SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Guru ripcurlksm's Avatar
    Join Date
    Aug 2004
    Location
    San Clemente, CA
    Posts
    859
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP/SQL Validation: Why even use JavaScript?

    Seeing how you can disable JavaScript, shouldn't all PHP scripts validate data?

    username == require minimum character limit, capital letters & numbers
    password == require minimum character limit, capital letters & numbers
    agree terms == $_POST is set && is valid
    captcha == $_POST is set && is valid

    ..etc.

    Sure JavaScript is the "front line" for your average user to provide data validation, but why not skip it and let PHP handle it all together?


  2. #2
    SitePoint Member
    Join Date
    May 2006
    Posts
    14
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You are absolutely right...

  3. #3
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Javascript provides immediate feedback, improving the user experience.

  4. #4
    SitePοint Troll disgracian's Avatar
    Join Date
    Aug 2006
    Location
    Samsara
    Posts
    451
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It also reduces load on the network and server by preventing the data being sent until it is correct. But for the reason you state, all client-side validation should be duplicated on the server as well.

    Cheers,
    D.

  5. #5
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Javascript provides immediate feedback, improving the user experience.
    Heading off errors at the gui level can also simplify your application's filtering a lot.

    Handling the submission of an empty form field can seriously obfuscate your backend code - depending on how you handle it of course.

    I use JS a lot on Admin screens, and if they turn it off nothing works and I log them out.

    I am not saying I don't filter all input, I still do, but to a far lower level. If they turned JS off and still managed to send stuff then I am not wasting time counting how many chars they send.

    On public sites, its a different matter. You have to rigorously validate in PHP, but then progressively add JS to make your site appear more responsive and friendly.

    So, its not a simple yes / no answer.

  6. #6
    SitePoint Wizard
    Join Date
    Mar 2008
    Posts
    1,149
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It is very annoying when sites don't use JS, and it's especially annoying when you have to reinput data (such as a password or CATPCHA prompt).


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •