At 11:42 AM -0500 9/11/10, Tamara Temple wrote:
The debate on client-side vs. server-side form validation is ongoing. Client-side is more responsive, and attempts to keep bad data from ever reaching your application, but relies on javascript being enabled. Since this is something easily turned off by users, one can't always rely on it to do form validation. So server-side validation is needed as well to allow your full application to gracefully degrade in the absence of working javascript on the client's side. Coding defensively helps!

It's not a debate.

You can provide progressive enhancement to your form to help your users *IF* you want.

You should *always* validate all the information coming from the outside world.

The question of *if* you want to do both is your choice without any debate. Those are only choices that you can elect to follow or not.




PHP General Mailing List (
To unsubscribe, visit:

Reply via email to