I’ve noticed a lot recently, that a most websites and libraries go to enormous lengths to validate data through strict rules. But no matter how much validation you run the data through, there’s nothing to stop them providing useless and meaningless data anyway, so why bother? If someone is intent on wasting your time by submitting crap, it doesn’t matter if it is between the length of 5-10 characters and contains no trailing whitespace, they can still just submit crap (e.g. ‘asdasdasd’).

Websites are using validation for the wrong thing, becoming too fussy about the data they accept and wasting too much time validating it. The idea of validation is to stop people accidentally filling in a form incorrectly, not to force them to conform their data to your strict rules.

You validate to make sure a name is entered, because you want to know what your customer is called. So why check the length of it? It may be possible that they have a 2 character length name, or even a 100 character length name. By putting in strict validation rules, all you’re doing is annoying those few who actually do have data that falls in to those rare-cases that you never thought of.

Although I agree with strict validation on some cases… passwords for example. They’re you’re validating to stop the user from themselves. Or for cases where the system can only handle certain lengths of data, but that’s obvious.

So when you’re next writing a validation routine and you’re getting carried away using the library’s super powerful validating function, stop and think about what you really need to validate.