One task, when you write HTML forms, is validating user input. We all know that we should do it, but so far we've written a simple form, which will trustingly accept any data the user enters. You should always assume that a minority of your users are malicious, and the others could make some mistakes too. Validating your form tests the information they submit, to make sure it fits rules you specify.

You can do it on the client side, using JavaScript, but this is of limited value as a security precaution, as the user can easily circumvent it. Validating the data on the server side means an extra round trip to the server, but it's worth it, for the added peace of mind.

It's also quite complex to write ...