I am developing an ERP system using PHP as a server side..So I need to be very careful for the security of my website/system. I’ll be also using JavaScript for client side validation. So I want to be sure that client has JavaScript turned on, of course I’ll be validating the data server side too but I don’t want unnecessary server calls, mainly I am concerned about forms..and the data the clients fill in and submit..so what should I use to submit my data?
Default HTML submit and validate here with JavaScript (Note : Useless if JavaScript is turned off by the client)
<input type="submit" name="Add Data" />
Or submit using an anchor tag <a> with help of a JavaScript (I found this meaningful as if JavaScript is turned off he wont be able to submit the data)
<a href="#" onclick="document.getElementById("form_id").submit();">Submit</a>
So are there any bad points if I use <a> tag for submitting data or should I stick with the default submit button? And if I use <a> for submitting the form data, than I’ll be able to validate the data using JavaScript?
You can’t. Even if you design the system to break without JavaScript, someone could reverse engineer it and submit bad data manually.
That’s the solution
If you are getting enough accidental submissions with errors in them from people with JavaScript turned off to give significant performance or load worries, I’ll eat my hat.
Yes. Bind the JavaScript to the
submitevent on the form.Don’t do that.
Yes!