If I check the data entered by the user through jQuery.validationEngine and simply write the result to the database, will I be able to protect myself from malicious code? Well, so that the data is immediately filtered and does not use validation by PHP
- And what will happen if the user disables JS in the browser? Or, more interestingly, replace your JS with your own (with different validation rules)? - Dmitriy Simushev
- Well dealt with this, can you advise php validator? - No0k
|
1 answer
Using data verification only on the client side, the server is not protected against harmful data, since such protection is easy to manage, because it is fully accessible to the user. Validation of forms in javascript is usually used to help the person who enters the data, as prompts: it is necessary to fill in the field, indicate the correct phone number, prevent typing in the e-mail, etc. But before entering the data into the database or is still processing on the server side, the data must be cleaned of the potential threat of at least the built-in functions of php or another language. The article on Habré is well explained and comments are helpful.
Andrew Hobbit Andrew Hobbit
2,869 one 7 sixteen
|