Please wait while we load your page...
 

Announcements



Webmaster Tutorials

Webmaster Tutorials


Secure Form Validation
Form validation should always be done both on the browser and server side. The browser (using client-side JavaScript) can catch simple failures like mandatory fields that are empty, and when you enter text into a numbers only field. These can, however, be bypassed: for example, if JavaScript disabled in browser. You should make sure you revalidate and perform deeper validation via server-side validation (after form submitted). Failing to do so could lead to malicious code or scripting code being inserted into the database or website. Better to side with caution. Better to over-validate rather than under-validate, and server-side validation should always be employed: especially if the form sends emails, writes to files, or writes to a database.

Last Revised: 2015-08-31 23:49:19

Live Chat Not Available