> I'm leaning towards using a combination of JS on the interface > and CF for data validation. That'll take care of security.
The application I'm thinking about is an insurance enrollment system. Users have to already be registered to access the system - which is a multi-page form. I'm using a combination of CFFORM validation and then server-side validation on the database. BUT - I've had to add a third layer for folks without javascript! When they enter the system, most of their user info is already filled out for them, so you'd think you'd not get many submissions with info missing. Even so, you wouldn't believe the number of submissions where a simple "Your Email" field is left blank. AND IT'S FILLED IN TO START WITH! ..and marked in red "REQUIRED". And they'll still erase whatever is in there and leave it blank. I've had to add an "in between" layer to check for missing info when the client-side validation fails (due to no javascript) and kick them back to the form before it ever gets to the data-processing page. Since the forms are pretty darned big, that's a ton of extra code (almost 30% more). I'd just as soon kill that extra layer and require javascript. If part of the application itself is javascript and they refuse to use it, isn't that like refusing to put the proper fuel in your car and then complaining about how it isn't running too good? I dunno - this is something I'm still considering myself. It would certainly save a lot of coding headaches, that's for sure. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275418 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
