tags:

views:

111

answers:

4
+1  Q: 

Can I validate with javascript and then process with php?

I am creating a simple form. I would like to use embedded javascript to validate that the form is filled out and then, if it turns out to be valid, process the data with a php script.

I don't know how to do this, because I don't know how to associate more then 1 script with a form.

<form id="aform" name="aform" action="myvalidationscript.js" method="POST" onSubmit="return checkForm()">

will get my form validated and only send the date if it is valid, but how do I get it to understand that there is a PHP file on the server that wants to accept the data and do something with it?

Either this is possible and I don't know how to do it, or I have the model for validation all wrong. I recognize that I could do the validation in the same PHP file as the processing, but I would like 1) the option to organize my code by functionality a little better than putting everything in one script, and 2) the option to validate client-side with some embedded javascript.

Any suggestions?

+10  A: 

Never trust the client-side. You should have all your validation logic on the server-side in php. On the client-side you could add validation logic simply to enhance the user experience.

In addition, the action attribute specifies the URL of the server-side script that should handle the completed and submitted form. It is not there to associate a client-side script with your form.

Daniel Vassallo  2010-06-07 13:03:59
how do I specify where the function checkform() is located?
RoryG  2010-06-07 13:46:20
@RoryG: You are already invoking it in the `onsubmit` event handler. All you need to do is to include the script in your HTML document, using `<script src="myvalidationscript.js"></script>` in the `<head>` block.
Daniel Vassallo  2010-06-07 13:53:13
OK - so what I understand is this: when I invoke a function, the page goes looking through all the scripts linked to that page for the function - I don't need to explicitely tell the page in what script to look for it
RoryG  2010-06-07 13:56:10
@RoryG: Yes that's correct. Most probably your `checkForm()` function is defined in global space (which means that it is not an inner function of another function), and therefore it can be invoked from anywhere.
Daniel Vassallo  2010-06-07 13:59:49
+1  A: 

You can use jquery validation a best theme are listed here. Also you better use php validation as well because javascript execution is in user's computer and even beginner users can simply use firebug firefox extension to pass the jquery validation and trust me you don't want them to do that.

tazphoenix  2010-06-07 13:07:04
Firebug isn't even needed: you can simply turn off JavaScript to bypass validation algorithms on the client.
Marcel Korpel  2010-06-07 13:18:46
For Sure!......
tazphoenix  2010-06-07 13:26:41
+3  A: 

There's nothing wrong with client-side validation, just as long as you use it simply to enhance the experience of the user and don't rely on it. Remember that any script executed by the user agent (browser) is entirely under the control of the user, meaning an attacker can bypass it with minimal effort.

You should look at http://jquery.com/ or another similar JavaScript library, as these make the whole process much, much easier.

Will Vousden  2010-06-07 13:07:49
+1  A: 

To bu sure to be understood I'll begin with "don't trust the client side"

But, Javascript validation is a very good thing for users. for example a little red flag near a field to say that it's mandatory and if you submit the form, you won't have to wait the php to validate, the js will do it before and cancel the submit.

Ok I admit, it's not a big deal, but it's one of these little things that make an app better.

But be sure to re-validate them on the server side !!!

Onigoetz  2010-06-07 13:46:03
OK - I think I get what everyone is saying. I will validate in my PHP code, but for a user's sake, I would like add some client side validation - Do I still do this with the onSubmit action? and if so, how do I specify to the form where the checkform() javascript function is?
RoryG  2010-06-07 13:52:11

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases