3

I use the ASP.NET validation controls in an ASP.NET web forms environment. Is the better approach to keep all of the validation rules server-side, such as using AJAX to validate a field, without posting the whole page back.

I found one control called ValidatorCallout ( http://www.asp.net/ajax/ajaxcontroltoolkit/samples/ValidatorCallout/ValidatorCallout.aspx ) but was trying to figure out if there was a better approach.

Improve this question
3
  • I used the ValidatorCallout too and was pleasantly surprised. What is your concrete problem or your concerns? Commented May 26, 2010 at 18:36
  • BTW: I dont understand your question about the server side validation. It is best to do clientside AND server-side validation. Both no problem with the ValidatorCallout. Commented May 26, 2010 at 18:42
  • Ideally I have all the validation logic server-side and associated with the business objects opposed to creating the same rules in per field in the client. So the form would call the client via AJAX to validate the fields with partial page postbacks. Frankly I’d like to have cleaner HTML as well, so I don’t have a ton of validation controls embedded in the HTML. Commented May 26, 2010 at 18:46

1 Answer 1

Reset to default
6

You should always perform Server side validation, regardless of whether you do any client side validation. This is because there are many ways around clientside validation, such as switching js off or sending a custom built request that doesn't use your page.

It is a good goal to use the same validation rules on both client and server. xVal is a good option for this.

A really good example of this is how I hacked a certain Airline website for our trip to Dubai. When I was trying to select a special meal for my daughter, who is under two years old, there was no "child" option in the select list. Apparently, child meals are only available if you are older than 2. There was a child option for my older daughter. So I opened Firebug, added the option, selected it and submitted the form. It was accepted.

On the flight two child meals turned up as ordered.

Damn! Come to think of it, I should have changed it to First Class! Not on the ball, Mr Dyson!

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks for looking at this older question. Basically I wanted to get away from the running the whole page client valiation because the Validation Controls create a ton of JavaScript calls. I was looking for a solution where I could just have my validation rules in my business objects, but use AJAX to simulate client side validation via partial page postbacks. The server side validation would always be in place.
No problem. Using AJAX to call the Server side validation code is a good compromise. The nice thing about xVal is that you can pick and choose between a number of clientside and server side implementations. xVal performs the translation. I personally prefer to use jQuery Validation on the client ans FluentValidation on the Server. The jQuery validation rules are emitted by xVal, based on the FluentValidation rules.
I'm currently using Web Forms, not MVC, but for my next project I'll like use MVC and take a look. It doesn't look like xVal has been updated in year. Is it still an active project?
Not sure about how active it is. You would have to contact the developers on it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.