ASP.NET validation
You have to check at both ends.
-
Client side to provide feedback, immediately so that users can respond quickly (bonus for them) and you save server resources (bonus for you).
-
Make sure that any non-JS user agents can validate the input. This is important in order to prevent malicious / corrupted data from entering your system.
If you're just going to do this, make it server-side, but there are significant user benefits by implementing a dual system.
source to share
on the client side and provide feedback when they hit the submit button
but since you cannot trust client side validation and also server side validation and display feedback on postback if things are wrong.
but since you cannot trust the calling code, also check with the database server (stored procedures are best) and return errors back to the calling code if something is wrong.
this way you covered all bases
source to share
It is generally considered good practice to validate both client-side and server-side ... in case someone tries to directly submit a POST form without actually loading the page.
As far as displaying the validation message is concerned, this is a personal preference. I kind of try to give feedback as soon as possible, so I'll do things like regex validation when a field loses focus.
source to share