form validation with javascript vs php

Question

Why should I bother to use JavaScript for form validation when I still have to use PHP since the user could have JavaScript support turned off.

Isn't it unnecessary?

Update:

Ok thanks for your answers. it sounds like a good idea to have it on the client side too. where can I download good JavaScript validations?

Do you know where I can download a validation script like that one in yahoo when you register an account?

Answer 1

Javascript validation allows your user to be informed of any errors prior to their submitting the form to the server. This saves irritating page-reloads (since on submit the JS catches the event and validates the form, preventing form-submission if errors are found) and minimises the chances of their having to re-enter information again (and again and again...), or leaving prior to completing the form properly. JS validation is not a substitute for server-side validation (since the user can see the JS, and, by saving the page and amending the JS do whatever they want); but it's a convenience for them.

This is simply part of the concept of progressive enhancement, whereby JS provides a mechanism for enhancing the experience for the user, if it's there and turned on, and hopefully makes their interaction with your site pleasant, or, at least, minimally irritating.

---

Edited in response to OP's question regarding 'where to download a JS validation tool.'

While I can't -necessarily- recommend any one library (I tend to write my own as required, or borrow from previously self-written examples), a Google search threw these options up:

• http://www.jsvalidate.com/
• Stephen Walther's page, discussing Microsoft's CDN and jQuery-validation, linking to jQuery Validation plug-in:
• jQuery.validate (hosted at MS' ajax.microsoft.com subdomain)
• jQuery.validate.min
• jQuery validate plug-in homepage (bassistance.de).

Answer 2

You should ALWAYS validate in PHP on the SERVER SIDE and validation in JavaScript is CLIENT SIDE validation for user CONVENIENCE. Thanks to validation on client user may find errors in his form without page relodaing. But user may sent form data without data script validation (for example he may not have JS support in web browser), thus always validate on the server side.

Answer 3

... as courtesy to the users pretty much. Makes life easier for the ordinary users that simply commit human things from time to time.

Answer 4

I recommend you using unified server-side and client-side validation using a framework, since it may avoid confronting the user to data valid on client side but rejected by the server, or the opposite (client side too restrictive). Following list of framework give information about server/client side validation: http://en.wikipedia.org/wiki/Comparison_of_web_application_frameworks

Answer 5

It's a matter of whether you want your form (and website as a whole) to be interactive-cum-user-friendly or not. You can just let the server-side do the validations and throw the error back to the users but that would be less interactive and less user-friendly than warning the users before they submit the form (although you still need to validate the inputs on server-side no matter what). Just my 2 cents :P

Answer 6

Yes, it is best practice to validate the user input values from both sides client and server side ,

some cases client was disabled javascript or mobile browser that doesn't javascript, remember there is spammers also.

Answer 7

To my mind, only client-side-checking of form input does not work because of security. Imagine you want to check a user password(if "yourpwd" == userinput), with js the user will see the password because it is in the browser-sourcecode .With php, it is not visible because php is for some reason hidden.

Answer 8

我建议使用Javascript用于客户端而Php用于服务器端这将使交互或用户友好的站点nad减少重新加载页面多次以防用户提交错误的数据