Re: Perl output Javascript to validate user input

"phal" <betterdie@xxxxxxxxx> wrote:
I want to do the following,

First method:

1- Generate Html from Perl script for user input form,
2- After user input, the javascript which embed with Perl script to
check validate in the client side

So the Perl script merely prints out the Javascript source, along with the
rest of the html? This is not what we generally call "embed". Embed
generally means you are running the other language, not merely printing out
source code written in the other language.

3- When the validate is okay, the user input will store in the
database.

How do you know that the validation is truly OK? Or doesn't it really
matter? If the end-user can only screw themselves by circumventing
javascript to get bad data put into the database, maybe this is OK. But if
they can screw you or other people by doing so, then this is not OK, you
need to validate on the server.


Second method:

1- Generate Html from Perl script for user input form
2- User input will be validate in the server side by Perl Regular
Expression
3- If it is valid, the user input will save into the database.

This is the method I generally use. I can write the validation methods
in the language I prefer, and it is done in only one place. And it doesn't
depend on what the client-agent is.

Third Method:

1- HTML form along with Javascript display to user
2- User input will be validate in the client side by javascript before
pass to CGI script
3- If valid, then it will save the user input into the database.

What is the difference between the Third Method and the First Method?
Is it merely that in the 3rd case the html form (with javascript) is served
from a static file rather than from a CGI?

If you are justly concerned with speed, then you should serve as much as
you can from static files rather than from CGI.

I think the third method is more faster then other method, but it has
one problem if the javascript disable in the client.

Uh, the 1st method has this problem as well.

How do you think about the best method to implement this?

I think you are probably overly infatuated with speed. And if it is
justified, then you need to provide more info before we can tell you
anything worthwhile. How many hits per second are you expecting? What
percentage of attempts to be expect to be invalid? Are the users mostly on
an your intranet, or broadband, or dial-up? What are implications of bad
data? Are you using mod_perl? How good is your team at JavaScript? At
Perl?

Xho

--
-------------------- http://NewsReader.Com/ --------------------
Usenet Newsgroup Service $9.95/Month 30GB
.

Relevant Pages