On 24 Feb 2005 08:22:39 -0600, Bret Hughes <bhughes@xxxxxxxxxxxxx> wrote: > On Thu, 2005-02-24 at 01:04, Dotan Cohen wrote: > > > that. A little javascript goes a long way in these sort of situations > > > > You don't want to do that will javascript. I, for one, surf with > > javascript turned off. The malicious script kiddie, I would presume, > > also would be very happy to send you a silly filename without letting > > javascript check it. > Javascript and client-side HTML bounds checking can be very useful. It's a hell of a lot easier to be able to have the web browser tell the user that what they've put in is invalid, rather than have them upload their stuff, have the web server check it all over, and then send back a 'sorry, this is broken' message. Just don't rely on it for security. -- AdamT "Justify my text? I'm sorry, but it has no excuse." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
