Where should data validation occur?

Question

I\'ve read conflicting philosophies on where data validation should happen and it\'s just confusing me more. Some say it should only be in the database. Others say that the

Answer 1

it should be done:

• at the point it is first entered
• anywhere along the way it is changed/manipulated
• anywhere along the way it could cause an error or incorrect data

so in a database driven web forms app, for instance, you would have client-side javascript validation, probably some server side validation in the business logic, and then further constraints in the database, ranging from datatype to check constraints.