I do that quite often myself. I have a rather complex Intranet Web site. I generate a lot of JavaScript from my Perl code.

The trick is to know what should be done by JavaScript. And then starts the old and true mantra...

"Never trust a users input data."

The users input data is no more trustworthy because it's been mangled by JavaScript. The JavaScript code can be executed completely under the users control.

OTOH, JavaScript can be very helpful to show the user how to navigate the site, how to fill in the data entry fields, giving dynamic help and hints depending upon already chosen options or data entered in key fields.

The important thing to remember is that when the data is sent up to the server, it must be verified a second time. And that the server script is the ruling body. If the JavaScript approved the data but the server side script doesn't, then the JavaScript is wrong.

JavaScript has been given a bad reputation. I believe this is because JavaScript has been used for things it definitively should not be used for. It's supposed to be a help for the user, think user interface, not to be part of the data processing software.

---

Everything went worng, just as foreseen.