If you are working on a web application that requires users to submit a form like data. then you need to take care of both frontend and backend validation.
suppose if you have an input tag like this and no validation in the backend then anyone can remove the required tag from the front end and can spam your database.
<input type = "email" name = "email" required/>
want to know how to manipulate the frontend? follow the steps.
- open a web app and inspect the page.
- double click over any tag you want to change/manipulate.
- change the value of the tag whatever you want.
- in the below example, I changed the value of z-20 to z-220.
- you can manipulate this(in which you are reading the article) page if you are using a laptop/desktop, simply follow the above steps for this page.
similarly, anyone can remove required from the input field and can spam your database. so backend validation is a must.
Should I remove frontend validation and use only backend validation?
No, frontend validation is for user experience. and it is also required. for example- when you click over submit button in forms then in most of the cases backend request is sent and the page is reloaded. if you use frontend validation then the form is not submitted until the values given by users are correct.
so make sure when you are making a web application you need to take care of both the front end and back end.