Should I validate data in javascript and php? [duplicate]

Navigation
0

I have a file that sends some data to another page with ajax . These data are mostly numbers, and are not stored anywhere. I just get some data in inputs and send it to the file php with ajax , and then return these calculated values to the page.

1st) Do I have to validate these values? I want to be able to do this, but I do not know how to do this.

2nd) We imagine that a person accesses that first page, or the second one directly with Curl , or something like that. It sends the JS method, and returns the values of the calculations. Suppose she does not have these calculations, and she has to go to my page to get them ... I do not want this to happen, for this, what can I do to not accept that the person sent a direct request to either page. Or is there not such a possibility?

    
asked by anonymous 09.07.2016 / 14:15

2 answers

2

1) Always validate the data!

2) Study more about protection CSRF . If you want to prevent robots from accessing your page directly, then I suggest you put a CAPTCHA .

    
09.07.2016 / 16:04
1

Always validate a user's server-side input, if any, with PHP.

Do not rely only on the client-side part, with JavaScript. This part is merely visual and aids navigation and usability. It is also important, but you still need to validate on the server because nothing prevents data from being sent by other means than a conventional web browser.

    
09.07.2016 / 14:46
How to make a login screen and password aps.net C # Rename an image