On Jan 15, 2008 10:38 AM, Richard Lynch <ceo@xxxxxxxxx> wrote:
>
>
> On Tue, January 15, 2008 9:02 am, Per Jessen wrote:
> > Nathan Nobbe wrote:
> >
> >> i think this ties into the thread tedd started a week or so ago
> >> about the best approach for collecting user data.
> >> it would be much easier to validate if there were 3 text input
> >> fields
> >> to collect the data, rather than 1, free-form field.
> >
> > I would stick to one date field with a simple javascript validation
> > (using a regex) at entry time followed by a semantic check that the
> > given day exists in the given month/year.
> > Of course, if you'd rather not use javascript, you could validate the
> > whole thing after POST.
>
> You have to validate after POST anyway; The JS can be bypassed/off.
>
> JS validation is eye-candy and reduces strain on the server by legit
> users. It is in no way, shape, or form to be considered actual
> validation of incoming data.
I was going to say the exact same thing, almost verbatim.
By only doing JavaScript validation, you're not guaranteed to get
the correct information from "smart" phones, Lynx users (some of us
still exist!), or a handful of other legitimate web surfers.... let
alone those who may choose to post to your form using cURL. >:-o
--
</Dan>
Daniel P. Brown
Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since
Nineteen-Seventy-[mumble].
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
