I am aware that I can Google “HTML Form Validation” and would get a billion tutorials. I am well aware that I can use simple JavaScript to validate form input, but I have been told that this is not necessarily an efficient method. I have also heard that it is a best practice to validate both client and server-side code. OK! Well, What exactly does this mean besides writing code on both? Does it mean I do some with JavaScript and other with Servlet’s or does it mean that I write identical validation methods on both?
My real question is can anybody give me insight and direction as how to go about validation my HTML forms. I am using JSP’s and Servlet’s and I have tons of form validation to do.
I have already done minor form validation with regex in Java, but want to figure out if Im heading in the right track before I write any more code.
Only productive answers please, If I wanted negative feedback on how inexperienced I was, I would have gone to Reddit.
Thanks!
Serverside without clientside is ok, clientsite without serverside is a no-no.
How you validate on the serverside is really up to you. There are existing libraries out there that help you, but regexes are fine too. Do read up about why you need to validate, so you don’t forget to check against possible attacks.
Same thing goes for clientside validation. The JQuery Validate module quite nice, but you can write your own, no problem.