First of all, it's JavaScript, not Java. Second, you always need serverside validation - anything on the clientside can be disabled. An attacker wouldn't even have to use a browser to submit the form.
In other words: Implement both. Serverside for security and data integrity, clientside for a better user experience. Jörn On Tue, Feb 3, 2009 at 9:47 AM, david.0pl...@gmail.com <david.0pl...@gmail.com> wrote: > > Since I started messing around with jquery, I'm astonished on how > simple a java web form validation is.. the problem is when a person > has a non java brower or disable it, then basically the java > validation is useless! > > Now, since I use php I also have the standard server side validation > but I was wondering if there are any shortcut that I'm not aware of, > what is the best practice to handle a non java browser (like disabling > the form on a non enabled broser?). > > Please enlighten me! > > Thanks > > David
