Eric's point is wise and should be heeded! I don't know how many times I've gone 'round and 'round about this in the
JSP forum.
JavaScript validation and other things that you do on the page are there for the "user experience". You can do some wonderful things with JavaScript on your pages. But never, ever let your server-side code assume anything about what happened on the client!
If you perform validation on the client side (so that user don't have to wait for a server-round trip to find out that they need to fill in a field and such) that's a nice thing, but your server-side code should
always perform validations regardless of whether you performed client-side validation or not.
And even more important, coding business rules into your forms (as Eric's example points out) will only lead to heartache and pain.
[ March 30, 2004: Message edited by: Bear Bibeault ]