当前位置: 动力学知识库 > 问答 > 编程问答 >

php - What systems are there to manage backend and front end logic/validation?

问题描述:

I'm just wondering how people working in teams manage the relationship between the logic and validation in the backend, say in php, and the exact same logic and validation in the front end, for example in JavaScript?

Ideally, the final say should be given by the backend, but in order to make the application more accesible, it would be good to mimic as much as possible in the front end using JavaScript. I'm obviously trying to minimise duplication of code, and as projects get bigger, I'm finding it harder to manage how the front end stuff gets 'copied' from the backend stuff. The danger is that, as they're not tightly coupled, sometimes the front-end validation can get 'out of sync' with the backend - especially when there's a rogue JavaScript developer who thinks they've got a better way of doing some validation!

Does anyone have any insight?

EDIT

To be more concise, my question is really about how teams of people manage the 'papertrail' when it comes to duplication of logic (or how the front end access the backend as suggested by Fanis below), rather than the actual implementation. For example, do you leave comments in the backend code saying "front end copies/accesses this bit" or is there a more 'professional' way to keep track of what's doing what?

网友答案:

Whichever part actually uses the data should be the one with the final say, ie the backend, and it should have the strictest validation rules. For me validation in the front end is there to improve user experience, so that the user gets faster feedback on what's wrong with his input without waiting for a page reload. I would be ok with the front end having a small subset of the most generic validation rules (ie fields empty, malformed email addresses etc) and let the back end do any heavy lifting (eg duplicate entries detection).

However, if you need to bring full validation to the front end, consider this:

  • make the backend's validation decoupled from any form submission logic
  • setup a separate endpoint (API) that will receive data, perform validation, and echo out any errors or "ok"
  • have the front end pass via ajax the form data into that endpoint and return any errors to display
  • if all ok then let the form submission go ahead

This way you only have 1 copy of the validation rules, in your backend.

Note that you would be doing the validation twice, and if it's expensive (ie duplicates detection with heuristics over a large data set) perhaps that's not desireable. You could solve that by storing the form data in the user's session during the first validation if no error was found. Then when the form is actually submitted the backend won't re-validate it.

This should degrade nicely if javascript is not enabled.

网友答案:

have you looked at nodejs lately? with a bit of work and the appropriate framework (like, mootools) you can run literally the same validation classes both client and server side.

分享给朋友:
您可能感兴趣的文章:
随机阅读: