We’re not quite done yet. Client-side validation provides users with a far better experience than does server-side validation. But let’s take this one step further.
All the validation thus far checks for errors after a user inputs data into a form field. Which begs the question, why let users type incorrect data into form fields in the first place? If a form field requires specific data (like LoginID in the forms above, which required a numeric ID), let’s prevent the user from typing anything else.
As simple as that suggestion sounds, controlling user input at that level is rather complex, and requires some very sophisticated scripting. Fortunately, you don’t have to write that validation code either. The <cfinput>