[Pdx-pm] Too much validation

Austin Schutz tex at off.org
Thu Nov 20 18:31:28 CST 2003

On Wed, Nov 19, 2003 at 10:39:05PM -0800, Joe Oppegaard wrote:
> So as a general rule of thumb, when should data validation be done?
> Catch it early or catch it when it actually matters? Or both? (Ugh,
> duplicate code).

	My suggestion would be when it can be done with the least work. That
would be "where it matters" in your example.

> Seems to me that typically you should catch it when it actually matters,
> so the calling code doesn't have to worry about what is and isn't
> acceptable. On the other hand, I guess I just feel dirty passing through
> data that I know could be invalid.

	If you use the module in many places you will soon tire of repeating
the same code and be thankful the module does the validation for you.
	The other great advantage is that if you change your mind about what
constitutes valid input it's in a single spot. Otherwise you may be chasing
down regexes in 50 different CGI scripts, etc.

	I dunno, that's my 2c.


More information about the Pdx-pm-list mailing list