As you have seen in the preceding chapters, many web applications involve user input. The sad fact is, however, that users make mistakes: they skip required fields, they put in six-digit phone numbers , and they return all manner of incorrectly formatted data to your application. Your database routines can choke on corrupted data, and orders can be lost, for example, if a credit card number is entered incorrectly or an address is omitted, so it is imperative to validate user input.
Traditionally, it takes a great deal of time and effort to write reliable validation code. Each field must be checked, and routines must be created for ensuring data integrity. If bad data is found, error messages must be displayed so the user knows there is a problem and how to correct it.
In a given application, you may choose to validate that certain fields have a value, that the values fall within a given range, or that the data is formatted correctly. For example, when processing an order, you may need to ensure that the user has input an address and phone number, that the phone number has the right number of digits (and no letters), and that the Social Security number entered is in the appropriate form of nine digits separated by hyphens.
Some applications require more complex validation, in which one field is validated to be within a range established by two other fields. For example, you might ask in one field what date the customer wishes to arrive at your hotel, and in a second ...