Raj Kumar Jha wrote:
> Hi,
> I suppose using javascript on the client side is a much better way, in
> my opinion. You reduce the load on your server, network traffic and thus
> gain in speed.
> Regards,
> Raj
>
Using client-side validation *only* is a good way to get your application
hacked.
It is trivially simple to write a Java program (and only slightly harder in
other languages :-) that submits an HTTP GET or POST request to your application
on its own, which therefore bypasses all of your careful client-side editing
tests.
Client-side editing is useful in improving your user interface (because you can
react to certain classes of errors more quickly), but you should consider
server-side validation of everything to be mandatory for any serious
application.
Craig McClanahan
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
