comp.lang.php archive
Re: Validating form input data
Date: Sun Apr 30 2006 - 17:35:33 CEST
Jerry Stuckle wrote (in part):
> > You may want to take a look at this forms generation and validation
> > class that shows you how to do that. Additionally it generates your
> > forms with Javascript to validate the form also on the client site,
> > avoiding unnecessary server round trips just to tell the user the form
> > has invalid fields.
> >
> > http://www.phpclasses.org/formsgeneration
> >
> >
>
> And what happens if someone has javascript turned off?
>
> NEVER rely on client side validation!
>
Also, what happen if a hacker screen scraps your form and uses another
program to send information to your script directly to try to break it
or use it in ways you didn't think about.
Please go to the PHP Security Consortuim's web site <phpsec.org> and
read the different articles in both the "Articles" and "Library"
sections.
Ken
Received on Mon May 1 03:07:57 2006