php form validation help required_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2022-12-11 22:27 出处：网络

I want to validate my html form using both java script a开发者_StackOverflownd php so that If some one disable java script then php validation works

相关专题：php

I want to validate my html form using both java script a开发者_StackOverflownd php so that If some one disable java script then php validation works can any one tell me that how can I do this

You must ALWAYS validate/sanitize data on the server side (PHP in your case), whether or not JS validation is used. JS validation is only for convenience, to make feedback available faster and prettier for the user but it can be bypassed at any time so the real stuff happens on the server side.

JS validation for the sake of UI
PHP validation for the sake of security and data integrity

This means that you'll have to code a full PHP validation anyways but if you want to make the feedback for the user available while typing or when stepping to the next form field, you can use JS validation.

Apart from that I would only write my own validation for learning purposes or if existing (high quality) code doesn't do what I need. Otherwise I would use tested form validation libraries (PEAR, Zend Framework, etc.). Same for JS.

On the PHP side: check the contents of the data and validate them. Write functions that return a boolean indicating a valid input. These functions can be very small or very big; it depends on the data. YOU must decide what is valid data or what not. If one of your values is not valid, redirect your page back to where you came from (and make sure you pre-fill the valid values) or an error page.

E.g., if a user must submit an integer value only, you can check if the data by passing it through the 'is_numeric' function. If that returns false, then you know the data is not valid. More real-world examples are e-mail adresses, but you probably can figure out how to do this on your own :-).

It basically boils down to knowing what data you expect to receive and checking for valid data; that is, what you think and decided what is valid or what not.

A flexible solution to your problem would be to only validate on the serverside (via PHP.) With the use of AJAX, the javascript can ask the PHP-code if the input is valid or not. That way you wouldn't have to duplicate any validation scripts.

Whatever you do, never skip the serverside validation (it seems you got this under control - good.)