I am wondering about the right way of validating data on client and server side.
I have spreadsheet, made with JExcel addon, and I have to check if any user has changed headers. Spreadsheet data is generated using pivot function in database, so the column count and order would vary.
I locked all possibilities of headers editing by ordinary users, but if someone knows how to use console, it may be unlocked. The pivot is similar to the picture below:
The JExcel loads data from dynamic JSON generated by PHP script. I can calculate "checksum" for header order, but how to validate it when user will update spreadsheet? I have to validate if user sends spreadsheet based on the same pattern. How to do it in best way?
EDIT:
I created process logic:
- When the data is called by the user, php generates datahash and assigns it to the php session_id.
- Session_id is coded into md5 as well as datahash and all is saved to mysql database.
- The datahash is passed via http headers with ajax response (to deliver hash for the client-side verification)
- After the data is sent back, server reads all hashes generated within current php session.
- If any hash matches - data is valid. This solution is good, because I only need info if this data has been sent to user.
