Stut wrote:
Ok, you're clearly missing my point and while I don't want this to
degrade into the usual pissing contest I do feel I need to clarify
what I was saying.
I completely agree that in this case Javascript should be used to
provide the user with feedback as to how close to the limit they are.
However, in your post you described the solution as either Javascript
*or* PHP when the best solution is both. What I was pointing out is
that while Javascript is a better solution from a usability point of
view, not doing the validation with PHP is dangerous regardless of
whether the length is validated using Javascript or not.
I certainly don't believe that PHP is the "total solution for most
situations", but when it comes to input validation you *need* to do
validation on the server-side regardless of what validation you do
with Javascript since you have no control over whether the Javascript
gets executed.
This sounds almost like the old DB vs. Application logic debate I see on
several mailing lists; whether you should store more logic in the DB
Server through triggers or through application logic. My point on this
is that it boils down to how important that data is. If it's somebody's
comments on their blog or on a post, I'd just leave it on the
application _or_ trim it down to the 300 characters and input it in.
bank transactions, I'd have so many triggers going it would be unreal.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
