1
00:00:00,000 --> 00:00:00,350

2
00:00:00,350 --> 00:00:03,160
>> SPEAKER: Let's take a look at a web page
via which a user might register

3
00:00:03,160 --> 00:00:03,960
for something.

4
00:00:03,960 --> 00:00:08,850
Here, in form-0.html, I have a number
of input fields in a form for email,

5
00:00:08,850 --> 00:00:12,300
for passwords, and for agreement to
terms and conditions followed by a

6
00:00:12,300 --> 00:00:13,145
Register button.

7
00:00:13,145 --> 00:00:16,570
>> The HTML for this page, meanwhile,
looks like this.

8
00:00:16,570 --> 00:00:20,970
I have here the first input called
Email, another input called Password,

9
00:00:20,970 --> 00:00:24,670
another input called Confirmation,
which in theory, should match the

10
00:00:24,670 --> 00:00:28,730
password that the user typed the first
time, and then here, in Input, whose

11
00:00:28,730 --> 00:00:32,630
type is checkbox, followed by lastly,
the actual Submit button.

12
00:00:32,630 --> 00:00:35,710
>> Now, notice there's nothing in this
web page that does any form of

13
00:00:35,710 --> 00:00:37,390
validation of my input.

14
00:00:37,390 --> 00:00:41,070
I could type anything or nothing at all
for email, for passwords, and I

15
00:00:41,070 --> 00:00:43,360
could check or not check that
box, it would seem.

16
00:00:43,360 --> 00:00:46,890
>> Now, there might very well be some
server side validation, so to speak--

17
00:00:46,890 --> 00:00:49,380
some error checking of what
I do and don't provide.

18
00:00:49,380 --> 00:00:52,880
But at least client side, there's no
code that we've seen that actually

19
00:00:52,880 --> 00:00:54,540
ensures that I cooperate.

20
00:00:54,540 --> 00:01:00,700
Indeed, if I go back to form-0.html in
my browser and type nothing at all, I

21
00:01:00,700 --> 00:01:05,600
end up, I see, at [? register-0.php ?],
passed in as

22
00:01:05,600 --> 00:01:09,250
each HTTP parameters, our email,
password, and confirmation, but no

23
00:01:09,250 --> 00:01:13,340
values for any of those, even though
the page itself jokingly says that

24
00:01:13,340 --> 00:01:14,590
I've registered.

25
00:01:14,590 --> 00:01:15,307