Is client-side validation unnecessary?

Question

Please check this question before. I frequently heard about

"... don't trust the client ! never trust the client ! never trust the user inputs !"

I agree with client-side validation alone is a very bad idea. But if so , what is the advantages of using client-side validation ? Is it necessary or not? When should I use client-side validation ?

Forget about some bad guys (who try to hack), please think about should every request reach to server side ? I don't think so . Normal users can input wrong datas and these should be mostly end at the client side. I believe that it may improve site's performance.

I tried to Disable developer tools in my site to moderate bad guys. I use both client-side and server-side validations for my sites. I believe client-side validations were also needed. Any suggestions for using client-side validation ?

Answer 1

I personaly use like you both of them.

Imagine Email Regex:

Clientside:

You help the User do know about a mistake, if he forget @ or something like that

Serverside:

The best Regex can't help you, to know the Email is availible. You need to send him a Email.

General

Use Clientside Validation to help the User to detect Errors, use Serverside Validation, if you need some Data in a specific format.

Answer 2

Use client-side validations for better user experience. Having server-side validation is damn necessary, as validations on the client side can easily be tampered.

If you don't have client-side validation, then be ready to face the anger of your customers when your whole page reloads and then outputs "Sorry something was wrong"

Answer 3

Yes, separate client-side validation can reduce the load on your server, and can make your app appear faster to the user. It may also make the interface between client and server more simple.

However, unless you can write the validation logic in a form that can be executed on both client and server side, you'll be duplicating logic, with all the problems that causes.