we are performing emergency dash extraction.
      Program Manager: Goddamnit! Why didn't testing find this?!
      Web Programmer: Well, they did but to fix this bug we just removed the dash keys on their keyboards.
      Program Manager: Can we do that to each of the users?
      *IBM employee enters with massive box labeled "Enterprise SSN Dash Extractor"*
      IBM Sales Rep: Gentlemen, let IBM solve all your SSN problems for a mere $2,000 per site license!
      • Only $2000?! That's like giving it away free! Surely it would be closer to $200,000 or even $2 million from IBM.

    • by dzfoo (772245) on Tuesday May 26, 2009 @01:31PM (#28097567)

      You didn't read the patent application, did you?

      They are not patenting a regular expression to validate social-security numbers, they are patenting an entire validation system for web application, in which there is an API for a developer to specify a regular expression, and the framework will then validate the user input in real-time, while the front-end highlights the specific characters that caused the failure. The particular problem they are trying to solve is the user confusion when they submit a form which tells them that a field was rejected without telling them what's wrong with the input.

      This is not to say that there isn't prior art for that, but as you can see it is much more than just a patent on a simple reg-exp pattern.

              -dZ.

    • by Rary (566291)

      Penn Jillette got a patent on masturbating in a hot tub [uspto.gov] in 1999. A patent lawyer's kid got a patent on swinging sideways on a swing [uspto.gov] in 2002. If neither of these made enough of a point to bring about any patent reform, how will this?

  • How is it an "issue" that SSNs can be entered with or without dashes? Just strip the dashes in post-processing, then add them back if you absolutely have to have them...

  • by wiredlogic (135348) on Tuesday May 26, 2009 @01:00PM (#28097121)

    The first claim mentions the real time nature of the validation. The example regexes are for validating a completed string. This is still silly and obvious but you may have a harder time finding specific prior art for this case.

    • It's called "Javascript validation" and can also be found everywhere
      • I think that the patent concerns itself with character-by-character validation. In other words, as soon as you enter a character which would make the validation fail, it let's you know it is invalid. I assume that most Javascript validation waits until all of the text has been entered. I know some medical infusion pumps work this way, but I think it sucks.

        • by radtea (464814) on Tuesday May 26, 2009 @02:02PM (#28098041)

          I assume that most Javascript validation waits until all of the text has been entered.

          Your assumption is false. It's called an OnChange event: http://www.w3schools.com/jsref/jsref_onchange.asp [w3schools.com]

          I am not a "Web programmer" but anyone with even a passing familiarity with JavaScript has seen this.

          The first claim in the patent is: "1. A system for providing real-time validation of text input fields in a Web page comprising:a validation-enhanced text input element configured to contain an attribute for a validation expression for a text field in a rendered Web page, wherein the validation-enhanced text input element is contained within a source code document corresponding to the rendered Web page; andan input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters."

          So these losers have filed a patent application in which the first claim is exactly nothing but a completely standard bit of JavaScript code. People have been doing this kind of real-time validation and response for years and years and years. JavaScript is designed to do it.

          This is by far the most egregiously stupid patent application we have seen on /. in a long time.

          Why IBM is doing this is a complete mystery, although "never assume venality where stupidity will do" comes forcibly to mind.

          • Re: (Score:3, Insightful)

            by ClosedSource (238333)

            My understanding is that the onChange event doesn't fire until the input field has lost focus. That means that it wouldn't support character-by-character validation.

    • by zoips (576749)
      It seems to me the only thing unique about their patent is not the supposed real-time nature of it (people have been using onchange to ensure valid input in fields for years), but rather the uniquely Dojo (and only because everyone stopped doing it years ago) abomination of putting invalid attributes on XHTML elements to embed Dijit specific information. In this case, the patent seems to hinge on this embedding nature by its constant reference of "validation enhanced text-input element."
    • Re: (Score:2, Interesting)

      by glebovitz (202712)

      Stick the RE ^\d{3}-?\d{2}-?\d{4}$ in a QRegExpValidator in Qt and you have real time validation. Nokia has an example of this in their Qt course materials.

    • No, that isn't the novel part. If you read further to the background 009.

      [0009]What is needed is a solution that provides real-time validation feedback during entry into a text input field. That is, characters are validated as they are inputted with invalid characters being visually accentuated. For example, any numbers accidentally typed into the text field for a city name would be highlighted. Ideally, this solution would leverage regular expressions to define expected input formats.

      So it seems they ar

    • by Dhalka226 (559740)
      This sounds like nothing more than text field input masks, which have existed for years. The first result from a Google search for "masked input fields" turns up a listing of a bunch of different ones: http://www.webresourcesdepot.com/javascript-input-masks/ [webresourcesdepot.com]
  • by gurps_npc (621217) on Tuesday May 26, 2009 @01:02PM (#28097149) Homepage
    The numbers in your social security number mean things. By State originally. I am sure, IBM is at least including double-checking that information, to make sure that you can't type in 741-99-0000 and have the machine mistakenly think it is a valid social security number. How do I know this? Because the numbers mean things, you can tell that certain things are obviously bad social security numbers. For example, no field can have all 0. 111-00-1111 has never been assigned. Similarly, no number above 740-##-#### has ever been assigned.

    You can read more about it here [usrecordsearch.com]

    • I see nothing like that in the application. Granted it was long, and I did a quick scan, but nothing jumped out at me as being more complicated than checking for numerals and hyphens.

    • by zoips (576749)
      Claim 3 states that validation is done via regular expression. A regular expression doesn't really have that capability (except perhaps what Perl calls regular expressions).
      • by QuoteMstr (55051) <dan.colascione@gmail.com> on Tuesday May 26, 2009 @02:05PM (#28098075)

        Strictly speaking, it does, but it might be large. As a quick and dirty test, here's the result of evaluating (regexp-opt (loop for x from 0 to 700 collect (format "%d" x )) nil) in Emacs:

        "1\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|2\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|3\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|4\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|5\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|6\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|7\\(?:00\\|[0-9]\\)\\|8[0-9]\\|9[0-9]\\|[0-9]"

        What regular expressions can't do is match strings that aren't described by a regular language [wikipedia.org]. Roughly speaking, if what you're trying to match has a maximum length, you can match it with a regular expression. (For a more formal description, see the Pumping Lemma [wikipedia.org].)

    • by Amouth (879122)

      while that is true.. the SSN was only and example of a possiable aplication.

      what they are trying to patant is the idea of validating input durring input..

      aka you have a number only field and onKeyUp you check that the char is numeric (that is a most basic way of doing it)

      either way the simple or more indept lookup is nothing more than input validation during input..

      everyone here seems to get hooked on the SSN thing..

      but really this is anything..

      which is just fucking stupid..

      while finding prior art for this

    • by i.r.id10t (595143)

      700-xx-xxxx was for the railroad retirement society... but yes, otherwise for states and/or territories (puerto rico, guam, etc)

    • by PitaBred (632671)
      Still... the rules are known. Regex's are just a way to express rules... why in the hell is this patentable again? It's not like the regular expression is anything someone "skilled in the art" wouldn't come up with.
  • We need more overly-broad patents on embarrassingly horrible user interfaces. In fact, someone ought to patent *all* the common mistakes. That way their lawyers could run around suing everyone building crap.

  • by serutan (259622) <snoopdoug&geekazon,com> on Tuesday May 26, 2009 @01:15PM (#28097311) Homepage

    Patent Application 973255489

    "Method of enhancing sarcasm through the intentional introduction of typographical errors within multiple exclamation marks."

    Within a set of not fewer than four (4) and not more than eight (8) Exclamation Marks ("!"), an Erroneous Character from the set of characters [1, 2, @, #, ~, `] is inserted after the third or fourth Exclamation Mark. The Erroneous Character is perceived by the reader as a typographical error consistent with hurried, careless typing, reinforcing any sarcasm contained in the textual comment preceding the Exclamation Marks.

  • The Masked Input Plugin [digitalbush.com] already solves this pretty nicely.

    $("#ssn").mask("999-99-9999");

    is pretty easy to implement.

    Yes, regular expressions are more powerful. They are also - sorry o mighty nerds of slashdot - completely confusing to the majority of more casual developers who want to be able to drop in a line of quick code and move on to making their drop shadowed corners even rounder.

  • Heck Why not.... (Score:4, Interesting)

    by gabrieltss (64078) on Tuesday May 26, 2009 @01:18PM (#28097359)

    Heck a lawyer patented the method for swinging on a swing [google.com]
      Why not IBM patenting something stupid like this! Maybe enough of these will bring the patenet system into reform or it's destruction...

    Ref:
    http://www.google.com/patents?vid=6368227 [google.com]
    http://www.freepatentsonline.com/6368227.html [freepatentsonline.com]
    http://en.wikipedia.org/wiki/Reexamination [wikipedia.org]

  • Awesome (Score:3, Informative)

    by Trails (629752) on Tuesday May 26, 2009 @01:19PM (#28097381)
    I'd like to assert that I've personally written prior art.
  • as an Open/Free software hero? This action seems quite consistent with the IBM of the 1970's.

    • by pembo13 (770295)

      I'd say no... since these kind of things are very helpful in showing how screwed up things are.

  • phone numbers too (Score:3, Insightful)

    by egburr (141740) on Tuesday May 26, 2009 @01:26PM (#28097465) Homepage

    I run into this problem with entering phone numbers into web forms. Some want them as xxxxxxxxxx, some as xxx-xxx-xxxx, some as (xxx)xxx-xxxx, and even other weirdness. Some sites take whatever I put in and mold it to their desired format; others tell me my input is invalid and make me enter it again (some even tell me the desired format). Some sites actually break it up into three input fields with appropriate limits on the number of characters.

    I've seen similar cases with SSNs.

    It's pretty obvious that some sites have no trouble parsing the input data and making it fit what's expected. How is this a novel concept to be patented?

  • by Anonymous Coward

    If you read the patent application, they aren't patenting just validation of a text field. They are patenting the idea of validating a string, one character at a time, as it is entered by the user. As the string is entered, when invalid characters are found using regex, a "visual change" is made to the input to let the user know they made a mistake.

    An example they give is that in an email input field, as soon as the user enters a comma, the comma would change colors.

    It's still not groundbreaking, but it's n

  • by thethibs (882667) on Tuesday May 26, 2009 @01:32PM (#28097579) Homepage

    Wow! All this steam and no one read the patent. It's been a while since the Slashdotter stereotype was so well validated.

    The patent is for incremental validation as the characters come in. The text input widget is primed with the regex and validates each character as it is keyed, and reacts immediately if it gets an invalid-in-context character. The effect is that it's not possible to enter an invalid string.

    Whether you think this is novel or not, it's not ordinary.

    • Re: (Score:3, Informative)

      Whether you think this is novel or not, it's not ordinary.

      One of the first forms I programmed for a commercial company would delete non-numeric characters and commas onKeyUp. It's extremely ordinary, and the practice is probably a day younger than javascript.

    • by weicco (645927)

      Well, in fact many applications I've wrote for several companies or agencies uses this kind of client-side as well as server-side validation and I'm not sure but I think that many of my colleague uses this method also. So it is not novel and it is probably quite ordinary.

      But I don't live in USA and our applications aren't used in US market so I'm not sure if this counts as prior art. Probably not.

    • by lalena (1221394)
      Still not a novel idea. We have 3 regex for each text box driven by a back-end config file:
      • One for character input (typed, virtual keyboard, pasted-in, bar coded...). Ex: For an IP Address, only allow 0-9 and period to be typed.
      • One for what the partially complete text can look like. Ex: For the IP example, numbers can't exceed 255 and you can't have two consecutive periods, but if you have typed a partially valid but incomplete IP Address, it is not shown as invalid. This is validated after every key pres
    • Re: (Score:3, Informative)

      by radtea (464814)

      Whether you think this is novel or not, it's not ordinary.

      Handling a JavaScript OnChange event is not ordinary? What about a button click event?

      Can I patent "1. A system for providing real-time information in a Web page comprising:a retrieval-enhanced button input element configured to contain an attribute for a retrieval expression for a button in a rendered Web page, wherein the retrieval-enhanced button input element is contained within a source code document corresponding to the rendered Web page; and

  • The title--surprise!--sucks. They're not patenting the use of regular expressions to validate anything. They're patenting a field that validates itself as you type, and highlights invalid characters:

    [0009]What is needed is a solution that provides real-time validation feedback during entry into a text input field. That is, characters are validated as they are inputted with invalid characters being visually accentuated. For example, any numbers accidentally typed into the text field for a city name would b

  • A Google search for "social security number" regex returned 11,300 results. I guess all of those people needed a regular expression to NOT validate data.
    Also, the patent uses the term validator which is not a word according to most spell checkers that I use. I know this because I type this word frequently when documenting .NET code. Validator is the term Microsoft uses for ASP.NET controls that validate input.
    Its one thing to patent an existing idea, but don't steal the made up words from an existing im
  • (\d{9}|\d{3}-\d{2}-\d{4})

  • Isn't this just making a library for web forms that act like an IBM 3270 terminal? I mean, they patented having a terminal that does field validation decades ago. This is just an alternate software implementation of the same thing, in a web browser.
  • by dword (735428) on Tuesday May 26, 2009 @02:08PM (#28098135)

    Why don't we try to get USPTO's attention over to Slashdot? Then, if they think they don't understand what's going on with a patent, they can find other peoples' interpretation of it over here. They're bound to understand at least one of a hundred different wordings of that patent in Slashdot's comments.

    Any ideas?

  • 1) What?!
    2) It takes 4 IBMers to figure this out?

    I'm pretty sure this "problem" has already been solved. Perhaps it's still an issue with the Lotus application-to-web server. Since no one outside of IBM actually uses it, no one would have noticed that.

Put no trust in cryptic comments.

Working...