Webpages - Checking user input
On 10/23/2019 at 4:30 AM, Hi P said:Where do programmers handle user input errors?
Brief example, let's say we have a simple form that asks the users for their age, said age should be between 1 and 125.
Would such thing be handled in the front-end by limiting the user to input digits between 1 and 125 or do we look for such errors in the back-end? or both?
Thank you
Both.
Users can disable Javascript or overload/overwrite javascript functions to do other behavior or use tools (Postman, CURL, other) to create their own requests outside a browser, skipping your validation.
Never blindly trust user input.
Especially when dealing with numbers, be aware of handling stuff like user enter 0x5a (90 in hexadecimal) which ParseInt in Javascript would parse as 90 but if you insert into a database the string 0x5a it may not work.
Same for stuff like '1e3' which parseInt would return as 1, but inserting the string "1e3" in a database would fail, or would be read as 1x103 = 1000 which is above 125...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now