Working With Rails

It’s dead simple … Just take a look at the examples and you should be fine …
http://livevalidation.com/examples

ya checked that.. but which .js file to download.. can u just briefly explian… because i am very new to ror and interested in live validation….

There should be a file named livevalidation_standalone.compressed.js in your download files – copy it to your public/javascripts file and include it. That should do the trick.

Just a little recommendation: If you’re new to Rails, I’d suggest building your first apps without too much AJAX because it can sometimes be quite tricky. Try to get comfy with Rails first and add the AJAX stuff later.

HTH

thanx kof.. let me try it and know u the results…

Sergio Gil released a plugin recently which allows automatic integration with the livevalidation library. The nice thing is that it uses the validations defined in your model to generate the javascript which keeps things nice and DRY.
Not all validations are supported but the main types are all there.

You can find the docs here: http://livevalidation.rubyforge.org/

And always remember that any client-side validation is cosmetical only. As the saying goes – never trust user input. Use live validation all you want, but make sure all data is also checked again by implementing the proper validation in your model, e.g. by using the nice plugin mentioned by Kevin above.

Did I already mention never trusting user data?

It’s that important, really.

Thorsten is right, but probably it should be mentioned why (among other reasons) client-only validation could be a serious security risk: You should be aware that user input can not only be generated by submitting your forms (as you intend). In fact, any request that is sent to your app gets processed – so if a user hijacks your form and adds some fields that you don’t protect accordingly, everything could turn very black for you.

A popular example regarding user management: Imagine a user model with several fields, “admin” (boolean, default false) among others. If admin is set to true, the user has admin privileges and can change pretty much everything on the site. If you don’t secure your app accordingly, a malevolent user could manipulate your form and pass an additional field named “admin” with a value of “1” on to the request – and get admin privileges. A simple attr_accessible / attr_protected call will clean the situation and make your app safe (at least against this kind of attack).

So as Thorsten says: Use client-slide validation for provide immediate user feedback but do ALWAYS validate (probably even more thoroughly) user input on the server side for both, writing to the database and outputting data from the database into your views.