0

Hi I'm running into a bit of an issue. I have a form on a webpage that uses a bunch of HTML controls (text boxes, check boxes, drop downs, etc...). I'm going to to add the data entered into a database, but it needs to be validated first. I much prefer to have the validation done on the client side because it's cleaner. So is it possible to do all the error checking n' such with JavaScript, then when it's all checked out, send a true or false value to the server side code so it knows to start processing it?

As of now I've been doing my JavaScript validation, and then mimicking it with the ASP.NET code. It works, but there has to be a better way.

Thanks in advance

Improve this question
6
  • Having a global variable like isValid which is set to false, and on the form postback check it and return false. if (!isValid) return false; That way your JavaScript can set that variable to true once it verifies all fields are valid. Commented Jun 19, 2013 at 14:32
  • 1
    You should be able to prevent the data being submitted to the server by returning false from the submit button event handler if the values are invalid. Commented Jun 19, 2013 at 14:33
  • 1
    You should have validation in both places. Once for the user (client side), once for data integrity (server side). Nothing you're doing really sounds wrong. Commented Jun 19, 2013 at 14:33
  • 2
    "So is it possible to do all the error checking n' such with JavaScript, then when it's all checked out, send a true or false value to the server side code so it knows to start processing it?" — That's silly. Just wait until the JS validation is complete before sending the data. (And as mentioned above, that won't be sufficient). Commented Jun 19, 2013 at 14:33
  • 1
    I would convert the controls over to asp.net controls and add the built in validators. They work on both client and server side. And you should be validating both before entering anything int a database. Commented Jun 19, 2013 at 14:35

2 Answers 2

Reset to default
1

When it comes to deciding where to perform validation, there are two options:

  • on the server
  • on the server and the client

Performing validation only on the client is not a safe option, because you cannot trust the client. What if a user has javascript disabled, so your client-side validation never runs? Now your server is blindly accepting potentially-bad data. What if a user saves your webform to disk, changes it to remove the validation, then submits using their modified version? Your server is blindly accepting potentially-bad data.

Client-side-only validation will end up costing you - don't go down that route.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Until you choose to use ASP.NET MVC which is elegant and a "better way" to build applications with sexy attribute based validation, you are out of luck. You have to check the data on the server.

Remember,

Never ever trust the data from the user.

Even though most of your users will be good old ted, but there are smart, evil people out there who will try to hack your shiny site. Apart from that people will laugh at you if they find that you do not validate data on the server.

To save you from such insult, validate your data on the server.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.