On Mon, Jul 27, 2009 at 6:06 PM, Jörn
Zaefferer<joern.zaeffe...@googlemail.com> wrote:
>
> Having JS sanitize for the backend is somewhat dubious, I'd not go
> there, but you probably don't want to discuss that.
I think we're in agreement there, actually. JS provides no security
and shouldn't be relied on. Rather I'm looking at a progressive
enhancement feature: Server-side validation can reject (for example)
any CC Number that isn't 16 digits. User's w/o JS can get the
functional basics ("please enter your CC number without hyphens or
spaces") The JS front end will accept multiple formats (16 digits, 4
sets of 4 digits with whitespace, etc) and translate them to what the
server demands.
This is more impressive with string inputs for dates, phone numbers,
etc. Typing "8005551212" is easy on the user, and seeing "(800)
555-1212" is better for their visual parsing.
> Anyway, a validation method has access to the validate element, so you
Ah, this is the essential piece I was missing. I'll code a few tests
and report back in a few days. Thanks for the help!
--
Brett Ritter / SwiftOne
swift...@swiftone.org
