On Fri, 29 Oct 2004 09:36:07 -0400, Ben Ramsey <lists@xxxxxxxxxxxxx> wrote: > Precisely... you can't rely on the the client to do your checking. You > need to check from the server side to make sure no one's going to spoof > your code. With that in mind, you mind want to implement both > client-side and server-side checking. That way, it gives your legitimate > users a more user-friendly approach, while still ensuring from the > server-side that no one's going to spoof your form. I agree. No sense in blasting a bad form post off to the server if you can preempt it with javascript. Put the load on the client when possible I say. -- Greg Donald Zend Certified Engineer http://gdconsultants.com/ http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
