I am writing this post in reply to the questions asked in an Technical Workshop presented by me, “What is best way of validation, client side or server side or both?”, “Why to duplicate the validations at client and server side?”.
What is validation?
Come on, I am sure you know this.
Ok what is Client-side Validation?
Simple, the validations which are done at client side. Usually done by java scripts.
And Server-side Validation?
Obliviously, the validation which are done at server side are the server-side validations. Server side code do this.
Which one should I use? - Server-side Validation Or Client-side Validation Or Both
Yes this the topic of discussion. I think, it does not matter which one is best or which one is worst, the server-side validations are must. Client side validation are in the scope of client, he can disable the javascripts or bypass them by seeing the javascript code ( most of the browser now come with javascript debugging support with watches or so).
Ok it means server side validation is best, so we should not use client-side validation?
Well, I haven’t said this. You should consider having client-side validation as well. It is useful to increase the usability of the web application, improve the user experience by speeding up the interaction, instead of waiting for the server side validation and seeing the error only after filling up so many information.
So I think both should be used, first perform client side validation to improve user experience and then once a form is submitted to server, validate there as well to check the correctness of the input.
Nowadays, AJAX based validation is also used to provide better user experience with the power of server-side validation, but I still say server side validation is must even after this.
