I have a form that is sending data to a MySQL database and I want to make sure several of the fields are not left blank. I think I can figure out how to do this with JavaScript, but my question is should I? When I made the database table that I am working with I made the fields that I want to make sure are filled out NOT NULL to ensure I would at least get a MySQL error when they were left empty (I also realize that “empty” and NULL are not the same thing).
My question is, should I check to see if fields are empty/null with JavaScript before the form is submitted, or should I let the user attempt to submit the form and then base my corrective action on what every MySQL error I get back?
And a second question, if I do the first (check with JavaScript) what is the point of creating some fields NULL and some fields NOT NULL in my database if I am going to be catching all the possible “errors” with JavaScript before the submitted form hits the database?
You should validate on the client side before sending the data to the server. This would allow you to highlight errors to the user, potentially before they’ve submitted the data to the server.
But you should also validate on the server side. It’s possible for someone to maliciously send invalid data to your server, bypassing the client-side validation.
Client-side validation is good for ensuring that the user gets some helpful feedback when they haven’t filled in a form correctly. But relying only on that validation is insecure. Make sure the the server doesn’t allow invalid data.
Also, if you ever allow the data to be accessed through some sort of API, you’ll want server-side validation to prevent invalid data getting into the database.