1

looking to find out the best way to handle my form inputs. Firstly, the form is completely validated using Javascript. I presume validation is then done in PHP for users who disable Javascript. At the moment I am getting inputs like so

<?php

$title = $_POST['inputTitle'];
$name = $_POST["inputName"];
$surname = $_POST["inputSurname"];
$email = $_POST["inputEmail"];
$link = $_POST["inputLinks"];

if (isset($title) && isset($name) && isset($surname) && isset($email) && isset($link)) {
    //do something
}

Is it enough to simply do that? Or should I be doing proper validation on the email even though it was done in Javascript?

Also, would it be best to add these inputs to an array? I cant do it via html because I needed to give each input their own unique name.

Thanks

Improve this question
1
  • 2
    Client side validation is only for the convenience of the user. Every input must be fully validated on the server side. Commented Jul 23, 2015 at 10:26

2 Answers 2

Reset to default
2

You should still validate the variables, don't rely on the JavaScript. Your PHP code could receive inputs from elsewhere, the user could have JavaScript disabled, or deliberately manipulate the form in their browser to bypass any validation.

Moving the data to an array instead of individual variables depends on what you are intending to do with it.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You should treat Javascript validation as a "bonus" where PHP validation is a must.

Is better that to use empty() instead of isset() on input validation, since will return TRUE even user does not key in any value.

    if( !( 
        empty($_POST['inputTitle']) || 
        empty($_POST['inputName']) || 
        empty($_POST['inputSurname']) || 
        empty($_POST['inputEmail']) || 
        empty($_POST['inputLinks']) 
    ) ) {
        // continue validate inputEmail by using regular expression
    }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.