Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

Re: Javascript: Display Logic or Business Logic?

by chrestomanci (Priest)
on Oct 04, 2011 at 14:40 UTC ( #929558=note: print w/replies, xml ) Need Help??

in reply to Javascript: Display Logic or Business Logic?


You should never rely on JavaScript to validate data from the end user, as it is too easy a hacker to disable or modify your JavaScript so that invalid data gets sent to the server. Also if you rely on JavaScript validation then you lock out users who have disabled JS, or don't have support for it in their browsers (eg. phones)

There is nothing wrong with doing client side validation to help the end user (eg, highlight empty form fields in red), but any client side validation must be duplicated on the server as well.

Given all that, I don't think JavaScript can form part of your business logic, it can only ever be part of your display logic.

I take your suggestion about using contemplating to generate JS, and I can see it might make sense for validation. For example suppose you have a list of valid values for a field. Rather than hard code the list into the validation logic in both perl on the server, and JS on the client, and attempt to keep them in sync, you could store it in the database, and then generate the validation JS code on the fly.

An alternative approach (that I have used in the past), is to store it once in the JS validation code, and then write some perl to parse the JS and extract the list of valid values. This was rather fragile, but it avoided maintaining two lists.

  • Comment on Re: Javascript: Display Logic or Business Logic?

Replies are listed 'Best First'.
Re^2: Javascript: Display Logic or Business Logic?
by Rhandom (Curate) on Oct 05, 2011 at 13:30 UTC
    You could use CGI::Ex::Validate and write your validation once and have it available in perl and javascript.

    my @a=qw(random brilliant braindead); print $a[rand(@a)];
Re^2: Javascript: Display Logic or Business Logic?
by perlfan (Curate) on Oct 04, 2011 at 15:50 UTC
    Thank you, this is more general. It's not just about validation, though that's a huge consideration.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://929558]
and a soft breeze sighs...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (5)
As of 2018-03-17 11:17 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (223 votes). Check out past polls.