Server side validation

So I guess my first question is what things could go wrong? I learned on here that server side validation is necessary always. Mainly so I understand this php validation kind of makes sense.

The two main things you have to be careful of is XSS (Cross Site Scripting) and SQL Injection (SQL Injection).  I touch on this in my article on capturing data in a feedback form

The reason you need server side validation is it's easy to bypass your validation and submit malicious or nonsense data (as simple as using the development tools in any browser) as it runs on the client so the client has access.  On the server, only you have access so in that respect it's secure.  You do need to make sure whatever data is submitted is parsed and javascript, html tags, sql like commands etc removed.  see the article above for more info.

The reasons you have client side validation are to guide the user on what data to enter e.g. a phone number in the right format, an email address in the right format etc.

My second question is how should I handle an invalid form submission? The jQuery has a valid function and I'm sure there's a way I could set that to false. How would I test that though it's a catch-22...

Your javascript can stop the form from submitting if the data the user is submitting doesn't validate so that part's easy.

It would also help for you to read my article on Javascript Frameworks, like jQuery as jQuery is javascript, nothing more.

Should I just have a DIV and use aJax to say the highlighted fields are required and highlight them with css?

Yes, it is that easy but you don't even need to do that much as the plugin will insert it for you.  I'll knock up a demo to show you.

Both of your posts were extremely articulate and well written. Your code showed me this plugin is like anything else really. I'm not the best at jQuery but your code there's a lot I can learn from that thank you for writing that.

I noticed that your script you have to manually enter the username and password you connect to the server.

I will read over this more, but is that contingent on manually entering passwords? I don't have anyone's passwords and I'm not going to ask them to share their passwords.

Ignore the passwords.  That's just if you want to send an email and the server requires authentication.

That makes sense. Thank you.

I was going to knock up a demo for you but you're all ok now?

Demo wouldn't hurt. If it's not a lot of work. I've been doing other stuff but today I'm going to work on the Ajax verification.

I actually have a really dumb question. Where do I put class.phpmailer.php?

You include it at the top of your php file that needs to use it.  If there's any other dependencies then you also need to make sure they're available e.g. if you use any of the perl extensions etc

I understand that. What confuses me is where in my server do I upload the file?



Thanks for you help. I'm trying to knock this out soon.

It should go in your include directory.  IF you need to know where it is, just create a simple page with

<?php
phpinfo();
?>

That will tell you the configuration

It seems to be disabled, and changing the settings is beyond my abilities. It does work when I have it in the same directory.

Thanks again for your help.

Not so much changing settings but putting the file in the includes folder.
Did that code not work?