Where do you record validation rules for form data in a web application?

Question

Say you have a web form with some fields that you want to validate to be only some subset of alphanumeric, a minimum or maximum length etc.

You can validate in the c

Answer 1

We try to keep get our validation done before it ever hits the database server, especially for our applications which are facing the public internet. If you don't do validation before the data hits the database, you put your database at risk for SQL-injection attacks. We validation through a mixture of javascript and code-behinds.