This adds absolutely no value, especially in terms of security. Your second check can be circumvented as easily as the disabled button. Client-side validation can never provide security, you must always check the data on the server, too.
Surely it adds value. Are you suggesting to do no client-side validation? I agree that validation needs to be done on the server, but that doesn't seem to be the focus of this article
Can you elaborate on how you would bypass the additional in-function check?
Of course, you're right - however, the point of the article was definitely not to say that any client-side security is enough on its own, it's just to make it a little bit more robust
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This adds absolutely no value, especially in terms of security. Your second check can be circumvented as easily as the disabled button. Client-side validation can never provide security, you must always check the data on the server, too.
Surely it adds value. Are you suggesting to do no client-side validation? I agree that validation needs to be done on the server, but that doesn't seem to be the focus of this article
The client-side validation is achieved by disabling the button (and maybe by showing a message) based on a validation rule.
Can you elaborate on how you would bypass the additional in-function check?
Of course, you're right - however, the point of the article was definitely not to say that any client-side security is enough on its own, it's just to make it a little bit more robust