Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Where should data validation occur?

Tags:

validation

database

n-tier-architecture

I've read conflicting philosophies on where data validation should happen and it's just confusing me more. Some say it should only be in the database. Others say that the validation rules should be mirrored in other layers like the bll or ui.

Where should the data validation live? Should rules be split across multiple layers? What are some of the actual best practices (as opposed to theory, head in the clouds type stuff) regarding when and where to validate data in an application running on top of a database.

like image 973
Jeff Avatar asked Jan 27 '11 17:01

Jeff

People also ask

In which part does the form validation occur?

In which part does the form validation occur? Explanation: The data information from the client side is first sent to the server side. Form validation used to occur at the server after the client had entered all necessary data and then pressed the Submit button.

How is data validation performed?

Data validation refers to the process of ensuring the accuracy and quality of data. It is implemented by building several checks into a system or report to ensure the logical consistency of input and stored data. In automated systems, data is entered with minimal or no human supervision.

1 Answers

My 2 cents:

Data validation should occur in two locations:

  1. The point where data is acted upon, for example validating input parameters to an SQL query.

  2. General validation at the point where data is submitted, for example in a web application some validation should occur on the client. The advantage being that you can quickly notify users of input issues, i.e. incorrectly formed telephone number, string too long etc. However this should not be relied upon to be a authoritative validation check as, in the case of a web application, a malicious user may bypass an client side validation.

In my opinion the database should not be performing general validation, data should be validated/escaped/sanitised before it goes into the database. That said your database schema can give you a level of abstract validation through column data types, constraints etc. That said, any data that could trigger issues with these should be 'cleaned' before it is passed into the database.

This said, there are many wrong ways but there is no right way. Validation depends on the architecture of your application, the nature of the data within in it and how that data is used.

like image 74
MrEyes Avatar answered Oct 14 '22 07:10

MrEyes
Sign in to Comment

Related questions

I have a OneToOne relationship between two objects of the same class in a Django app. Is it possible to enforce the uniqueness of this relationship?
How to use time-series with Sqlite, with fast time-range queries?
Rspec, Cucumber: best speed database clean strategy
What is the best way to store single non-repeating data to a database?
What is the difference between a session store and database
What is the best approach to upload 1000+ records to a server that also contains images for each record from an iOS/Android app?
How to optimize count and order by query in millions of row
Load MIT-BIH Arrhythmia ECG database onto MATLAB
View and table in same name is it possible
Heroku shared db vs Amazon RDS Performance
Why 'Select' is called as DML statement ?
How do I import an .accdb file into Python and use the data?
Distributed Storage of BLOBs for .NET?
insert into database from Joomla form fields
Storing a multiple choice quiz in a database - deciding the schema
How does Facebook notify and instantly shows new comments or how does Stackoverflow do it?
How to export database with Adminer?
What is postgresql_psycopg2?
Java Connection Pooling best practices?
Is a DBMS (MySQL, SQL Server….) interpreted or compiled?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!