因为以前是用js做验证,但是别人禁掉js那么不为空的验证就没效了,所以后台也要加不为空的验证
但现在大部分都使用了html5 required了
那么后台还需要做不为空的验证吗?
阿神2017-04-17 11:52:36
Users can simulate browser operations and submit illegal data, which can be easily achieved with curl~
PHP中文网2017-04-17 11:52:36
Must be verified before and after. For a user who understands the front-end, he can maliciously attack your website.
迷茫2017-04-17 11:52:36
The backend still needs to be verified, and the front-end data is never trustworthy
大家讲道理2017-04-17 11:52:36
It’s definitely necessary, so I’ll add one more point.
Some mobile versions of WeChat’s built-in browser cannot be used required
伊谢尔伦2017-04-17 11:52:36
Of course you have to add
your review element and then remove required and try
PHP中文网2017-04-17 11:52:36
Front-end verification is just for experience, the back-end is the real verification
黄舟2017-04-17 11:52:36
Front-end verification is mainly for good user experience and fast response, but it is unreliable and can be bypassed; but background verification is the real verification of data legitimacy, so any front-end verification cannot Replaces background verification.
