验证在服务器上进行客户端(Javascript)的计算时的DRY(PHP) [英] DRY when validating calculations made client side (Javascript) on the server (PHP)
问题描述
当我验证客户端(javascript)在服务器(PHP)上进行的计算时,我正在寻找DRY。我在服务器上验证是为了防止恶意用户重复javascript,但我在客户端上进行计算以避免AJAX中的延迟和服务器压力回到服务器进行验证。
I'm looking to DRY when I am validating a calculation made by the client (javascript) back on the server (PHP). I'm validating on the server to prevent a malicious user from duping the javascript, but I am calculating on the client to avoid the delay and server strain in AJAXing back to the server for the validation.
我的问题:有没有办法做这个干,或者我是否必须用两种语言编写代码?如果必须写出来,为了干燥目的,AJAX更好地回到服务器,还是应该用两种语言写出相同的验证码?
My question: is there any way to do this DRY, or do I have to write the code out in both languages? If it has to be written out, is it better to AJAX back to the server for DRY purposes, or should I write out the same validation code in both languages?
< a href =https://stackoverflow.com/questions/15874881/php-javascript-validated-calculation>这个问题正是我正在寻找的答案,但它从未得到满意的回答。
This question is exactly what I am looking for an answer to, but it was never satisfactorily answered.
编辑(1/25/15):虽然接受了答案,特别是因为我原来的问题指出服务器是在PHP上运行的,我认为值得指出的是服务器端验证可以使用 Node.js 来完成,它允许运行javascript代码后端服务器。我后来转向这种方法,它确实允许在客户端和服务器上重用代码,这将允许上述一次写入验证。回想起来,@ slebetman在下面的评论确定了最适合我的方法。
EDIT (1/25/15): Although the accepted answer stands, particularly because my original question specified that the server was running on PHP, I think its worth pointing out that server side validation could be done using Node.js, which allows javascript code to run on the backend server. I have subsequently moved to this approach, and it does allow for reuse of code on both the client and the server, which would allow the kind of write once validation described above. In retrospect @slebetman's comment below identified the best approach for me.
推荐答案
客户端验证是所有关于节省用户时间。通过不必将错误数据发送到服务器然后拒绝请求,我们可以节省加载时间。
Client-side validation is all about saving the user time. By not having to send bad data to the server and then having the request rejected, we can save loading time.
服务器端验证与安全性有关。我们需要确保我们在服务器上获得的数据是有效的,不会给我们带来任何问题。
Server-side validation is about security. We need to make sure that the data we get on the server is valid and not going to cause us any problems.
所以在我看来,最好两次编写代码而不是使用AJAX请求来验证数据,除非你必须
So in my opinion, it's best to write the code twice and not to use AJAX requests to validate data unless you have to
这篇关于验证在服务器上进行客户端(Javascript)的计算时的DRY(PHP)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
