0

I came across few web applications which involve php, javascript and html. There I noticed that the form validation is being done in both javascript and php. What is the use of this kind of practice? Is is not sufficient if the form validation is done directly in the php script?

Gopal1216
  • 421
  • 3
  • 7
  • 14

6 Answers6

1

Client side javascript validation is not manditory. It just prevents the client (whose JS is enabled) to submit or reload the page. Server side validation is the most important as JS validation can be bypassed by simply turning off JS. The JavaScript Validation should never be relied alone.

The PHP Validation (server Side Validation) is robest & cant be manipulated by the client. If its not implemented, you may end up with worse data & more worse will be SQL Injection. So in practive we tend to use both JS & PHP validation together

Akhil Sidharth
  • 746
  • 1
  • 6
  • 16
  • 1
    Just to add to this, JavaScript validation is usually used for the visual aspect of form validation, such as highlighting the text area red if the input was wrong, or some other similar visual effect. PHP is used for the security aspect, ie the actual validation of the form, and is also great for adding dynamic text as it can be imbedded straight into your HTML form – samrap Feb 27 '14 at 06:51
  • Nice answers here : http://stackoverflow.com/questions/162159/javascript-client-side-vs-server-side-validation – Sandeep Nayak Feb 27 '14 at 06:51
1

Client side validation is not mandatory. Developer use Javascript validation to prevent the page refresh or reloading process. But for security purpose it is not good. Because some browsers allow to disable javascript to run at that time your client side validation will not work. But you can make interactive and attractive user interface using Javascript.

In this type of situation you should go with the Server Side Validation(PHP). Because there is no opetion with user to disable or enable Server Side scripting. For security reason it is good to use Server Side Scripting.

As per my perspective you should use both validation (PHP/Javascript).

Techno Cracker
  • 453
  • 8
  • 26
0

You are right, PHP validation is THE MOST important. Although, with javascript validation, the client will not automatically do the request if there is an error. So there is no page reloading on his side (the data is kept in the fields which is good), and the server is not overloaded with bad requests.

If you have time to code only one validation, do it on the PHP side. IF you have time for both, then go for it, it's a good thing, really, as mentionned above.

Loïc
  • 11,804
  • 1
  • 31
  • 49
0

Back end validation is a must. Validations written in JS also for reducing the number of silly requests to server, avoid accidental form submissions, show the error messages quickly without having to wait for the server response.

Ramesh
  • 4,223
  • 2
  • 16
  • 24
0

if you want to validate input of user on the client side first because you can give better reason to the average user why his or her forms value is not proccesed.

For example:
if user enter an invalid date you can show an error message that he entered a wrong date.by this way user imediatelly corrects the date and its dave user times. If you only validate on the server, they have to submit the form, get an error message, which will take to much time.

in short:
javascript validation is for client side to provide a better user experience and server side (php) is for checking is user bypassed the javascript validation or not

Advantages:
Javascript is executed on the client side so Javascript is relatively fast to the end user

Kumar V
  • 8,810
  • 9
  • 39
  • 58
Govind Singh
  • 15,282
  • 14
  • 72
  • 106
0

Form Validations are usually done both at client side(Using JavaScript/jQuery etc) and Server Side.(Java/PHP etc.)

But the important point to note is the client side validations are done to provide better feedback to the user and to minimize requests being sent to server and sent back again.

Always go for Server side validations as the browser may have JavaScript disabled. JS code could even be overwritten or malicious code can be added at the client side.

Sandeep Nayak
  • 4,649
  • 1
  • 22
  • 33