Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsDatabaseAbout 
 
   News
home

Javascript form Live Validation
(old news - 09:47AM Thursday Sep 06 2007)
Today's example of YACJL (Yet Another Cool JavaScript Library) is "as you type": form validation. Finally! a way to make sure your customers enter stuff exactly the way you want them to!

But wait. You still need all the same validation on the back end, on your server. And until server-side JavaScript launches, done differently. Anyone can POST any data they like to the forms of your app - no matter how much guard JavaScript you load into your pages. So now you have two sets of validation that are almost certainly not going to match exactly. Hopefully the server-side one is tougher.

Oddly, the documentation makes no mention of the trap for the unwary. In fact it even suggests you don't have to worry about it:
This is useful for validating everything in a form when it is submitted. The return value of this can be used as a return value for the onsubmit event, to stop the form from submitting if any fail. The messages of the LiveValidation object will be displayed as if you have typed them in.

rss feed About dslreports.com

Random site news information and ponderings, by Justin
Forums » Javascript form Live Validation
view: topics flat text 
Post a:

yock
The Internet Is For Porn
Premium
join:2000-11-21
Fairfield, OH

Disable Submit?

Couldn't you disable posting until the client-side validation is satisfied? I know this violates the "fail gracefully" principle of web design, but relying on client-side validation already does that anyway.
--
Laughter is the closest distance between two people. --Victor Borge
"The opposite of war isn't peace, it's creation."
permalink · 2007-09-06 12:30:52 · Reply to this

justin
Australian
join:1999-05-28
Brooklyn, NY

Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech

Re: Disable Submit?

It would be very difficult for the server-side to know for sure a client-side submit has been validated by a browser based library it has no control over. Anything javascript did as a trick such as passing back a token with the form saying "I checked this data and it is ok" could easily be copied as well.
You can't escape having to validate all fields all over again in PHP or Ruby or Perl or whatever, and then when you DO find a problem do you just reject the form silently, or do you re-display the form with neat error messages? which kind of makes the whole as-you-type validation redundant.

I suppose javascript on the server side is inevitable. If a web server integrated client and server side javascript into one seamless package you'd only be maintaining one set of code - the form could be validated twice by the same code.
permalink · 2007-09-06 13:28:40 · Print · Reply to this

pog
Premium
join:2004-06-03
Kihei, HI
·Hawaiian Telcom

Re: Disable Submit?

Maybe they could come up with some neat examples of PHP using the same criteria to generate the JavaScript for the client as well as (re)validate on the server?

IOW, /form.php requested without variables returns the form. The submit is back to /form.php but the presence of post/get variables triggers the validation?

I dunno but it should allow you to look kill both birds with the one stone.

Anyway, LiveValidation doesn't seem to address fields that get overlooked... for eg, the first example requires that text be entered. Nothing stood out to alert me until I typed and then erased. Surely, skipping fields is as big a problem as actual bad data entry?
--
My Site
permalink · 2007-09-07 05:07:48 · Print · Reply to this
Forums » Javascript form Live Validation

Friday, 05-Sep 19:26:08 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.