Hello, FrozenDice wrote: > Well remember, if the user is submitting data(which they probably are) > to be processed by something on the server then it's not a good idea > to rely on server side prevention. What I'm saying is if you're using > it in an sql query or something then the user can easily tweak the > html or just replicate the post form and take out the # characters > limit. Best way is to check if it's >25 on the server. > > Oh, and here's a link on how to limit # of characters in JS, so the > user doesn't have to submit to learn it's the wrong length. > http://www.felgall.com/jstip20.htm
Yes, of course the data should also be validated on the server side. But it's also considered good usability to help the user to avoid unnecessary input errors. The approach on the website provided in the link is quite similar to my own, and the example on that website clearly shows what I've feared: The entered character that's over the limit is visible for a short amount of time. That's no show stopper, but it's an ugly glitch and I hoped that I could avoid such a thing. Regards, Daniel Haferkorn ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ qooxdoo-devel mailing list qooxdoo-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
