Quote:
Originally posted by Cuball
I think most browsers are JavaScript capable now ... A simple (fast) javascript check might be better imo, and a lot less serverload.
|
There's one thing that I feel you should always keep in mind when doing code that accepts data from an untrusted source. Never trust what comes from the client, always verify it. Sure, you can do a client side check, but still never trust it, it's easy to bypass or just to create some false responses. Trusting what has come from the client is a recipe for disaster.
You can never be too secure.