[Sigia-l] UI Design Question - Client Versus Server Side Validation
Jon Hanna
jon at spin.ie
Wed Feb 26 06:10:18 EST 2003
> On most the sites I work with, we >always< do server side,
> because some of the users may have their javascript turned off.
As well as that, and I think this is what Simon was getting at, you can't
trust clients.
Only server-side validation can protect you from people deliberately sending
invalid data (the number of sites out there that will let you mess up their
databases, obtain passwords, run arbitrary code, or send emails on your
behalf is pretty scary).
More information about the Sigia-l
mailing list