Menu
I'm just wondering how people working in teams manage the relationship between the logic and validation in the backend, say in php, and the exact same logic and validation in the front end, for example in JavaScript?
Ideally, the final say should be given by the backend, but in order to make the application more accesible, it would be good to mimic as much as possible in the front end using JavaScript. I'm obviously trying to minimise duplication of code, and as projects get bigger, I'm finding it harder to manage how the front end stuff gets 'copied' from the backend stuff. The danger is that, as they're not tightly coupled, sometimes the front-end validation can get 'out of sync' with the backend - especially when there's a rogue JavaScript developer who thinks they've got a better way of doing some validation!
Does anyone have any insight?
EDIT
To be more concise, my question is really about how teams of people manage the 'papertrail' when it comes to duplication of logic (or how the front end access the backend as suggested by Fanis below), rather than the actual implementation. For example, do you leave comments in the backend code saying "front end copies/accesses this bit" or is there a more 'professional' way to keep track of what's doing what?
595
Learn about client-side and server-side rendering and create REST API endpoints to connect the front-end to the back-end. Get an introduction to the Model, View, Controller design pattern and create full-stack apps using MVC architecture. You've completed the Connecting Front-End to Back-End course!
There are two main ways to validate inputs on the server-side. The first takes place while the user is still inputting data into the form on the front-end. We can make asynchronous requests to the server with pieces of their data and send feedback directly to the user before they've submitted.
Server-side validation is slower than client-side input validation. However, server-side input validation is more reliable than client-side input validation. Thus, it's safe to say that client-side data validation improves user experience while server-side input validation improves security.
Front-end development focuses on the visual aspects of a website – the part that users see and interact with. Back-end development comprises a site's structure, system, data, and logic. Together, front-end and back-end development combine to create interactive, visually pleasing websites.
Whichever part actually uses the data should be the one with the final say, ie the backend, and it should have the strictest validation rules. For me validation in the front end is there to improve user experience, so that the user gets faster feedback on what's wrong with his input without waiting for a page reload. I would be ok with the front end having a small subset of the most generic validation rules (ie fields empty, malformed email addresses etc) and let the back end do any heavy lifting (eg duplicate entries detection).
However, if you need to bring full validation to the front end, consider this:
This way you only have 1 copy of the validation rules, in your backend.
Note that you would be doing the validation twice, and if it's expensive (ie duplicates detection with heuristics over a large data set) perhaps that's not desireable. You could solve that by storing the form data in the user's session during the first validation if no error was found. Then when the form is actually submitted the backend won't re-validate it.
This should degrade nicely if javascript is not enabled.
87
have you looked at nodejs lately? with a bit of work and the appropriate framework (like, mootools) you can run literally the same validation classes both client and server side.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
