Something that has bothered me for a while is how to combine Client and Server Side form validation as painlessly as possible (as a developer) while still maintaining a pleasant user experience. Its not just about being able to fall back when Javascript is not available, but having secure input to the database. I like to consider the Ajax-y/jQuery to be mostly in service of making data entry more efficient.
To that end here is my form design thoughts.
- Writing clear and concise labels and instructions (too many instructions means that my form has business logic problems)
- Scripting input events to alert the operator to problems as they enter data and as they submit
- Checking and sanitizing the data on the server before making changes to the database
- If the form is deemed valid, proceed to processing
- If there are problems, re-post the form and repopulate the data with error messages
From the reading I've done, there will always be some amount of duplication of code. This is the nature of web applications. This can be mitigated by having reusable code, both as JavaScript libraries and having modular server side code. How to do this will be the subject of this experiment.
My starting point is the article by Ben Nadel from December 2011 called How Client-Side Validation Is Changing The Shape Of Server-Side Validation. Part of the issues will be integrating the code into our style of FuseBox, finding a decent jQuery plug-in, I may have to buckle down and figure out how CFCs really work, figure out how to use Ajax and standard posts with the same code (probably related to CFCs) and lastly how to deal with dynamically generated forms.
Tall order. I should have done this years ago.