Postcode verification
Paul Morrison
Is there any way that I can check that a postcode submitted by a user is in
fact a valid postcode, rather than just a made up one? Ive seen some sites
do this, but cant find any info on it after Googling. Any pointers in the
right direction would be great.
Cheers,
Paul
Mark Goodge
keyboard and typed:
There's no algorithm (other than for the format, which doesn't really
tell you anything - XX11 1XX is a valid form, but not a valid code),
you'd have to check it against a list of known postcodes. And you
can't get a full list of valid codes without spending money on it, and
keep spending money on it to keep it up to date.
Alternatively, you could write an API for something like Google Maps
which does a postcode lookup. Provided you can do it in such a way as
to stay within the terms of use, that is - which is likely to be
somewhat more problematic :-)
Mark
--
Visit: http://www.MineOfUseless.info - everything you never needed to know!
Listen: http://www.goodge.go.uk/files/dweeb.mp3 - you'll love it!
Gordon Hudson
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:reqev19sgkhn7vuru...@news.markshouse.net...
> On Sat, 18 Feb 2006 18:21:33 -0000, Paul Morrison put finger to
> keyboard and typed:
>
>>Hi guys,
>>
>>Is there any way that I can check that a postcode submitted by a user is
>>in
>>fact a valid postcode, rather than just a made up one? Ive seen some sites
>>do this, but cant find any info on it after Googling. Any pointers in the
>>right direction would be great.
>
> There's no algorithm (other than for the format, which doesn't really
> tell you anything - XX11 1XX is a valid form, but not a valid code),
> you'd have to check it against a list of known postcodes. And you
> can't get a full list of valid codes without spending money on it, and
> keep spending money on it to keep it up to date.
>
> Alternatively, you could write an API for something like Google Maps
> which does a postcode lookup. Provided you can do it in such a way as
> to stay within the terms of use, that is - which is likely to be
> somewhat more problematic :-)
>
It gets much more complicated if you have people in different countries
filling out the form.
With that scenario you have a lot of different formats to cover.
--
Gordon Hudson || Hostroute.com Ltd
e-mail:ghudson [at] hostroute.net
http://www.hostroute.co.uk/resellers Host 5 web sites for £9 per month
http://www.nameroute.co.uk/ Domain Names with free hosting and email
http://www.myqth.co.uk/ 3000MB of web space for £29 per year
ans...@barryhunter.co.uk
http://www.geopostcode.com/ukpc2ttn.htm
look for the 'DOWNLOAD THE FULL POSTCODES LIST WITH NEAR 1.9 MILLION
RECORDS' link.
However before some get excited its only the codes themselves you get,
no other information, such as town or location.
(you can also use this php to quickly check the postcode format before
doing a database lookup:
preg_match("/^([A-Z]{1,2}[0-9]{1,2}[A-Z]{0,1})[
\+\.]*([0-9][A-Z]{2})$/", strtoupper($p))
For checking a good range of counties (other than UK), then this:
http://www.geonames.org/export/free-geocoding.html
offers a geocoding service. Even if you don't use the returned location
it would at least tell you if its a valid postcode.
Stevie D
Unless you have to restrict users to those based in the UK only, this
is a very bad idea.
It is a fairly bad idea anyway.
If there is any chance of legitimate overseas users, requiring them to
enter a valid UK postcode is going to cause problems.
But at the end of the day, how difficult do you think it is to give a
fake postcode? Not in the slightest! I could give you loads of genuine
postcodes without even trying. The fact that they're nothing to do
with me is neither here nor there. What are you trying to achieve by
doing this check?
--
Stevie D
\\\\\ ///// Bringing dating agencies to the
\\\\\\\__X__/////// common hedgehog since 2001 - "HedgeHugs"
___\\\\\\\'/ \'///////_____________________________________________
Dave (from the UK)
> It gets much more complicated if you have people in different countries
> filling out the form.
> With that scenario you have a lot of different formats to cover.
Which is the way I like it, since I can fill it some stupid postcode in
Outer Mongolia whenever some site asks for my postcode and I don't wish
to give it.
--
Dave K
Minefield Consultant and Solitaire Expert (MCSE).
Please note my email address changes periodically to avoid spam.
It is always of the form: month-year@domain. Hitting reply will work
for a couple of months only. Later set it manually.
Dave (from the UK)
> Hi guys,
>
> Is there any way that I can check that a postcode submitted by a user is in
> fact a valid postcode, rather than just a made up one?
I hope not!
Would it not be better to have a page like this:
Please enter your postcode:
[ ]
[x] Sorry, I would rather not divulge my postcode.
I suspect your reasons for just making up an email address (as you have
done) are not too different from the reasons people make up postcodes.
I can't help feeling if people make up postcodes on your site, your
reasons for requesting them are not particularly valid. If people want
something posted to them, or to verify credit card details, they will
enter a valid postcode. If they are making them up, you should not be
asking for them, since you don't need them.
Paul Morrison
>
> Please enter your postcode:
> [ ]
> [x] Sorry, I would rather not divulge my postcode.
>
> I suspect your reasons for just making up an email address (as you have
> done) are not too different from the reasons people make up postcodes.
>
> I can't help feeling if people make up postcodes on your site, your
> reasons for requesting them are not particularly valid. If people want
> something posted to them, or to verify credit card details, they will
> enter a valid postcode. If they are making them up, you should not be
> asking for them, since you don't need them.
Hi,
Basically I am creating a website which has details on injustices and gives
users the chance to sign petitions, create letters from templates to send to
MPs etc and the person that I am making the site for wants there to be some
kind of postcode check to try to make it so that users cannot sign up with
bogus emails. i have tried telling him exactly the same thing that you have
said, that people do not want to divulge this information and that it is
easy to find another postcode, but he is adamant that it be in place. He now
says that to get round the problem of users from different countries, there
will only be a postcode check if the user states that they are from the UK.
As you say in a previous post, the easiest way round this one is to select a
different country.
If only I could make this guy see sense and realise that its not a good
idea!
Paul
Paul Morrison
> is a very bad idea.
> It is a fairly bad idea anyway.
>
> If there is any chance of legitimate overseas users, requiring them to
> enter a valid UK postcode is going to cause problems.
>
> But at the end of the day, how difficult do you think it is to give a
> fake postcode? Not in the slightest! I could give you loads of genuine
> postcodes without even trying. The fact that they're nothing to do
> with me is neither here nor there. What are you trying to achieve by
> doing this check?
Hi Stevie D,
As I have just posted below, I am making a site for someone which holds
details on injustices and give users the option to sign petitions and send
letters via the site. The guy I am making the site for wants to make the
site credible by not having people sign petitions with fake postcodes.
He now suggests that there is only verification of postcodes for users from
the UK, and then and non-UK users cannot sign petitions related to other
countries than their own.
If you want the address of the site just ask and I shall email the link
directly to you.
Paul
Stevie D
> As I have just posted below, I am making a site for someone which
> holds details on injustices and give users the option to sign
> petitions and send letters via the site. The guy I am making the site
> for wants to make the site credible by not having people sign
> petitions with fake postcodes.
I repeat - how does that stop me from putting in a completely
fictitious postcode? When websites ask me for a postcode for no
obvious reason, I usually use the postcode for the university I went
to, or houses that I lived at years ago - or of course the postcode of
the organisation asking me for my postcode is another favourite!
> He now suggests that there is only verification of postcodes for users
> from the UK, and then and non-UK users cannot sign petitions related
> to other countries than their own.
So why are people who are not currently living in the UK not allowed
to sign these petitions?
This looks too much like a case of the tail wagging the dog to me, I'm
afraid - you're finding solutions to the wrong problem.
:::Jerry::::
"Krustov" <kru...@krustov.co.uk.INVALID> wrote in message
news:MPG.1e659a102...@news.newsreader.com...
<snip>
>
> Wouldnt a verify the petition signature by some sort of email
> confirmation link be better ..... blocking all the most common
@hotmail
> / @yahoo / etc email addresses from signing the petition .
>
Another well thought out suggestion from "Krusty-the-troll" - NOT....
That would, in one stroke, prevent many less advantaged people using
the site - those who don't own a computer or have their own internet
access whilst using internet cafes, libraries, colleges or university
IT access points etc. - many of the people who you would 'ban' are
the very people who could well need the service the most!
Geoff Berrow
Krustov contained the following:
>If you had read what the poster said - the client wants to try and have
>some sort of credibility to the website .
I've signed loads of paper petitions. Not one has verified my post
code. Are they not credible?
I agree with Steve, it's a non problem. The client is suffering from a
lack of joined up thinking.
--
Geoff Berrow 0110001001101100010000000110
001101101011011001000110111101100111001011
100110001101101111001011100111010101101011
Geoff Berrow
contained the following:
>> I agree with Steve, it's a non problem. The client is suffering from a
>> lack of joined up thinking.
>>
>
>Somebody else who doesnt read what a poster says .
Says he, being the person who suggested an email response as a means of
verifying a post code...
>
>The client has been told all that and still wants to do it - but perhaps
>the truth of the matter is some people on here put more value on their
>own opinions rather than what somebody else wants .
Nonsense. If anything I was sympathising with the OPs position. I know
exactly what it's like to have a client like that. If they won't listen
to sense, generally tit may be an option to price it quite highly for
setup and subsequent maintenance.
Mark Goodge
and typed:
>Paul Morrison wrote:
>
>> As I have just posted below, I am making a site for someone which
>> holds details on injustices and give users the option to sign
>> petitions and send letters via the site. The guy I am making the site
>> for wants to make the site credible by not having people sign
>> petitions with fake postcodes.
>
>I repeat - how does that stop me from putting in a completely
>fictitious postcode?
It stops you putting in a totally fictitious one, but it doesn't stop
you putting in a real one that isn't your own.
This is normal for petition sites. Part of the problem with online
petitions is that they're very easy to stuff with fake names - I once
signed up to one under the name of "Mr Michael Mouse" and I'm still on
the mailing list under that name - which makes them less valuable to
the organisers as the recipients of the petition (usually a government
department or whatever) will just say "how can you be sure that all
these names are real people?" before dismissing it. Having a postcode
to go with each name adds more credibility and, if necessary, gives
the necessary information to weed out fakes by reference to the
electoral roll.
>So why are people who are not currently living in the UK not allowed
>to sign these petitions?
That's normal, too. Governments take more notice of petitions from
their own citizens than they do from those elsewhere.
Mark
--
Visit: http://www.OrangeHedgehog.com - Useful stuff for the web
Mark Goodge
keyboard and typed:
>Message-ID: <MPG.1e65af623...@news.newsreader.com> from
>Krustov contained the following:
>
>>If you had read what the poster said - the client wants to try and have
>>some sort of credibility to the website .
>
>I've signed loads of paper petitions. Not one has verified my post
>code. Are they not credible?
Offline, they've usually got a real signature. And you can't easily
sign the same petition repeatedly under loads of different names in
order to inflate the result. But, online, that's trivial. Which tends
to give online petitions something of a credibility problem with the
recipients, who can usually dismiss them on the grounds that there's
no proof - or even solid evidence - that this number of people really
care about the issue.
Putting a few more obstacles in the way of signatories, and requiring
some verifiable personal information (such as a postcode) helps to
address this issue. People who don't want to give their real postcode
are, in this sitation, not relevent - if you're not prepared to sign a
petition under your real and verifiable identity, then you shouldn't
be signing it at all, and the organisers are quite right to attempt to
prevent you fom doing so.
Mark
--
Visit: http://www.MineOfUseless.info - everything you never needed to know!
Geoff Berrow
from Mark Goodge contained the following:
>Offline, they've usually got a real signature. And you can't easily
>sign the same petition repeatedly under loads of different names in
>order to inflate the result. But, online, that's trivial.
...
>Putting a few more obstacles in the way of signatories, and requiring
>some verifiable personal information (such as a postcode) helps to
>address this issue.
Well if you can get a list of postcodes to verify against, you can get
a list of postcodes. It just gives the appearance of addressing the
issue. If you want real credibility, krusty's solution is the way to
go.
>People who don't want to give their real postcode
>are, in this sitation, not relevent - if you're not prepared to sign a
>petition under your real and verifiable identity, then you shouldn't
>be signing it at all, and the organisers are quite right to attempt to
>prevent you fom doing so.
There is a huge difference in signing a paper petition, where it is
going to take quite a bit of work to put the information in electronic
form and filling in an online form where you are putting your
information directly into a database. The credibility of the
information gatherer would also be an issue; can they be trusted not to
misuse the data?
So an online petition will have less credibility than a paper one.
Isn't that inevitable? Surely part of the power of a paper petition is
the fact that they are difficult and time consuming to produce?
:::Jerry::::
"Krustov" <kru...@krustov.co.uk.INVALID> wrote in message
> <uk.net.web.authoring , :::Jerry:::: , m...@privacy.INVALID>
> <43fb99f1$0$49291$892e...@authen.yellow.readfreenews.net>
> <Tue, 21 Feb 2006 22:51:54 -0000>
>
> > > Wouldnt a verify the petition signature by some sort of email
> > > confirmation link be better ..... blocking all the most common
> > @hotmail
> > > / @yahoo / etc email addresses from signing the petition .
> > >
> >
> > Another well thought out suggestion from "Krusty-the-troll" -
NOT....
> >
> > That would, in one stroke, prevent many less advantaged people
using
> > the site - those who don't own a computer or have their own
internet
> > access whilst using internet cafes, libraries, colleges or
university
> > IT access points etc. - many of the people who you would 'ban'
are
> > the very people who could well need the service the most!
> >
>
petition
> signatures - who cares what you think .
Nothing will stop someone sending a bogus submissions, the best
solution would probably be some form of email verification system -
submit, receive a conformation email - with security code - the
person then replies to that email via another web form, server
receives reply and processes original submission (less email address
if needs-be).
It won't stop bogus submissions, but will hinder.
>
> If you had read what the poster said - the client wants to try and
have
> some sort of credibility to the website .
>
He also wants a usable site...!
Stevie D
> Offline, they've usually got a real signature. And you can't easily
> sign the same petition repeatedly under loads of different names in
> order to inflate the result. But, online, that's trivial. Which tends
> to give online petitions something of a credibility problem with the
> recipients, who can usually dismiss them on the grounds that there's
> no proof - or even solid evidence - that this number of people really
> care about the issue.
Could you do this by logging the IP address of everyone who signs the
petition?
Paul Morrison
> petition?
Currently, in order to stop people creating bogus accounts, when a user
signs up their password is emailed to the email address supplied, and then
periodically any accounts that have never been logged in to are deleted.
Therefore we know that the user exists, but for a petition a postcode looks
better than an IP address.
Paul
Mark Goodge
and typed:
>Mark Goodge wrote:
>
>> Offline, they've usually got a real signature. And you can't easily
>> sign the same petition repeatedly under loads of different names in
>> order to inflate the result. But, online, that's trivial. Which tends
>> to give online petitions something of a credibility problem with the
>> recipients, who can usually dismiss them on the grounds that there's
>> no proof - or even solid evidence - that this number of people really
>> care about the issue.
>
>Could you do this by logging the IP address of everyone who signs the
>petition?
Up to a point, yes. For internal checking, that's a good start. But
the target of the petition will usually want to see information that
has a real-life, off-net verifiability.
Mark
--
Visit: http://www.FridayFun.net - jokes, lyrics and ringtones