Re: Are there any legitimate uses for client side scripts on a banking website?
"when someone enters "100/23" they may try to transfer 10023.00 instead of 100.23"
Oh dear. That's exactly why I mentioned server side validation in the original post. You can still post the value "100/23" from the form but the validation on the server should check that's a legitimate monetary value (which it isn't, as it contains a /). I take the point that you might stop them posting it *at all* by using client side validation, but the principle still applies that the server should sanitize then validate all user input from forms anyway, so it's kind of redundant.
Biting the hand that feeds IT
