1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Is it good idea not to validate email

Discussion in 'HTML & Website Design' started by ketting00, Jan 17, 2023.

0
  1. #1
    I mean when we have something like this:
    
<input type="email" name="email" id="email" required>
    Code (markup):
    Can we skip the validation process?
    Isn't it duplication?

    Thank you,
     
    Solved! View solution.
    ketting00, Jan 17, 2023 IP
  2. sepoint

    sepoint Greenhorn

    Messages:
    71
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    23
    #2
    You can skip the check.
    But personally, I prefer to check also in PHP.
     
    sepoint, Jan 22, 2023 IP
  3. #3
    There is a very basic rule of security so far as HTML goes. NOTHING you do client-side can be trusted. Old UA's might not recognize any of that. Some script kiddy might bypass it with the document inspector. Bots might just read all the names and types of your form and bullshit it completely bypassing browser protections.

    It does not matter one blasted bit what you've done client-side, you check that information server-side before you do ANYTHING with it!

    It's why I never actually bothered using JavaScript client-side for this stuff, and treat the new 5 validations the way scripting validation should be. A convenience for the end user and to reduce having to spit the page back at the user on error. In no way, shape, or form is it ACTUAL validation.
     
    deathshadow, Feb 5, 2023 IP
    aurorazero likes this.
  4. laci272

    laci272 Well-Known Member

    Messages:
    163
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    118
    #4
    You do javascript validation for the user experience, not for security. It's faster to check in JS and trow an alert or display an error, than to have it done on the back-end, repopulate all the fields and display the error....
     
    laci272, Feb 15, 2023 IP
  5. c1lonewolf

    c1lonewolf Member

    Messages:
    57
    Likes Received:
    21
    Best Answers:
    1
    Trophy Points:
    33
    #5
    So laci, what do you think will happen if the user simply turns off javascript and submits the form? Presto you're hacked! Which is why you use a server-side language like php to validate the info even if it's a simple contact form being sent to your email address. Note, you don't have to know php, there are hundreds of plug-n-play validation scripts out there to help.
     
    c1lonewolf, Mar 2, 2023 IP
  6. laci272

    laci272 Well-Known Member

    Messages:
    163
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    118
    #6
    No one said you don't validate server side.. It's not an or proposition, it's and.. do both. I meant the error messages are more easily handled on the front end.
    If you disable JS, I assume you're a hacker or a maniac, so all you get if the form is wrong is: "submitted form is invalid" and you have to manually go back and resubmit.
    for 99.99% of user cases, JS validation works perfectly. For the one person a year who has JS disabled.. extreme privacy comes with a cost:)
     
    laci272, Mar 3, 2023 IP