The disadvantage, however, is big: client-side support for scripting languages varies wildly, with some browsers supporting scripts very well, others supporting bits and pieces, and others supporting nothing at all. Furthermore, wily users can disable your client-side checking in order to feed you bad data - if you rely solely on client-side checking, you are bound to get hacked eventually.
Next chapter: Server-side validation >>
Previous chapter: Validating input
Home: Table of Contents
Copyright ©2015 Paul Hudson. Follow me: @twostraws.