On Wed, 2003-10-01 at 20:26, Manuel Lemos wrote:
> Hello,
>
> On 10/01/2003 08:43 PM, Chris W. Parker wrote:
> > $_SESSION['form_errors'] = validateFormData($formdata);
> >
> >
> > redirect("to_the_previous_page.php");
>
> You may want to study how this classic form validation and generation
> class works. It generates the necessary Javascript to validate on the
> client side and uses the class methods to validate on the server side.
>
>
> It makes it simple to generate, validate and process a form in the same
> script, thus avoiding needless server access roundtrips that only slow
> down the sites for the users.
While there is overhead in making that round trip, I wanted to note a
few reasons that I prefer server side validation.
Some input validation cannot be easily done with Javascript (like
checking for existing usernames in a database) so you end up showing
error messages in two ways. Sometimes the user sees a Javascript alert
and other times a message within the browser.
Validating server side also gives you an opportunity to gather
information about the way your application is being used. Supposed you
have a logging mechanism that writes validation errors to a log. You
might notice that there is a high frequency of failure for one kind of
validation. Maybe the instructions for a file upload are confusing and
users are constantly messing it up.
Also, hardware is very fast for what it costs (I know, don't solve a
problem by throwing money at it). Anyway, just some things to consider.
- Brad
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
