Client-side validation Javascript or Server Side validation PHP

Question

I have a form which submits data which is entered in the database. Is is recommended to perform both client side and server side validation ?

Answer 1

A lot of answers here deal with trust but that's not exactly what the OP is asking.

Is [it] recommended to perform both client side and server side validation ?

Yes, in modern web applications users expect fast responses and if you can do some simple data quality checks up front, do them. Doing so can only make the user's life better. On the same token you must do server side validation for security reasons. I live by the following rule...

Do client side checking for usability and do server side checking for data integrity and security.

Answer 2

Yes. Client-side validation is to help customer enter correct data, instead waiting for a time and then receive an error message from server. Then server-side validation is used to stop malicious attack, such as SQL-injection by fake request.

Answer 3

Yes. Client-side validation is only for the convenience of avoiding a round-trip for the user. It absolutely can't be relied on in any way to keep data clean for the web app.

Answer 4

Validation always happens server side.
Duplicating the validation in Javascript is nice for the user experience, but it's not validation!

Answer 5

You should go with server side validation because never ever trust user input. Client side validation can be by passed so it is always better to have it server side.

Answer 6

Never trust client side validation. Ever.

Client side validation is only there for one reason: to prevent data that does not fit into a certain condition from even being submitted to the server in order to save server-side processing that will always return false, so why submit it in the first place?

If you don't have server-side validation, you don't have validation. That is all.

Answer 7

Both, Client Side for user convenience and server side for our.