Form Validation with JavaScript

JavaScript is not a true security measure in itself, but rather an added level of security and a convenience to your users. Because JavaScript is a client-side technology (whereas PHP is server-side), incorporating it into your pages can save users the hassle of having to send the form data back to the server before seeing there are problems. Instead, you can use JavaScript to immediately run through some tests and then, if the data passes, send the form information along to PHP.

I say that JavaScript in itself is not a security measure because it can be easily turned off in a user’s browser (Figure 10.14), rendering it completely useless. It is critical that you view JavaScript in this light and continue to use ...

Get PHP and MySQL for Dynamic Web Sites: Visual Quickpro Guide, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.