Data validation

Validation of data in forms and on the server side is principally a tricky thing. HTML provide us with more validation schemes for input field and systems like JQuery can provide through its JQuery Validation plugin structure more functions for validations and make it easier.  The bottom line is this: how to you ensure that you validate correctly on the client and server side. Optimally you should only define your validation in one place and reuse that validation method one the server and client. Also, optimally, that validation definitions should be separate from your application code and be tested by unit tests to ensure that you have a correct validation.

On the client side it is perhaps not critical, since validation is in place to ensure that users enter correct data and understand what data to input. The speed with which feedback is given can help users understand forms and minimize the amount of instruction needed. HTML5 also easily provide you with more input types for standard data types such as e-mail and phone numbers.

On the server side we validate to ensure that correct data is entered but also to protect against attacks and things like SQL injections. It is very easy to find yourself in a position to use regular expressions to define the validation. for that.  no corrupt data enter the system many validation systems end up using regular expressions which are easy to define by googling and copy/pasting but not easy to verify and also difficult to protect from accidental change.  It is not easy to verify that a regular expression has not been tampered with just by looking at it.

Isolating regular expressions in the code and writing test cases to validate your regular expressions is central to protecting your service in the long term. These expressions could then be reused on the client side which provide many good functions for doing the validation but the validation rule needs to be protected from accidental change.