客户端验证和Ajax请求
[英]client side validations and ajax requests
问题描述
I think the only advantage of client side validations is they prevent pages from being reloaded. 
我认为客户端验证的唯一优势是它们可以防止重新加载页面。
Say I have an ajax function to send a request to a php file. 说我有一个ajax函数将请求发送到php文件。 The server performs validation and if some errors are found, returns them to the client. 服务器执行验证,如果发现一些错误,则将其返回给客户端。 The ajax that receives the error messages would then output them to the browser. 接收到错误消息的ajax会将其输出到浏览器。
I've read that some people also perform client side validation before it gets submitted by ajax. 我读过一些人还在ajax提交客户端验证之前执行它。 Why is this necessary if I can return data from the server without reloading? 如果我可以不重装就从服务器返回数据,为什么需要这样做? Isn't ajax enough? 阿贾克斯还不够吗?
3 个解决方案
解决方案1
1 2017-10-29 07:25:58
In the Client Side Validation you can provide a better user experience by responding quickly at the browser level. 在客户端验证中,您可以通过在浏览器级别快速响应来提供更好的用户体验。 When you perform a Client Side Validation, all the user inputs validated in the user's browser itself. 当您执行客户端验证时,所有用户输入均在用户浏览器中进行了验证。 Client Side validation does not require a round trip to the server, so the network traffic which will help your server perform better. 客户端验证不需要往返于服务器,因此网络流量将帮助您的服务器性能更好。 This type of validation is done on the browser side using script languages such as JavaScript, VBScript or HTML5 attributes. 这种验证类型是在浏览器端使用脚本语言(例如JavaScript,VBScript或HTML5属性)完成的。
For example, if the user enter an invalid email format, you can show an error messeage immediately before the user move to the next field, so the user can correct every field before they submit the form. 例如,如果用户输入了无效的电子邮件格式,则可以在用户移至下一个字段之前立即显示错误消息,因此用户可以在提交表单之前更正每个字段。
Mostly the Client Side Validation depends on the JavaScript Language, so if users turn JavaScript off, it can easilly bypass and submit dangerous input to the server . 大多数情况下,客户端验证取决于JavaScript语言,因此,如果用户关闭JavaScript,则可以轻松绕过JavaScript并将危险的输入提交给服务器。 So the Client Side Validation can not protect your application from malicious attacks on your server resources and databases. 因此,客户端验证无法保护您的应用程序免受服务器资源和数据库的恶意攻击。
As both the validation methods have their own significances, it is recommended that the Server side validation is more SECURE! 由于这两种验证方法都有其各自的意义,因此建议服务器端验证更加安全!
解决方案2
1 已采纳 2017-10-29 07:26:39
Ajax is enough but say you have a large form with large piece of content that it's gonna post, and if there is an issue it will fail to submit after the server serves your request and validation. Ajax足够了,但说您有一个大型表格,其中包含大量要发布的内容,如果出现问题,则在服务器处理您的请求和验证后它将无法提交。 It's a waste of server resources I think. 我认为这是浪费服务器资源。 So in this case it's better to add some client side validations. 因此,在这种情况下,最好添加一些客户端验证。
解决方案3
0 2018-12-25 13:45:33
Not necessary but it has professional advantages: 不必要,但具有专业优势:
User friendliness:
用户友好性: - The user gets warned immediately without reloading 立即警告用户,无需重新加载
- The user is familiar with his own browser and the way it notifies him about each field 用户熟悉自己的浏览器及其通知每个字段的方式
- The user gets warned immediately without reloading
Other advantages:
其他优点: - No extra server page load 没有额外的服务器页面加载
- You can use the :invalid css (and re-use it on server page invalid validation) 您可以使用:invalid CSS(并在服务器页面上重复使用它无效验证)
- You can minimize your server invalid response code, since all the checks the client can do, don't have to be re-notified (as user friendly). 您可以最大程度地减少服务器无效的响应代码,因为客户端可以执行所有检查,因此不必重新通知(因为用户友好)。
- No extra server page load
Though ALWAYS do a server validation as hackers, tweakers and API users can get around client validation. 尽管总是像黑客一样进行服务器验证,但调整者和API用户仍可以绕过客户端验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.