I completely agree, server-side validation does always have to exist.
That said, I like providing feedback on the validity of a form before
the user leaves the page AND I hate duplicating the validation logic
in Javascript when it's already present in my PHP.
What I did in my PHP framework (probably framework 2 billion and 1)
was set it up so you can use REST-ful calls to the PHP page that
contains the validation so you can retrieve the results of the
validation, allowing you to render whatever feedback you'd like on the
calling page through AJAX, or allow the request to proceed if it was
valid. Additionally, I've set my framework up so it chunks web pages
into various sections ('pipes'), allowing for REST-ful calls to the
PHP page that contains a pipe to easily render the HTML fragment
associated with a particular section, so you can progressively enhance
pages with javascript quite easily.
I'm pleased with this approach after using for it for a while now, and
I recommend it to others.
Adam
On May 14, 2008, at 10:48 PM, Chris W wrote:
I was wondering what others think of my approach to form
validation. I know many use Java script to do various validation.
However, since there is no way to be sure the data sent to the
server is actually valid, you have to check it in your php code on
the server anyway. Granted you don't have to, but if you don't, you
are just asking for someone to hack your system, or at the very
least screw up your data. So my question is since you have to do a
validity check on the server, why bother with the Java script? The
only advantage I can see to doing it with Java script is it will cut
down on the errors in data that get to the server and then in turn
reduce the number for resubmits and keep traffic down a little.
However since none of the projects I have worked on are very high
traffic sites, that hasn't been much of a concern.
Any thoughts?
--
Chris W
KE5GIX
"Protect your digital freedom and privacy, eliminate DRM, learn more
at http://www.defectivebydesign.org/what_is_drm";
Ham Radio Repeater Database.
http://hrrdb.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Adam Richardson
Envision Internet Consulting, LLC
Phone: (517)623-0485
Services and insight for building effective, user-oriented websites.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
