Testing for required input in servlet?


I am using javascript in my .jsp pages to check if the user entered data in the required fields.

I wondered if most developers also tested in servlet, incase javascript did not work? Or if this was not required anymore since javascript part of most modern browsers.

I am using this code in my jsp.

<form method="post" action="loginservlet" onsubmit="return validate(this);">

Could I test in the servlet if the onsubmit was successfull?

Who is Participating?
I ALWAYS test at the servlet as well...

The javascript makes it quicker for the end user, but if that's all you're going to check, the chances of someone manipulating the script to enter code which exposes or crashes your database later on is too great to risk...

Never trust javascript.  Use it to improve the end user experience, but never trust that it has run (or has run correctly)

You can use javascript to test user input and  this is faster too.
Sending request to server and getting back the result will take lot of time.

> incase javascript did not work?
this means that your script is not proper or a possible bug in it.

> Could I test in the servlet if the onsubmit was successfull?
you can validate in servlet also, but i would suggest u to write javascript for user input validation.

if you validate both in the front end(JSP ) using javasript and also  in the javascript its just redundancy of code.
basic of accomplishing validation is , perform all the validations in javascript , but only some validation in your servlets.

For ex: in you jsp, name, empid, salary, age etc. has to be entered  and in your javascript you are validating for each and every input , but in the servlet  its better you validate only empid since based on the empid you can retreive all the values from the database, and then if its a very important data to be validated then you can validate the user entered data against the one retrieved from the database.

Always validation entirely depends on the scenario and how important a data is.

JavaScript is always the best with respect to performance and there are various ways in whcih you can prevent your javascript code modification.

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

I completely (but respectfully) disagree ;-)
I agree with Tim ;-) , best to check in a servlet.. safer and secure.. No time to hack those javascript login ;-D

-Muj ;-)
EmailSurferAuthor Commented:

Could I ask finally,

In javascript are there any methods similar to java's indexOf, for example so I could check a email field contains a @ and . characters.

I would also further check for these in the servlet, just incase javascript is switched off.

you will find javascript examples here
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.