Form validation - server-side (Dancer) and client-side (javascript)

pvbcharon has asked for the wisdom of the Perl Monks concerning the following question:

Revered keepers of wisdom,

after having written a couple of what the young folk would probably now call "web apps" mostly by hand, I have recently found Dancer and instantly fell in love with the amount of code I don't have to write anymore.

There remains one area, however, which seems to force me to repeat myself: form validation.

I have looked at some general solutions (HTML::FormFu which seemed a little much for what I wanted to do and Oogly) as well as some Dancer plugins (Dancer::Plugin::DataFu which seems to be based on Oogly and Dancer::Plugin::FormValidator where I seemed to be unable to read the documentation) but while they all seem to be nice solutions for server-side validation, I am looking for something that will allow me to specify some rules and enforce that set of rules on the server as well as on the client.

I think I have probably blatantly overlooked something there... Can anyone point me in the right direction?

Thanks!

Comment on Form validation - server-side (Dancer) and client-side (javascript)

Replies are listed 'Best First'.
Re: Form validation - server-side (Dancer) and client-side (javascript) by Anonymous Monk on Aug 24, 2011 at 14:51 UTC
HTML::FormFu::ExtJS CGI::FormBuilder/http://www.formbuilder.org/	[reply]
Re^2: Form validation - server-side (Dancer) and client-side (javascript) by pvbcharon (Beadle) on Aug 25, 2011 at 06:22 UTC
Thanks for your suggestions! HTML::FormFu::ExtJS will as I understand it only work with Javascript enabled browsers, though and CGI::FormBuilder seems rather dead...	[reply]
Re^3: Form validation - server-side (Dancer) and client-side (javascript) by trwww (Priest) on Aug 25, 2011 at 19:51 UTC
You can only do client side validation with javascript. Browsers do not have built in methods to do form validation.	[reply]
Re^4: Form validation - server-side (Dancer) and client-side (javascript) by pvbcharon (Beadle) on Aug 26, 2011 at 08:41 UTC
Re: Form validation - server-side (Dancer) and client-side (javascript) by onelesd (Pilgrim) on Aug 24, 2011 at 17:44 UTC
I am a huge fan of Dancer and Dancer::Plugin::DataFu. It doesn't provide the client-side javascript you are looking for out of the box, but you could extend it to do so by customizing the templates that ship with the module. Since DataFu builds it's server-side validation from the form profile, you already have the hooks you need to generate some javascript validation and insert it into the form.tt template. This would be a great addition to the module that you could send to the module developer and help the Dancer community as well.	[reply]
Re: Form validation - server-side (Dancer) and client-side (javascript) by Rhandom (Curate) on Aug 25, 2011 at 14:48 UTC
There is also CGI::Ex::Validate of which I am the author, but which I don't actively market. We have used CGI::Ex::Validate every week for the past 8 years. It has run javascript and perl validation on millions of pages. There are working javascript samples that you can try out that are directly linkable from the CGI::Ex distribution page. A good example to try is http://search.cpan.org/src/RHANDOM/CGI-Ex-2.32/samples/validate_js_2_onchange.html. The static examples included with the distribution are just a sampling of what could be generated from the perl validation markup. my @a=qw(random brilliant braindead); print $a[rand(@a)];	[reply]
Re^2: Form validation - server-side (Dancer) and client-side (javascript) by pvbcharon (Beadle) on Aug 26, 2011 at 08:42 UTC
Thanks for that suggestion, I'll have a closer look at it. At a first glance, it looks exactly like what I was looking for (and exactly like what I was plotting in my mind to write in case nothing good came up). Thanks again!	[reply]
Re: Form validation - server-side (Dancer) and client-side (javascript) by aaron_baugher (Curate) on Aug 26, 2011 at 10:22 UTC
I haven't tried this yet (I will on my next project), but it seems like an elegant solution to me: Create a validate() sub on the server side, that takes a hashref of params as an argument and returns an error string if anything doesn't validate. Then this can be called from both POST and ajax routes. On the client side, all you need is a bit of code that calls the ajax route with the form params before allowing the POST call to proceed. Not only does that eliminate duplication, but by not having the validation code on the client side at all, it's more secure, since the client can't look at the page source and see what your validator expects.	[reply]
Re^2: Form validation - server-side (Dancer) and client-side (javascript) by Anonymous Monk on Aug 26, 2011 at 13:23 UTC
Not only does that eliminate duplication, but by not having the validation code on the client side at all, it's more secure, since the client can't look at the page source and see what your validator expects. Since you're always supposed to do server side validation, like the OP does using FormFu, it is not more secure The point of client-side validation is saving server cpu/bandwidth, and instant notification for the user	[reply]