Never Trust The Client
In software development, all data validation should be done by the server to help stop abuse, such as SQL injections. If the client did this instead of the server, someone could easily modify the client so that it doesn't stop sanitise the data, thus allowing the attack to work.
In software development, all data validation should be done by the server to help stop abuse, such as SQL injections. If the client did this instead of the server, someone could easily modify the client so that it doesn't stop sanitise the data, thus allowing the attack to work.
by rakiru December 30, 2011