Re: Client Side Validation in Ofbiz

[Florin Jurcovici <fl...@mail.dnttm.ro>]

Hello.

I can understand your need for simple client side validations like  
mandatory fields. I see quite a few reasons for not using client side  
validations:

First, you never know who is calling into the services exposed by OFBiz.  
You wouldn't want somebody hooking into your implementation of OFBiz to  
damage your data by submitting data which is not valid from a user  
interface other than the one you designed and implemented, and where you  
carefully crafted all validations.

Second, validations imposed by business rules may be quite complex. So  
complex that you may query several objects other than the one being  
validated before you can validate the data that was submitted. Doing this  
in the client is not economic, IMO. Only allowing some validations in the  
client and other validations on the server would yield an inconsistent and  
harder to read the code, and probably also more difficult to program,  
since you need to always think/look where which validation is placed.

Third, some validations may require access to data to which the person  
submitting them should not have access. You may be able to implement such  
validations on the server, but I think it would be pretty difficult to do  
this on the client in a safe way, since allowing the client to access the  
protected data would actually allow the user to read this data.

br,

-- 
Florin Jurcovici
------------------
What happens if you get scared half to death twice?


On Thu, 31 Aug 2006 18:34:54 +0300, Sam Dave <lo...@yahoo.com>  
wrote:

> Hi,
> Can anybody of you tell me why Ofbiz didn't implement any client side  
> validation for required fields in any form ????
> Thanks in advance.
>  Sam Dave
> 		
> ---------------------------------
>  All-new Yahoo! Mail - Fire up a more powerful email and get things done  
> faster.