Todini, Gianfranco (TWIi London) wrote:If you care at all about the valididy of your data, NEVER EVER rely upon cleint side validation. NEVER! Server side validation is the ONLY reliable form of data validation. It's too easy to bypass client side validation. Get strings can be typed manuelly. Post data, while better, isn't that much harder to forge. Even to forge a full header isn't rocket science.where should I put now the form validation? I mean can I still use the onsubmit event on the input type image and use the same _javascript_ function that there was before or is it everytime better to have the validation on the server-side to have a proper accessible form? Thanks everyone. As a rule of thumb: Client side scripting is for the benifit of the client; server side scripting is for your benifit. |
- [WSG] javascript form submission Todini, Gianfranco (TWIi London)
- Re: [WSG] javascript form submission Lea de Groot
- Re: [WSG] javascript form submission Cameron Adams
- Re: [WSG] javascript form submission Mordechai Peller
- Re: [WSG] javascript form submission James Ellis
- Re: [WSG] javascript form submission Ned Lukies
- Re: [WSG] javascript form submission Aaron DC
- Re: [WSG] javascript form submission Mordechai Peller
- RE: [WSG] javascript form submission Nancy Johnson
- RE: [WSG] javascript form submission Chatham, Will
- RE: [WSG] javascript form submission Todini, Gianfranco (TWIi London)
- Re: [WSG] javascript form submission Mordechai Peller
- Re: [WSG] javascript form submission Mordechai Peller
