Heya, They way I see it is that you have JavaScript there to catch 99% of your errors caused by bad user input.... then Cold Fusion validation to catch the errors that people who don't have JavaScript enabled.. and then database integrity checking as a last resort so if the programmer makes an error, at least you avoid bad data in your system.
Those levels of checking also correspond to a level of user friendliness in the feedback to the user, e.g. from a nice DHTML hint popup, to a Cold Fusion page explaining where you went wrong, to a generic 'something bad has happenned' page, and possible an arcane database error. At the end of the day, you've achieved the most important task.. to ensure the integrity of your data, which your client needs in order to run their business.... > Hey Taco, > > Just a few comments, and these are definately hypocritical (eg. I work the same way as you do but do wonder sometimes...) > > JS validation? good for instant feedback but what if you don't have JS? (again, many of the apps I have assume javascript and don't work without (eg. javascript validation submits the form so no JS = no form submission) This is generally a constraint of time, features and budget - but what do people consider the minimum support for non JS clients? > > ColdFusion validation? yeah I agree with you Taco, and this is where the bulk of our validation gets done for EXACTLY the reasons you've mentioned (flexibility and built in functions mean that catching errors can be handled in any way you like... and I don't claim to be the greatest coldfusion programmer but there are things I could do in half an hour that would take an experienced programmer with insight into a PARTICULAR RDBMS a day or so, and would still require some sort of cooperation at the presentation level) > > SQL validation? Well this is where I disagree but do it in the same way as you do anyway because of time. I think MORE should be done in SQL and I think, on the whole, the bottleneck in terms of response time is between the client's browser and the webserver. (meaning an SQL statement here and there is not going to add a whole lot and it's the 'last word' when we're talking data integrity) (Remember these are form submissions and validation etc, not 'just page hits' which should be as light on the database as possible) > > Anyway - this is becoming off the original topic somewhat but I'd love to know what people think. > > - James > -- --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
