Where do you record validation rules for form data in a web application?

Question

Say you have a web form with some fields that you want to validate to be only some subset of alphanumeric, a minimum or maximum length etc.

You can validate in the c

Answer 1

As noted by others you have to do validation at the Database, Client, and Server tiers. You were asking for a single place to hold validation so all of these are in sync.

One approach used by several web development frameworks (including CakePHP ) Is to organize your code into Model, View, Controller objects.

You would put all your data code including validation in the model layer (comments for database table structure or stored procedures if needed).

Next, In this Model define a regular expression for each field for your validation (along with generic max-size, min-size, required fields).

Finally, use this regular expression in to validate in javascript (view) and in on the server form processing code (Controller).

If the regex isn't sufficient - ie you have to check the database to see if a username is available, you can define a validation method on the model use it directly in your form processing code and then call it from javascript using ajax and a little validation page.

I'll put in a plug for starting with a good framework so you don't have to wire all this up yourself.