I have a form where each field is given certain properties via their class attribute.
i.e. is both a required input, and is expecting its value to be formatted as an email address.
Using Javascript/jQuery, I have iterated through all the inputs in the form, determined each one's associated properties (if any) and submitted them via ajax for post-processing server side using PHP.
So the PHP will determine in the above input's example whether or not $_POST["email"] 1) has a value and 2) the value is an email address.
I've not had any problems getting any of this intended behaviour to work. My question/concern is how to prevent a user from manipulating each field's properties using a code inspector tool such as FireBug before submitting the form i.e. remove the "required" class for the "email" id so that they can successfully submit the form without providing an email input. Is there anything that can be done to prevent the cunning user to take advantage of this? Or is this simply the result of ho开发者_StackOverflow社区w I've designed the form validation?
Any insight would be much appreciated.
Javascript is useful for providing immediate feedback to the user if a form's not properly filled out, so they don't have to go through a roundtrip of "fill out form, submit, get back error page".
But it should NEVER be the only validation method. By all means, test the form to make sure a valid email has been entered via Javascript, but you MUST ALSO DO THIS ON THE SERVER. Everything in the browser is by definition under control of the user, which means everything and anything can be trivially bypassed/forged/manipulated/subverted.
YOu don't have much control on what the user can do on the client side, they can disable javascript or like you said manipulate the form with firebug,
What you should focus on is to create a robust validation on the server side, to prevent them from adding invalid data.
Client side validation is a courtesy, Server side is a requirement!
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论