|
Javascript "validation" isn't real validation at all, it's just a convenience layer to improve the user experience, i.e. tell users what's wrong without a trip to the server.
That said, here are the answers to your questions:
1.) The major disadvantage is that you can't enforce validation. Users can disable Javascript and submit whatever they want. If you don't have real server side validation in place, client side validation is useless.
2.) It's not true. If a form submission results in an email being sent, this is done by the server. The client doesn't know anything about what happens on the server after the form has been submitted.
3.) There is no such thing as form submission "only with HTML and CSS". For the submission to actually have any effect, there has to be server side code in place to handle the submission, and that's exactly the place where you have to deal with security considerations.
__________________
.My new Javascript tutorial site: http://reallifejs.com/
.Latest article: Calculators — Tiny jQuery calculator, Full-fledged OOP calculator, Big number calculator
.Latest quick-bit: Including jQuery — Environment-aware minification and CDNs with local fallback
|