0

Consider the scenario of refactoring and reorganizing a very large PHP project that contains a lot of pages with forms.

I've already written a quite flexible and compact JS validation function (with regexs, custom expressions and so on), but I'd like to migrate to JQuery's validation for its more structured and clean approach.

Client-side validation is nice as it is immediately responsive and gives a great feel to the UI, but this also leaves me with the problem that client-side validation could easily be tampered with, so I thought to "mirror" the validation rules also on the PHP (server) side to make things even (integrating if possible filters and sanitizing of data to address injections and other malicious behaviours).

Do you feel that this approach is the best one? Any general suggestions for implementing this?

Is there some kind of tool, framework, or PHP class that can take charge of this duplication, avoiding the rewriting of every rule in PHP?

If not, I considered writing my own PHP class, with methods to add rule by rule and a method that echoes a JQuery validation mini-script or function, but I'm not sure if this could be a good approach and how to use it efficiently. Any suggestions for me?

Thanks in advance.

Improve this question

1 Answer 1

Reset to default
2

I used to do similar, client side validation, with the same rules mirrored on the server side.

A couple years ago I decided to ditch the client side validation as I didn't care about extra hits to the server. I now do all validation server side, and then in javascript call it with ajax so you don't have to worry about the page reload and losing inputes on the form. Plus only doing 1/2 as much validation coding is a plus.

I have never used it but it looks like Yii framework has a validation class that does both server and client side http://www.yiiframework.com/doc/api/1.1/CActiveForm#enableClientValidation-detail

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Your approach was one of the possible scenarios I was thinking of (using the same server-side rules, with a class that handles them directly if server-side and via ajax if client-side) but I was concerned with the additional server hits. But maybe you're right, they could be not a problem. I'll try also the link, thank you :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.