Summary of form validation methods

Hello Shauna,

Is there a summary anywhere of data entry form validation techniques for Rails apps? I've come across lots of snippets of advice but they are all so far-flung that it's hard to sit down and organize an approach. The kind of thing I'm looking for would be a simple list with entries like:

validates_presence_of    1. simplest: Make sure your table model contains a line like         validates_presence_of :LoanID, :message => "is missing"       This will catch the error after the form is submitted by the user.    2. Use JavaScript to check for null in this field (onchange ?)    3. Use DrySQL... (when does this catch the error?)    4. Others?

I don't know much about DrySQL, but I'm sorry to say your approach doesn't make sense. Validation rules must be part of your model, so use Rails validations or customized validations. Keep in mind that your datas can be used through web clients or other means : WebServices, REST api... So imagine that you decide to do only JavaScript checks on the client side (let's keep away the JS disactivation pb), without using rails validations, what will happen if you corrupt your datas, say during a migration ?

So use Rails validations, then decide if you want client-side validation with JS to improve the client experience.

In other words, I'd like to see a summary of techniques for each type of validation that can be applied to a data entry field. Then I (or the rest of you!) will be able to pick and choose among the techniques which are best for the particular situations at hand.

I don't think such a summary exist. You can't trust client side validation. Do your server-side validations, add if needy client-side (JS) validation/checking.

Just my 2 cents,

  -- Jean-François.

Teehee. She said DHTML. Where’re my bell-bottoms?

Seriously though, relying on JavaScript methods without providing alternate methods of getting things done [for those who have JS disabled, etc] is the biggest concern. You’ve got to make a call on exactly how important that is to you. Not to call anybody out but I noticed that even Backpack disables some functionality when you turn off JS. Most of their users probably wouldn’t do something that strange but they might for your app. That [plus the differences between DOM structures and JS functions between browsers] would be the main worry I’d have.

As far as simple validation goes. Sure, use JS to validate it on the client-side. If they’re not using it then make sure the model validates it as well. I wouldn’t assume the user is JS-enabled. Not when there’s so safe and sure a client-side solution.

RSL