Java Reference
In-Depth Information
Form Validation
Form validation is the process of checking whether a user has entered the information into a
form correctly. Examples of the types of validation that occur include ensuring that:
• a required field is completed
• an email address is valid
• a number is entered when numerical data is required
• a password is at least a minimum number of characters
Validation can occur on the client side using JavaScript and on the server side. It is advisable
to use both client-side and server-side validation; JavaScript should not be relied upon to
validate any data before it is saved to a database. This is because it's possible for a user to
modify the JavaScript code and bypass the validation rules. Instead, JavaScript validation
should be used to enhance the user experience when filling in a form by giving feedback
about any errors before it is submitted. This should then be backed up with more validation
performed on the server before the data is eventually saved to a database. Having said that,
it is still useful to validate on the client side even if the data will be validated again on the
server side. This is because it will ensure that more valid data is sent to the server, which
helps to cut down the number of HTTP requests required to send the form back and forward
from the server to be corrected.
HTML5 has its own validation API that can be used, although it lacks the full support from
all browsers at the moment. The error messages that it produces can look inconsistent across
browsers and are difficult to style.
The API works by simply adding relevant attributes to the form fields. For example, if a
field is a required field that must be filled in, all you need to do is add a "
required
" at-
tribute to that field and the browser will take care of the rest.
To see an example of this in action, add a
required
attribute to the
name
field in our hero
form:
<input type="text" name="name" required>
