|
Posted by John Meyer on 01/12/06 21:06
Stut wrote:
> Ok, you're clearly missing my point and while I don't want this to
> degrade into the usual pissing contest I do feel I need to clarify
> what I was saying.
>
> I completely agree that in this case Javascript should be used to
> provide the user with feedback as to how close to the limit they are.
> However, in your post you described the solution as either Javascript
> *or* PHP when the best solution is both. What I was pointing out is
> that while Javascript is a better solution from a usability point of
> view, not doing the validation with PHP is dangerous regardless of
> whether the length is validated using Javascript or not.
>
> I certainly don't believe that PHP is the "total solution for most
> situations", but when it comes to input validation you *need* to do
> validation on the server-side regardless of what validation you do
> with Javascript since you have no control over whether the Javascript
> gets executed.
>
This sounds almost like the old DB vs. Application logic debate I see on
several mailing lists; whether you should store more logic in the DB
Server through triggers or through application logic. My point on this
is that it boils down to how important that data is. If it's somebody's
comments on their blog or on a post, I'd just leave it on the
application _or_ trim it down to the 300 characters and input it in.
bank transactions, I'd have so many triggers going it would be unreal.
[Back to original message]
|