The sense of Validation in Web

Photo by mari lezhava on Unsplash

In this blog, I am going to discuss Form Validations in the world of the web. Many times we fill forms on various websites. We typically fall into two situations as stated below -

1. We fill the form, and the great developer who coded this form puts the check there itself, so before even submitting the form we can correct ourselves then and there only.
2. Another developer was more cautious, he notifies us after filling a huge form, with around 20+ fields, that you need to refill the form or some of its fields because some fields were wrongly done. We are left in awe and fill it again!

Ever gave a thought to what is the difference between them?

The first was probably validated on the client-side giving you instant results while the second one first went to server code for validation.

Let’s understand what is form validation on first hand?

Validation is a simple process of testing to ensure that the user has filled the required information with proper formatting through the web form. When you enter some data into the field, the web application checks it to see if the provided data is in the correct format to avoid any confusion. If it is in the correct format, the web application allows the data to be submitted to the server and saved in a database; if the information is in the incorrect format, it gives you an error message explaining what needs to be amended.

Types of form Validations -

Client-side

Client-side validation occurs in the browser before the data has been submitted to the server. It is generally used to provide quick response/feedback to the user.

Server-side

Server-side validation occurs on the server after the data has been submitted. Server-side code is used to validate the data before the data is saved in the database or otherwise used by the application. If the data fails validation, a response is sent back to the client with corrections that the user needs to make. This is considered to be more secure as server-side code cannot be seen by the user if she view source.

Why do we need validations at all?

Improper validation of form data is one of the main causes of security vulnerabilities. It exposes your website to attacks such as header injections, cross-site scripting, and SQL injections.

Both the validation methods have their own significance. Client-side validation to provide a better user experience and server-side to be sure that the input you get from the client (browser) is actually validated.

Thanks for reading, see you in some other mystery of web :)