JavaScript validation – another bad idea?

On my travels around the web I come across lots of websites that use JavaScript to validate user input (Yes I peek at their source code, I’m curious).

Using JavaScript to validate forms is a nice way of presenting errors to the user, I find with JavaScript it is easier and nicer to present users with information\Errors (such as a pop up) without having to refresh page and therefore retaining the data they have already entered. This saves having to pass data via post or get methods to fill the already entered users data in the form fields.

This approach is nice and clean, BUT you can’t use just JavaScript to validate. I don’t know if developers are in too much of a rush, don’t think about it or plain don’t realize that a user could have JavaScript disabled or even use a browsers developer tool to delete the JavaScript functions and therefore avoid validation. You should always use a server side validation also. I mean it’s obvious isn’t it……  apparently not.

Remember never trust a user.


Leave a Reply

Your email address will not be published. Required fields are marked *