Re: [dfv] Data::Formvalidator and JQuery validation
Status: Inactive
Brought to you by:
markjugg
Menu
▾
▴
Re: [dfv] Data::Formvalidator and JQuery validation
|
From: Cees H. <ce...@gm...> - 2010-03-19 00:39:06
|
On Fri, Mar 19, 2010 at 9:30 AM, Ron Savage <ro...@sa...> wrote: > Hi Lyle > > On Thu, 2010-03-18 at 15:59 +0000, Lyle wrote: >> Ideally I don't want to JS validation to result in a server request. I >> want it all client side so that the server only get's a request if it's >> all valid or JS is turned off. > > This doesn't make any sense. You /always/ need server-side validation. > > For instance, a hacker can download your page, delete the Javascript > validation, and submit any data whatsoever. > > The client-side validation is purely to give the user quick feedback. Hi Ron, I don't think that is what he meant. Ideally you want the JavaScript to be able to handle most if not all of the validation on the client side so that no requests need to be made to the server until the form is correctly filled in. At this point it is submitted to the server where the normal server side validation is run to ensure no fowl play is occurring. if your JavaScript still makes calls back to the server to do validation then it kind of defeats the purpose of client side validation. However, there are some instances where only server side validation will do (for example seeing if a nickname is already in use). These types of validation can be done with an ajax call to the server to give quick feedback. But as you said, when the form is submitted you still always recheck every field on the server as you can't trust what is sent from the client. Cheers, Cees |
