I am using html attributes like required, pattern, min, max, maxlength etc on my form inputs (no JS validation here) and also codeignitor validation in the back-end for for these same rules.
My question: I want to know if and how, this sort of 'html validation' can be beaten. if beatable, does it have any benefit other than being a good UX practice?
"beatable" in the context I am referring to means "can you get around the
required attribute by being sneaky?"
This sort of validation is most certainly beatable. You see, with the following code on a form:
<input type="text" required placeholder="Enter your name" />
Then anyone can open up the Inspect menu, delete
required, and then submit the form. The way to fix this is to:
Use PHP code to validate your forms, and check the values that way
Either way, this kind of validation is beatable, and even the UX isn't very good as you can't style the error messages.