Thanks for the colorful encouragement, Damien. :o) With what you said in mind, that's why it seems to me to be best to combine a front-end JS "message-delivery" system and a back-end CF validation system.
Then I get my user-friendly front end and my secure backend. Yes, it does tax the server more, but before now, *all* my validation was done with CF processing, so this is not a step backwards as far as work done by the server. Rick -----Original Message----- From: Damien McKenna [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:46 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? On Apr 14, 2007, at 10:46 AM, Rick Faircloth wrote: > But now that I've started down the client-side validation road, I hear > from passersby, "No! You should always validate server-side or both!" Not validating server-side is too much of a security risk. I always consider server-side validation to be utterly essential, and client- side an extra bonus if you have the time. Never, ever, ever, ever (don't you see!), ever, ever, never, ever do just client-side validation, you're leaving yourself open to have your data stolen, your cat painted and your lunch left too long in the microwave, i.e. "bad things." -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-548-3800 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275439 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
