Validation Controls and How They Work

Validation controls are used between <FORM> tags in a Web Form, and they validate that the user enters or selects the proper data from INPUT controls, such as the TextBox , TextArea , or ListBox . For example, you might validate that the user entered data into a required TextBox field or that an e-mail address was entered into a TextBox in the correct format (donny.mack@dotnetjunkies.com)the correct format being:

1. donny.mackOne or more characters

2. @sign

3. DotNetJunkiesOne or more characters

4. .a Period

5. coma URL Extension

When using a .NET validation control, you have the option to validate data on the server-side, the client side, or both. For security reasons, server-side validation occurs regardless of whether or not you have client-side validation enabled unless you explicitly disable server validation. The reason for this is mischievous users with a little programming experience can bypass your client-side validation with relatively little effort. On the other hand bypassing server-side code would be extremely difficult if not impossible . By no means does this imply you shouldn't use client-side validation. Ninety-nine percent of your users will be legitimate non-hacking individuals, and validating data on the client will save a round-trip to the server if the user mistakenly forgot to fill out a field or filled out a field with an incorrect type of data. For example, if you have a RequiredFieldValidator wired up to a required TextBox on your page and a user tries to submit the page without filling it out, they will get a warning message that the TextBox must be filled out before you will allow the page to be submitted thus saving a round-trip to the server.