Server-side Data Validation

When a form is submitted, data from output mapped Elements is sent to the form's Digitise Forms Server component from where it is forwarded to the relevant database(s). This means that your forms, which could be running in a browser on any computer, don't have direct access to databases; only the Digitise Forms Server component, which would usually be running on an internal system, communicates with your databases.

For extra security, you can specify that the following validations applied to Elements on your form should also be performed on data sent to the form's Digitise Forms Server component before it is forwarded to a database:

Required data
Format checkers
Maximum length

JavaScript functions and regular expression validations aren't supported in this feature because they could refer to items on a form which won't be accessible to the Digitise Forms Server component, such as the value in a particular Element.

This feature allows you to apply the above validations in the event that data is sent directly to the Digitise Forms Server component and hence isn't processed by the form's validation processes, in order to prevent the submission of invalid data in these circumstances.

Server-side validation is specified for individual Datasets and is on by default. If you don't want to apply validations specified in the form for a Dataset, you can disable it in the Dataset's properties.

If Server-side validation is selected, the form's Digitise Forms Server component will check for any validation Rules applied to Elements which are output mapped to data items in each Dataset defined within a form. If there are any, it will apply those same validations to any relevant data sent to it before it forwards the data to update a physical database table. If the data fails any of the validations, for security reasons the Digitise Forms Server will return a non-specific HTTP 400 Bad Request error to the sender but will also write a message to the Digitise Forms Server Log giving you more information about the reason for failure, including any Failure message specified for the failed validation in the appropriate Element's properties.

Note, however, that a Required validation Rule will not be implemented where an Element has a visibility expression other than 'true'.

If multiple Elements with validations specified are output mapped to the same data item in a Dataset, warning messages may be displayed when you publish your form to warn you if there any inconsistencies in the Rules specified. In this situation the following rules apply:

If a Required, Resource or Max Length validation is applied to one Element but not another, the rule will not be executed in the server-side validation.
If all the Elements have a required rule applied, the rule will not be executed if any of the Elements have a visibility expression other than 'true'.
If all the Elements have Max Length rules applied but with different lengths specified, the highest value will be used as long as it is lower than the data item's Max Length value.
If Max Length rules are applied to some of the Elements but not all or none of the Elements have Max Length rules applied, the data item's Max Length value will be used.

If you have assigned custom JavaScript or regular expression validations to any Elements, warning messages will be displayed when you publish your form to remind you that these validations won't be replicated by the Digitise Forms Server.

If Server-side validation is not selected, validations specified for output mapped Elements will not be performed by the Digitise Forms Server.

By default the property is selected.

For Recordset Element Datasets whose data structure is defined as static columns, the value of this property is inherited from the form Dataset and this option cannot be edited within the Recordset's Dataset. The form Dataset is the Dataset created using New Datasource from Form to output map non-Recordset Elements which aren't output mapped to another database.

For Imported Stored Procedures, this property is not relevant if the Stored Procedure returns a Result Set and therefore is not shown in the Properties Pane for Datasets corresponding to a Stored Procedure Result Set.