etidd — 2011-10-24T15:07:23-04:00 — #1
etidd — 2011-10-24T15:15:43-04:00 — #2
I should probably have something that catches if bogus data was entered or if the email entered is valid.
felgall — 2011-10-24T15:59:45-04:00 — #3
All form field validation MUST be done on the server after the form is submitted. If you don't validate on the server then people can submit garbage in the form and you'd never know.
etidd — 2011-10-24T16:06:49-04:00 — #4
Thank you for your post, Stephen.
Anywho, if form field validation MUST be done on the server, how do I invoke that process? Do I need to write any code and post it to my web server somehow?
Then, when I have data on my web server, how can I extract that data? Do I need a .csv file?
bumpngrind — 2011-10-25T00:22:00-04:00 — #5
Your question to Stephen depends on the language you're using. Try searching Google for +form +field +validation +[language you are coding in, for example PHP]. Hope that helps you to learn, there's no way you will effectively learn an answer to your question with a simple response on this forum. Please beware there are likely many more security concerns that you will need to address in your code as well, especially if you store submissions in a database (e.g. SQL injection attack prevention, etc.).