NYCPHP Meetup

[Dan Cech]

LK wrote:
> Hello,
> 
> I've spent some time developing proficiency in JavaScript and AJAX. Every time
> I try to go to the server PHP programming, I end up scratching my head asking
> why would anybody program on the server? 
> 
> Take form validation, for example. A user registers to a service for the first
> time and fills out a registration form. I need to check if the Username is
> already taken by someone else. In the JavaScript/AJAX framework the form and
> the entire page is available thru the DOM, and I just have a simple query.php
> script running on the server to execute queries and send back the result. I
> construct the query and AJAX it over to the query.php. If a record with the
> same username is found, I alert("...") the user to try it again. The original
> form remains on the screen without change. The deal is done.

Anyone viewing the page can easily reverse-engineer your code and post
whatever they like to the server.  You can certainly help the user to
enter correct data using client-side code, but because your code is
running in their browser, they are the ones in control.

The only way you can enforce any kind of validation rules is on the
server side, where you are in control.

Dan

> Not so with the server side programming. The form is submitted to a
> process_form.php. Then, if the username already exists in the database, the
> script has to rebuild the original form with the previous values filled in by
> copying user inputs from the $_POST array back into the HTML for *each* input
> field with <?php echo $_POST[] ?>, not to mention session state and other
> housekeeping. That seems like a lot of work to implement something so simple.
> 
> So what are the advantages of server programming? What what am I missing? 
> 
> Thanks 
> 
> Leo Kokin