On Wed, May 14, 2008 at 10:48 PM, Chris W <2wsxdr5@xxxxxxx> wrote: > I was wondering what others think of my approach to form validation. I > know many use Java script to do various validation. However, since there is > no way to be sure the data sent to the server is actually valid, you have to > check it in your php code on the server anyway. Granted you don't have to, > but if you don't, you are just asking for someone to hack your system, or at > the very least screw up your data. So my question is since you have to do a > validity check on the server, why bother with the Java script? The only > advantage I can see to doing it with Java script is it will cut down on the > errors in data that get to the server and then in turn reduce the number for > resubmits and keep traffic down a little. However since none of the > projects I have worked on are very high traffic sites, that hasn't been much > of a concern. > > Any thoughts? > > > -- > Chris W > KE5GIX > > "Protect your digital freedom and privacy, eliminate DRM, learn more at > http://www.defectivebydesign.org/what_is_drm" > > Ham Radio Repeater Database. > http://hrrdb.com > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I think you'll find most people on this list in agreement. PHP level validation is a must, as JavaScript is unreliable at best. Now, the only real advantage I've seen with JS validation is just to have that first line of validation to save the end user some time in between submits. If you don't want to bother with it, don't. I tend to just for that first layer. -- -Dan Joseph www.canishosting.com - Plans start @ $1.99/month. Reseller plans and Dedicated servers available. "Build a man a fire, and he will be warm for the rest of the day. Light a man on fire, and will be warm for the rest of his life."