Chapter 3. Validation

Hacks 22 27

Validating the data that users provide in web forms is an important step in exchanging information with them. Web applications should not hit the network with blank form information or fields that contain nonnumeric characters where numbers (such as a credit card number or ZIP Code) are required. To prevent this, JavaScript provides an option to implement client-side validation: a form can self-check before the code connects with the server and submits the data. The client represents the first layer of validation an application can implement. A second layer of validation on the server is critically important, for example, when the data involves financial or other private information, or if JavaScript is disabled in the user's browser. Server-side validation is required to ensure that the application handles valid data. The following hacks demonstrate validation techniques for blank text controls, email addresses, credit card numbers, and U.S. ZIP Codes.