1

Here's the situation:

I'm using jquery.validate.js to validate my forms, but I need to add a server-side validation layer. jQuery Validate uses class names within form-elements to determine what it should do -- I want to fetch those class names into PHP so that I can perform the same validations on the server-side.

I'm hoping to do something like this:

foreach($_POST as $key=>$value) {
     $class=array(...// get this #key element class name list with jQuery
     $error=...// based on the class names, perform specific PHP validations
     if($error=="")
         return true;
     else
         return false;
}

Question is, can I do this? Can I fetch element class names w/ jQuery and pass them to PHP?

Improve this question

5 Answers 5

Reset to default
2

You could get jQuery to send the class names along with the form - HOWEVER this leads to serious security issues. Seeing as everything posted to your server is really done by your users browsers, your users will have the ability to then change your validation rules and as such bypass them, and that would make your entire purpose here useless. I would instead suggest the following.

Make a function in php to take in the name of a form element and return appropriate class names. When generating each form element for the form, call this function to get the class names (and then applying the jQuery validation). When you read your form in your PHP code - use the same function to get the class names and then you know which validation rules to apply in your server side php code.

Hope it made sense.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

How can I call a PHP function from jQuery?
@Ronny-André Bendiksen - this a completely different topic and would probably serve better with a new question. Short version would be to have a regular .php page where that function is getting invoked - and then utilize the jQuery.ajax method (see jQuery manual for more indepth explanation of this)
2

Never trust the client(browser)!

You should never allow anything on the client to dictate to the server how to test the validity of posted information.

This is a very bad idea.

Improve this answer

Comments

1

client-side:

function validate()
{
    var params = {
       var1: {key:$('#field1').get(0).className, value:$('#field1').get(0).value},
       var2: {key:$('#field2').get(0).className, value:$('#field2').get(0).value},    
       ...
    }
    $.post('http://host/validate_script.php', params, onValidate);
}
function onValidate(data)
{
    alert(data);
}

hope this will help... sure it's a simple way and you can do it more formalized.

Improve this answer

Comments

0

serializeArray will convert your form data to JSON:

var json = $('#formid').serializeArray();

Typically you can send the entire JSON string to the server which can take it from there.

Improve this answer

Comments

0

As mentioned above, you can use AJAX and JSON to pass the values to PHP. This will, however, not provide more secure validation than your regular JS validation (since your PHP will still depend on your JS)

If you choose to use this method, here are some improvements to the script provided previously by Evgeniy Savichev

<script type="text/javascript">
params = {
    elementName : {
        className : $('elementId').attr('class'),
        elementValue : $('elemenetId').val()
    },
    anotherElement : {
        //etc
    }

}

$.post('http://host/validate_script.php', params, onValidate);

function onValidate(data)
{
    alert(data);
}
</script>

However a better solution is to automatically generate and validate your form elements. The Zend Framework has a great class for doing so. I've included a simplified version of how something could look in case you decide to write your own script.

I hope this can be of some help to you

  • Wim

    $elements = array(
    'email-field' => array('email', 'required'),
    'integer'  => array('integer')
);

if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
    $error = false;
    foreach($elements as $elementName => $validators) {
        if (array_key_exists($elementName, $_POST)) {
            foreach ($elements[$elementName] as $validator ) {
                switch($validator) {
                    case 'email':
                        if (filter_input(FILTER_VALIDATE_EMAIL, $elementValue)) {
                            $error = true;
                        }
                        break;
                    case 'integer':
                        // etc
                        break;
                    default :
                        break;
                }
            }
        } else {
            if ( in_array('required', $validators) ) {
                $error = true;
            }
        }
    }
    if ( $error ) {
        // etc
    }
}
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.