Var regex = new RegExp("string");
Source: Kevin Yank & Cameron Adams (September 2007):
Simply JavaScript Page 243.
does most of that job on the client.
In addition you have to test it on the server if you are paranoid like me.
1.) Never trust user input
2.) Always assume user input is malicious until proven otherwise.
That is Opera's principle in a nutshell.
Related WPW threads:
phpBB and security
Is MS SQL server the most secure SQL server?