Client-side validation

You can write scripting code (most commonly JavaScript) that will verify form fields contain good data before being submitted to the server, and this is often used. The advantages to using client-side validation are two-fold users receive feedback quicker (no need to go off to the server, process the information, then download another HTML page), and also it saves load on the server - more work is done on the client side.

The disadvantage, however, is big: client-side support for scripting languages varies wildly, with some browsers supporting scripts very well, others supporting bits and pieces, and others supporting nothing at all. Furthermore, wily users can disable your client-side checking in order to feed you bad data - if you rely solely on client-side checking, you are bound to get hacked eventually.

Most client-side validation is accomplished using the special "onSubmit" event of a form, which allows you to run JavaScript code to handle form validation when your visitor attempts to submit the form. If you return false from your code in onSubmit, web browsers will not proceed with submitting the form, which allows you to prompt visitors to correct any errors before submission.


Want to learn PHP 7?

Hacking with PHP has been fully updated for PHP 7, and is now available as a downloadable PDF. Get over 1200 pages of hands-on PHP learning today!

If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!

Next chapter: Server-side validation >>

Previous chapter: Validating input

Jump to:


Home: Table of Contents

Copyright ©2015 Paul Hudson. Follow me: @twostraws.