Client Vs Server Side Validation

I am writing this post in reply to the questions asked in an Technical  Workshop presented by me, “What is best way of validation, client side or server side or both?”, “Why to duplicate the validations at client and server side?”.

What is validation?

Come on, I am sure you know this.

Ok what is Client-side Validation?

Simple, the validations which are done at client side. Usually done by java scripts.

And Server-side Validation?

Obliviously, the validation which are done at server side are the server-side validations. Server side code do this.

Which one should I use? - Server-side Validation Or Client-side Validation Or Both

Yes this the topic of discussion. I think, it does not matter which one is best or which one is worst, the server-side validations are must. Client side validation are in the scope of client, he can disable the javascripts or bypass them by seeing the javascript code ( most of the browser now come with javascript debugging support with watches or so).

Ok it means server side validation is best, so we should not use client-side validation?

Well, I haven’t said this. You should consider having client-side validation as well. It is useful to increase the usability of the web application, improve the user experience by speeding up the interaction, instead of waiting for the server side validation and seeing the error only after filling up so many information.

So I think both should be used, first perform client side validation to improve user experience and then once a form is submitted to server, validate there as well to check the correctness of the input.


Nowadays, AJAX based validation is also used to provide better user experience with the power of server-side validation, but I still say server side validation is must even after this.

Software Effectiveness Vs Software Efficiency

I define software effectiveness as, doing the objective effectively, I mean correctly. Efficiency can be defined as, using the resources optimally where resources could be memory, CPU, time, files, connections, databases etc.

From my experience, in most(should I call many) of the software projects, efficiency/performance is not much accentuated during the system design and earlier phases(requirement and estimation) as compared to the emphasis given in later phases, coding and testing and mostly in maintenance.

Stressing on efficiency, during the early SDLC phases, can eliminate lot of problems. If we consider the efficiency late say in coding phase, then we probably able to develop an optimal system in which 90% of the code using just 1% of CPU time in peak load, but 10% of code is using 99% of CPU. If we worry about the performance only after the system is built then we are in the worst situation, we probably could not reach 90% optimal code level.

Coming back to effectiveness, usually this is the most emphasized topic in all the SDLC phases, we always try to make the system understandable, testable, and maintainable.

Note that, efficiency is generally against the code quality measures that were considered to improve effectiveness, more efficient code is usually more difficult to understand, hard to maintain, sometime very hard to test.

So based on project, we should benchmark/strengthen the SDLC process to balance-out the efficiency and effectiveness in each phases. Keep it in mind that there are always some modules where efficiency is more concerned than the understandability, maintainability. We may change our mind setup when understanding a highly efficient module that this will require more effort to understand, maintain and test.

This post is not meant to allow the developer writing less effective code, saying that you are writing efficient code so; it will be less understandable, not testable and not maintainable. Use better design pattern, prepare approach and discuss it, design the efficient module very carefully.