Difference between revisions of "Form validation"
From Joomla! Documentation
(Fix namespace) |
(Some markup changes.) |
||
Line 1: | Line 1: | ||
<noinclude><languages /></noinclude> | <noinclude><languages /></noinclude> | ||
<translate><!--T:1--> | <translate><!--T:1--> | ||
− | Joomla has client-side and server-side form validation capabilities. | + | Joomla has client-side and server-side form validation capabilities. |
+ | |||
Server side validation is essential since everything before that can be overridden on the user side by hackers. However client-side is the most user-friendly validation, so using both is considered best practice.</translate> | Server side validation is essential since everything before that can be overridden on the user side by hackers. However client-side is the most user-friendly validation, so using both is considered best practice.</translate> | ||
− | <translate>==Client-side | + | <translate>==Client-side Validation== <!--T:2--></translate> |
<translate><!--T:3--> | <translate><!--T:3--> | ||
− | .. is done via | + | ...is done via JavaScript while the user is filling in the form fields. |
− | It uses the HTML ''' | + | |
+ | It uses the HTML classes ''required''' and ''validate-[xxx]'' (with ''[xxx]'' being a Joomla or custom rule; e.g. validate-numeric)</translate> | ||
<translate><!--T:4--> | <translate><!--T:4--> | ||
Line 14: | Line 16: | ||
<translate>==Server-side validation== <!--T:5--></translate> | <translate>==Server-side validation== <!--T:5--></translate> | ||
<translate><!--T:6--> | <translate><!--T:6--> | ||
− | .. is done after having submitted the form and will normally return to the form when not validated with some extra messages. | + | ...is done after having submitted the form and will normally return to the form when not validated with some extra messages. |
− | It uses the HTML ''' | + | |
+ | It uses the HTML ''attributes'' ''required'' ("true" or "required") and ''validate'' (with the value being a Joomla or custom rule, e.g. ''validate="email"'')</translate> | ||
<translate><!--T:7--> | <translate><!--T:7--> |
Latest revision as of 23:35, 9 November 2022
Joomla has client-side and server-side form validation capabilities.
Server side validation is essential since everything before that can be overridden on the user side by hackers. However client-side is the most user-friendly validation, so using both is considered best practice.
Client-side Validation[edit]
...is done via JavaScript while the user is filling in the form fields.
It uses the HTML classes required' and validate-[xxx] (with [xxx] being a Joomla or custom rule; e.g. validate-numeric)
More here: Client-side form validation
Server-side validation[edit]
...is done after having submitted the form and will normally return to the form when not validated with some extra messages.
It uses the HTML attributes required ("true" or "required") and validate (with the value being a Joomla or custom rule, e.g. validate="email")
More here: Server-side form validation