Re: Are there any legitimate uses for client side scripts on a banking website?
"when someone enters "100/23" they may try to transfer 10023.00 instead of 100.23"
Oh dear. That's exactly why I mentioned server side validation in the original post. You can still post the value "100/23" from the form but the validation on the server should check that's a legitimate monetary value (which it isn't, as it contains a /). I take the point that you might stop them posting it *at all* by using client side validation, but the principle still applies that the server should sanitize then validate all user input from forms anyway, so it's kind of redundant.