Posted by Jukka K. Korpela on 06/19/07 16:56

Scripsit Beauregard T. Shagnasty:

> A visitor, once realizing you are checking zipcodes, may still enter a
> bogus name and street address.

Or he may move to a better site.

There are sites that require registration for no understandable purpose,
just collecting personal information from users, without ever using the
information for any legitimate end. Such collection of personal data is
illegal within the European Union, though apparently not in the US. But
users indeed have the option of entering bogus data that just meets the
syntactic requirements. If you ever intend to _use_ the data, it will be
more seriously bogus than without the syntactic checks! (That's because a
larger part of it _looks_ OK.)

We cannot know whether that's the case in the OP's problem, but I'd suggest
considering seriously what data you really _need_ - and check it well
server-side. On the other hand, if it's e.g. an e-commerce site where people
can buy things - so that you really need some addresses - then it's mainly
in the users' interest to type in their addresses correctly. You can just
remind them of this.

Any checks have the risk of rejecting correct data. It's actually _very_
difficult to check even an e-mail address reliably. Zip codes might be
easier since they constitute a finite and known set, but what happens when
the set changes, e.g. new codes are added?

--
Jukka K. Korpela ("Yucca")
http://www.cs.tut.fi/~jkorpela/

[Back to original message]