Full validation is mandatory on the server-side. Client-side validation can smooth the user experience, but that's all it does.
Your web layer should ensure everything is syntactically valid and do any necessary conversions. For example, if I submit a birth date via a form, the actual form parameter is a string, so it needs to be converted. That hands off to your business layer where semantic validation should happen (birth date is before death date, both are in the past, etc.). By the time you get to the data layer, almost no validation should be happening. The notable exception is stuff like uniqueness constraints and the like. Using JS for validation, especially combined with AJAX to do server-side processing, can yield a HUGE improvement in the appearance of your application. Things like checking if a username is unique before submitting the form, and telling the user right there if they need to pick a new one. Note that this uniqueness check does NOT count as validation, because the form is optional, only the POST is required. cheers, barneyb On Fri, Jun 27, 2008 at 12:20 PM, Ian Rutherford <[EMAIL PROTECTED]> wrote: > When you are writing your code, where do you handle error checking? > > Do you handle it with Javascript on the front end? With code before you hand > the data to a CFC, in CFCs, in your T-SQL code? Or do you duplicate the error > checking at each step along the way? > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:308257 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4