Hey guys,
I know JavaScript is client-side, but does anyone have some good resources for ensuring JavaScript is used and used properly with server-side functionalities? I’m really not sure how to search this as I can’t really describe it, but do you know what I mean? Making sure JavaScript is enabled and that people don’t mess with my JavaScript code on my site or take advantage of it. I use PHP
You can tell PHP if JS was enabled after some interaction, such as submitting a form, but when the page is first generated PHP won’t know. And even for subsequent actions there is no way to ensure the user hasn’t modified your JS.
You should extend functionality using JS, not use it for the main functionality.
So don’t rely on any security measures to be performed using JS at all, no login attempts, nothing. Rather have that hard coded that PHP will check it no matter what. You can always use JS to do checks prior to submission or whatever you like as a “nice feature”, but do not use JS as the only checking point.
Can you describe your reason for needing to know if users have modified your JS? Is it some security concern? Secure token that is sent etc?