[thelist] Client side vs. Server side?

two questions, two answers:

1. my rule of thumb: always validate on the server... once you have 
that working correctly and well, *then* you can consider creating 
client-side validation as a means to speed up the experience for 
the user... there a bunch of arguments to support this, but since 
i'm off to a meeting in a minute, i'd consult the archives cuz i know 
it's in there...

2. <input type="password" name="foo" value="" accesskey="foo" 
tabindex="foo">


> From:  "kev.skindrill" <kev.skindrill@bigfoot.com>
[snip]
>              My site will involve logging on using a name & password.
>              In
> everything I have read it makes it clear that validating the
> information can be done either client side or server side. The
> arguement given are that client side validation saves server
> processing time but the page will be quicker to load cos there is not
> so much code. However, doing it client side means that there is a lot
> of to-ing & fro-ing between the browser & the server. 6 of one & half
> a dozen of the other :)
>               I suspect that, for security reasons, doing the log-in
> validation would be best done server side, but I also intend to have a
> form for people to join the service so should this  be validated
> client or server side (I suspect this is just a matter of preference).
> I know enough JavaScript to do this client side so that won't be a
> problem.
>               And while I'm on the subject, does anyone have a script
>               that,
> when the user types in a password, it comes up as a series of
> ********* instead of their actual password?