Javascript验证和PHP验证?
[英]Javascript validation and PHP validation?
问题描述
I am using jquery validation plugin for validation empty forms. 
我正在使用jquery验证插件来验证空表单。 Should I also check this in PHP to be sure on 100%? 我是否应该在PHP中检查这一点以确保100%? Or it is ok with javascript validation. 或者它可以通过javascript验证。 Thanks 谢谢
3 个解决方案
解决方案1
8 已采纳 2010-08-30 17:01:52
You should always do your validation on the server. 您应该始终在服务器上进行验证。
What happens if a user submits the form in some way not using Javascript? 如果用户以某种方式提交表单而不使用Javascript会发生什么? Then all of the JS validation is null and void. 然后所有的JS验证都是无效的。 Never trust Javascript alone. 永远不要只相信Javascript。 It's a very nice tool to use to make the site look slick, etc, but you can't assume the user will use it, even if you set it up that you aren't letting them submit normally. 这是一个非常好的工具,用于使网站看起来光滑,但你不能假设用户将使用它, 即使你设置它,你不是让他们正常提交。
When I personally put client and server side validation up, I work them to be the exact same validations. 当我个人对客户端和服务器端进行验证时,我将它们作为完全相同的验证。 That way, the user typically doesn't see the server validation, but if something goes wrong, the information is still validated a much as necessary. 这样,用户通常不会看到服务器验证,但如果出现问题,信息仍然会在必要时进行验证。
解决方案2
1 2010-08-30 17:03:36
Users can disable javascript wich would bypass all your checking. 用户可以禁用javascript,这将绕过您的所有检查。 For this reason you should always check input with php. 因此,您应该始终使用php检查输入。 Validating with javascript is mostly to make use of fancy ajax and jquery visuals. 使用javascript进行验证主要是为了利用花哨的ajax和jquery视觉效果。 The real validation is always serverside. 真正的验证始终是服务器端。
解决方案3
1 2010-08-30 17:04:00
javascript is executed by the client, so it is easily fooled. javascript由客户端执行,因此很容易被愚弄。 ALWAYS use server side validation as well. 总是使用服务器端验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.