asp.net validation controls and database validation

[hamking01]

What's the recommended best practice for data validation? Is asp.net validation controls enough or should I also create validation in sql stored procedures? What do you guys think?

I was discussing this with a co-worker, and feel that asp.net controls should be enough and would be easier to maintain if the validation values were to change. Co-worker wants to validate using both controls and on the database side for more security.

 

[ca8msm]

I'd say that the actual data should be validated before it is sent to the database. The datbase should have the job of simply inserting the data and shouldn't have the extra load of doing validation that should have already been done.



____________________________________________________________

Need help finding an answer?

Try the Search Facility or read FAQ222-2244 on how to get better results.

 

[jbenson001]

I agree with ca8msm. Let the database do other types of validation which it is built for such as Primary and Foreign key relationships, unique indexes, etc.

Jim