On Sat, 2008-12-06 at 08:38 +1100, Clancy wrote: > On Fri, 05 Dec 2008 20:24:07 +0000, [EMAIL PROTECTED] (Ashley > Sheridan) wrote: > > >On Fri, 2008-12-05 at 15:16 -0500, Bastien Koert wrote: > >> On Fri, Dec 5, 2008 at 3:18 PM, Ashley Sheridan <[EMAIL PROTECTED]>wrote: > >> > >> > On Fri, 2008-12-05 at 12:08 -0800, Yeti wrote: > >> > > Java Script should always be an option, unless you write the > >> > > validation for yourself or people you personally know only. > >> > > > >> > JavaScript is client-side, ergo untrusted. Javascript can be nice as an > >> > addition, but only that. > >> > > >> > > >> > Ash > >> > www.ashleysheridan.co.uk > >> > > >> > > >> > -- > >> > PHP General Mailing List (http://www.php.net/) > >> > To unsubscribe, visit: http://www.php.net/unsub.php > >> > > >> > > >> Never trust the user, always validate on the server > >> > > > >Or, never trust the user, the user is stupid ;) > > Or, worse, malicious!
Never underestimate the power of stupidity! It's trivial enough to test for the obvious malicious attacks, but idiocy opens up a whole new world of problems that the sane mind could never comprehend! Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
