[snip] why would you validate data on the server if you have a JavaScript that checked the user's input before it gets submitted to the server ? I mean the whole point of you having that JavaScript is to make sure the the correct data gets entered so why bother checking it once again on the server-side with PHP ? Wouldn't that be redundant and a waste of resources ? [/snip]
Javascript can be turned off. Never trust the data you get from forms or query strings, they can easily be tampered with. Client side validation is just a convenience, save the users a round trip to the server and back to display input errors. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
