Server Side Validation test

A "plain-vanilla" data entry form. This form has NO client side validation (intentionally, so we can test the server side validation unimpeded)

Fieldname   Comment
ID Database record ID. Integer >= 0
custname Required
amount $ decimal, range 10 to 20 if not empty
custemail Must be valid format if provided
trandate LSIsDate value for current locale (English (Australian)) (or blank)
Must be between 30/07/2010 08:33 and 9/08/2010 08:33
ie now and 10 days from now
register Just to test that validation handles an unticked checkbox
comment Some space to test sql/code injections here. Also spam words.
Username Rules for this test are:
Must be between 6 and 15 characters.
Alphanumeric, no underscore.
Must include at least 1 numeral and 1 alpha.
Password Note: Not hiding password characters intentionally.
Rules for this test are:
Must be between 6 and 10 characters.
Alphanumeric, underscore allowed.
Must include at least 1 numeral and 1 alpha.
Not the same as the username

Test 1: - standard form submission except there is no client side validation

Test 2: Send ID via URL - calls to the target page must come from this page (ie the url must contain the same sessID value as generated by this page) and the ID is validated as above

Test 3: Send this form data via ajax - send via ajaxcfc and display the result at the end of the page