I was wondering if it is enough to check blank fields and valid email forms... only with required html 5 attribute or is it better to add some checking at the server side with php
Asked
Active
Viewed 300 times
0
-
I guess this question is relatively close to yours: https://stackoverflow.com/questions/162159/javascript-client-side-vs-server-side-validation – Pierre Aug 20 '18 at 16:14
2 Answers
0
I recommend so much that you check this also on the server side in ANY case. Do not trust HTML5 field functions, they are not meant to provide serious security.
Always check, filter and sanitize user input on the server side.
Asisito
- 84
- 3
0
You should do checks, both on frontend and backend side. Imagine situation when someone gives his mail in a form: "qwerty".
If your checks are just to see if there is any content, than "required" is enough (unless you have some custom javascript code that reads the fields and submits them. In such case required will not help you). Your checks shouldn't rely just on that though, you should check validity of the data, otherwise you can have SQL injection easily for example.
Loreno
- 668
- 8
- 26