Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Ben Brenton
266 PointsWhat language should I use for registration page?
I am creating a registration page on a personal project I am doing. To confirm that certain information is inputted correctly (i.e. the email is put in properly and both passwords entered match each other) will I be okay to use a simple Javascript for this or should I be looking at backend languages for this operation?
P.S. Am currently working through JS lessons at the moment so this is why thought came to mind!
3 Answers
Rutger Farry
10,722 PointsGreat question. If you're building the backend stack yourself (a.k.a. you're not using a BaaS like Parse to handle users), then the most important place to validate input is on the server side, as information can get changed after being sent from the user's browser via a man-in-the-middle attack.
However, user experience should also be important to you, and since trips between your server and your user's computers will take awhile, its a nice touch to instantly provide feedback in the user's browser using Javascript.
TL;DR: Validate on both sides for best UX, but if you only validate once, do it on server side.
P.S. Since you're investing time in learning JavaScript for the client side, consider applying those skills to the server side as well with Node / Express.js.
Kevin Korte
28,149 PointsWhat are you doing with the information? I am assuming you're setting put accounts? Client side JS can't be trusted as a validation, ever. Since it's client side, a malicious user can change your validation rules to whatever they want. Client side validation is only handy as a UX tool, as you can inform users of problems before they submit the form, which does improve experience, but it would still need to be validated on the server.
Server side JS like Node I do not know much about, so I want to be clear I am talking about client side JS. I'm sure Node has secure ways to validate and do stuff with information on the server side.
Ben Brenton
266 PointsSo it sounds like the major issue with JS is security. I am moving onto node next, and then looking into PHP as well so I may have jumped the gun on this, thanks for the advice!