posted 17 years ago
Hi Ja,
Validation is required before submitting a form to the server(database-mostly) to check for authenticity of certain things.
Obviously when you say password cannot be empty, is it a point to send it the server? No. Then you must stop it before it reaches the server. This is client side validation.
Now consider, I am trying to compromise someone's account and i send some info in the password. I need to check inthe DB if the info is correct or not. As this info is in the DB i need to do a server side validation.
Why, most importantly, we are talking about it because the sever side trip is expensive in terms of network bandwidth consumption(here which would be invalid request anyway-empty password request), connections and host of other things that are involved with the server side connections( sockets opening, etc-internal).
So a server should be hit only when reqd.
Thus most applications have a client side and a server side valdiation. Its a good practice also.
[ November 09, 2006: Message edited by: RoshaniG Gopal ]