Re: Re: How to re-order an array

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 10 June 2006 21:08, jekillen wrote:

> You misunderstand my question. I know the limitations of javascript.
> The server won't respond to events registered in the browser. I write
> tons of forms that are all processed
> by the client with javascript. I have written ferocious regex filters
> that hack apart form submissions before they even leave the client. I
> have set it up so if the client doesn't
> have javascript enabled, the form won't submit if it is going to the
> server. That is why as much as possible I shift form processing to the
> client as much as possible, for
> security and to off load work to the client. I use php to dynamically
> write js files when necessary, anticipating what data will be
> requested.

"...shift form processing to the client as much as possible, for security..."

Client-side security isn't.  Your server has no way of telling if the data 
it's receiving is from a properly setup client that did the correct JS 
filtering, or if it's from someone writing as simple bot/script/program 
that's just sending GET and POST requests to you.  Your PHP should never 
trust the client to be benign.

-- 
Larry Garfield			AIM: LOLG42
larry@xxxxxxxxxxxxxxxx		ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 
Jefferson

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux