|
|
Posted by Jonathan N. Little on 06/18/06 13:10
Jukka K. Korpela wrote:
> Jonathan N. Little <lws4art@centralva.net> scripsit:
>
>> Before it is posted, your can use JavaScript to check the input, but
>> that is no guarantee because the user may have JavaScript disabled.
>> You should *always* check user input upon the receiving end at the
>> server-side script.
>
> In this particular case, the check should probably be made _only_ in the
> server.
>
> As a rule, it is a good idea to consider setting up client-side checking
> as well, after you have designed and implemented the server-side check.
> Immediate checking is good for usability and accessibility: the user
> gets an error message at an early phase where he remembers what he just
> did and has the context and position in front of his years, literally or
> figuratively.
>
> However, double checking tends to be expensive in terms of
> implementation and maintenance work. You normally use two quite
> different programming languages, JavaScript for client-side checking and
> something else for server-side checking. This means duplicate coding;
> only the overall logic is the same. Moreover, any changes need to be
> implemented twice, and this means that some day you (or you successor as
> the maintainer) will forget this. Testing needs to be duplicated, too -
> with scripting enabled and scripting disabled. Testing the client-side
> checking is problematic, since there are differences between browsers in
> JavaScript implementations.
>
I agree that it makes more work for the designer, but the benefit is
that it can give an advance tip to the user. I see benefit is
accommodating the user. If you make it more convenient or accessible for
them the more likely you will get their business! On dialup from
experience it can be a real pisser to only discover your error after you
posted the form and will have to do the process all over again.
On the implementation side I took the time to create a pair of script
PHP and JavaScript , I created an validation class object in each and
the base validation is set in my PHP and the PHP object creates upon
loading the document the JavaScript to load the same checking values
into the JavaScript object to keep everything synced. It was worth the
initial effort so now I only have to include the PHP class and attach
the JavaScript class then in the doc setup up the PHP object. The rest
is done automatically and if the user has JavaScript enabled client-side
checking will be enabled.
What one must be careful of it that their JavaScript validation does not
cause an endless loop when can happen with improper blur|focus handling...
--
Take care,
Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com
[Back to original message]
|