0

what are the advantages of validation on the client side using a client side script such as Javascript?

thanks

Noona
  • 643
  • 1
  • 14
  • 30
  • possible duplicate of [form validation with javascript vs php](http://stackoverflow.com/questions/1726617/form-validation-with-javascript-vs-php) – David Thomas Oct 03 '10 at 22:43
  • Remember to always check the parameters on the server side: You might expect a username of 6-20 characters and feed it into a sql-query but what you actually get is 10 megabytes of random data and your sql server might not handle that in a graceful way. – some Oct 03 '10 at 22:48

2 Answers2

2

The advantage is that the user doesn't need to reload the page just to find out that there's an error in the input. This said, you still have to do server-side validation, since users can turn off or manipulate the JavaScript in order to submit nonsense data to the server.

Gert Grenander
  • 16,866
  • 6
  • 40
  • 43
  • 1
    Couldn't say it better myself. – some Oct 03 '10 at 22:44
  • Depending on the browser JavaCcript may not be available to the user, so it is a good idea to allow the form to work without JavaScript. Users may also disable JavaScript from untrusted sites for security reasons. – BillThor Oct 03 '10 at 23:34
  • @BillThor - That was covered in my second sentence. – Gert Grenander Oct 04 '10 at 01:12
  • @GertG - No offense was intended. Some people turn off JavaScript to enable hacking. However screen readers, and text mode browsers often don't have JavaScipt. And other users disable JavaScript for security purposes. Sites with forms that can only be filled with JavaScript enabled have a high risk that some customers will abandon the form. – BillThor Oct 04 '10 at 12:53
  • @BillThor - No offense taken. I surf the web with JS mainly turned off. As for screen readers, they read what the browser offers them. With WAI-ARIA, they're happier than ever. And having validation both on the client and server offers everyone validation. ;) – Gert Grenander Oct 04 '10 at 23:56
  • @GeryG - Unfortunately, I frequently run across form where JavaScipt validation is used to enable fields. No JavaScript = only some of the required fields = sever side failure due to missing fields. This is what should be avoided. – BillThor Oct 05 '10 at 04:16
  • @BillThor - Don't judge the technology on the skill of the programmer. – Gert Grenander Oct 05 '10 at 11:12
  • @GeryG - Not blaming the technology, just the all to typical use of it. It may not always be the skills of the programmer, as they may be implementing something they don't agree with. – BillThor Oct 05 '10 at 13:31
  • @GeryG, so based on what you said, if all users disable java script on their browser then there would be no need for the script at all? when would it be justifiable to use JS? are you saying that it's always better to use server side scripts? – Noona Oct 08 '10 at 20:52
  • @Noona - You should always have server side validation. Client side validation is a progressive enhancement that makes the form more user-friendly. – Gert Grenander Oct 09 '10 at 02:39
2

A better user experience. They get validation results quicker, without a server round-trip. It also allows you to do validation of fields that are difficult / you don't want to send back through a page cycle, such as passwords and credit card numbers.

It's fairly easy to set up nowadays - there's plenty of JavaScript frameworks you can just drop in, the set styles on your input fields to describe validation and wire up a submit handler to trigger validation. e.g. jQuery validate.

However you must always cope for the no-JavaScript case, and you must always server-side validate too.

Rup
  • 33,765
  • 9
  • 83
  • 112