I implemented my validation logic as follows:
<h:inputText id="title" value="#{...}"
required="true" requiredMessage="...some..text..."
validatorMessage="...some..other..text..." >
<f:validateLength minimum="10" maximum="50"/>
</h:inputText>
I read a lot about clientside and serverside validation and about their advantages and disadvantages. But I have no idea about what the code above does.
Can somebody please explain that :-)
Cheers
In client side validation, it's the client (webbrowser) which validates the input with help of a client side language, e.g. JavaScript. In server side validation, it's the server (webserver) which validates the input with help of a server side language, e.g. Java.
You should never do only client side validation, because the result is controllable (and thus also hackable/spoofable) by the enduser. Usually, you'd like to use client side validation because it gives much sooner feedback. The enduser doesn't need to wait for the form submit being completed and doesn't need to face a "flash of content" (page blanks out and then redisplays with new content). You'd like to use server side validation to ensure the integrity of the submitted data. The enduser has in no way control over the outcome of the server side validation.
In case of JSF, the validation via built-in required="true" attribute and standard/custom validators is always server side. Since JSF 2.0 it's possible to submit a form (and thus also validate the form) using builtin ajaxical functionality. This combines the best of the two worlds: having instant feedback without flash of content and the robustness/integrity of the server side validation.
See also:
How to perform validation in JSF, how to create a custom validator in JSF
Related
I have started using parsley.js for for validation and it is working great, just added more advanced validation that needs remote data, and got an issue. parsley-remote works fine, but it only send the data of that specific field to the server (title). In order to do my validation, I need also the data stored in the hidden field name="mcid". Can I manage this with parsley? Ideally a general approach that I can use for my entire application (large application, so keeping page specific code to a minimum).
My form (simplified):
<form>
<input type="text" name="title" required="required" parsley-validation-remote="/Admin-Category/validateMainCategoryTitle/" data-validation-remote-method="POST"/>
<input type="hidden" name="mcid" value="2060"/>
</form>
I don't believe that there is an easy way to do it with the built-in Parsley remote validator - any possible solution would be a complicated workaround and you would be better off going with straight JavaScript to do it.
How is the value in the hidden field set? If I were doing this in Java, I would put the hidden field in the DTO or in the UpdateController so the value would be available to the validateMainCategoryTitle method. Is that possible with your application?
Alternatively, since you have both the values available on the form, can you write a custom parsley validation routine to check them, or do you need to go back to the server for some reason?
Just a follow up on my own question. Parsley is now release in v.2 and the new parsley remote plugin has standard support for sending more parameter. Problem solved!
I always use ModelState.IsValid for check all of my model validation validated correctly in Server Side, but I think there is a limitation to use this. For example I define a Remote Validation attribute, but if I disable javascript then ModelState.IsValid don't check Remote Validation and always return true, Where is the problem? this is a limitation for ModelState.IsValid or is my fault? If necessary I can Add all my implementation.
This question has come around a few times. The answer is: it doesn't validate on the server-side, you have to perform the validation action yourself. See also following SO posts:
asp.net mvc 3 serverside remote validation not working on submit through fiddler
RemoteAttribute validator does not fire server-side
Of course, it would be nice to be able to validate it anyway on the server-side. Luckily some nice guy made an implementation for it. You can find his short blog post: http://www.tugberkugurlu.com/archive/asp-net-mvc-server-side-remote-validation .
For 90% of my site the standard MVC annotation with client script method is working a treat. But I have a form on the site that is quite complicated with multiple instances of dynamic form content dependant on answers to questions etc.
If I have the unobtrusive script included on the page, it's capturing the form submit and not allowing my custom jquery validate to validate the form.
I don't really want to refactor the site to have a seperate layout to remove the script when it's not needed. I wondered if there was an easy way to give control back to my custom validate script.
Any help would be great.
In your view you can disable client side validation like this
Html.ViewContext.ClientValidationEnabled = false
I have an MVC object (3.0) that uses the RemoteAttribute to verify whether a name already exists in a database. This works fine, however in testing we are having instances where people clicking submit rapidly enough can get a form submission through before the validation finishes.
My first thought to this is to make sure that validation occurs on the server side, as well. Is there any way to enforce this without writing another custom validator attribute?
It is a good practice to enforce validation on the server side because relying only on client side validation is not enough. So writing another custom validation attribute is necessary.
Did you forget if( ModelState.IsValid ) ... on the server side ?
My application uses MVC validation explained here:
http://blog.stevensanderson.com/2010/01/28/validating-a-variable-length-list-aspnet-mvc-2-style/
And it works fine with both server and client validation when the form is posted. However my problem is that I would like to have client validation on one of the fields before the form is posted. So when the TextBox loses focus it is validated directly.
I have solved it by using jQuery validation on the field that is validated before the form is posted.
You must use JQuery validations so that it will validate before posting. It also highlights those area where validation fails.