Attempt these steps on your own (with internet research) before consulting my example solution in the next post.
- Change the form to use the post method and adapt the PHP processing script to make this work.
- Create a registration success page and redirect the customer there when their record was added successfully.
- Research input sanitization, particularly SQL injection and cross site scripting attacks and implement preventative measures on the first and last name inputs.
- Add a check to see if the SQL query returned an error before telling the customer their record was actually added.
- Instead of a single variable tracking the validation, use an associative array mapping each field to its error, so you know which fields were invalid.
- You may notice that we made the first name optional but last name required, however the validation check for first name expected the length shorter than 20. Make the validation also pass if the first name is empty.
- Using CSS, add a colour theme to your page.
- Using CSS, lay out the form labels and inputs so that each pair shows its label above its input.
- Move each kind of PHP validation check into a dedicated function so they can be reused. (eg, range, length, pattern, etc).
- Move all the form processing into a function and then call this function. This is so that local variables are used, which are faster than global variables.
- Use automatic redirection when the input is invalid instead of outputting a link the user has to click manually.
- Using the array of validation checks from step 5, send the error messages back to the form page and display the errors next to each input field.
- Standardise the error messages into constants (eg,
NOT_PRESENT
,OUT_OF_RANGE
,INVALID_LENGTH
) and refer to them by name where needed. - When the validation fails, prefill the form with the last used values.
Parent topic: Example 2
Top comments (0)