Form Validation with JavaScript
JavaScript is not a true security measure in itself, but rather an added level of security and a convenience to your users. Because JavaScript is a client-side technology (whereas PHP is server-side), incorporating it into your pages can save users the hassle of having to get to a PHP script before seeing there are problems. Instead, you can use JavaScript to immediately run through some tests and then, if the data passes, send the form information along to PHP.
I say that JavaScript in itself is not a security measure because it can be easily turned off in a user’s browser setting (Figure 8.5), rendering it completely useless. It is critical that you view JavaScript in this light and continue to use PHP as your ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access