[nycphp-talk] AJAX and State
Elliotte Harold
elharo at metalab.unc.edu
Fri Sep 7 06:14:03 EDT 2007
Dell Sala wrote:
=
> The problem with what you're describing is that all your form validation
> code (business logic) is deployed to the browser as javascript. For
> serious applications, the server cannot rely on the client to take care
> of things like validation, because they can easily be bypassed.
Of course not, which is why you double validate: on the client to help
the honest user and on the server to keep out the hackers. This is true
whether we're using HTML forms + JavaScript, XForms, or Web Forms 2.0.
Client side validation does not replace server side validation.
> What ajax allows you to do is keep the heavy lifting business logic on
> the server (where it belongs), but have your web page change it's own
> state without having to ask the server to redraw an entire document
> every time it needs some new information, or a calculation performed.
Yes, though that's actually not what Ken was talking about. :-)
--
Elliotte Rusty Harold elharo at metalab.unc.edu
Java I/O 2nd Edition Just Published!
http://www.cafeaulait.org/books/javaio2/
http://www.amazon.com/exec/obidos/ISBN=0596527500/ref=nosim/cafeaulaitA/
More information about the talk
mailing list