Data::FormValidator is great, but it unfortunately doesn't also generate javascript validation code.

Though client-side javascript validation does not offer any reliability when used as the only validation stage, since it can be easily bypassed, when coupled with server-side (Perl) validation proves to be extremely precious in almost any web application.

It's precious because the client data does not have to reach the server to be validated, so you can save both bandwidth and server CPU cycles by intercepting wrong data right on the client machine, thus alleviating both your network connection and your server from receiving the wrong data, checking them and sending back the form again (possibly several times before a successful form submission.)
Furthermore, client-side validation gives your users a much stronger interactiveness feeling (and this is perhaps the most important thing.)
Then should a bad guy bypass your client-side validation, you always have your Perl validation code replicated on the server that will inexorably stop it.

So you could now think that it's a nightmare to keep in sync both Perl and javascript validation code (and you would be right, if you should do it by hand,) but what about if you could define your validation code just once (even in a declarative manner,) and get your Perl (server-side) validation code, and then get also javascript (client-side) validation code for free?!

Well, such a sweet thing is provided by (at least) two modules I'm aware of: CGI::Ex::Validate by Paul T. Seamons and CGI::FormBuilder by Nathan Wiger.
I don't know very much about the former, but I use the latter all the time (together with CGI::Application, as you required) and I find it nothing less than spectacular.
It has not all the data analysis capabilities offered by Data::FormValidator, but it has the most common validation schemes built-in (and it's easily extensible too, offering some useful javascript hooks.)
Furthermore it offers many other things related to web forms management, should you need it.
CGI::Ex::Validate should offer even more about data validation though, to be honest, I don't know how well it integrates with CGI::Application (CGI::Ex has got its own application builder, called CGI::Ex::App.)

Ciao,
Emanuele.

In reply to Should you need javascript too. by emazep
in thread Form Validation and Untainting by Limbic~Region

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.