Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP Enhancing a Simple PHP Application Adding Search: Controller & View Escaping Output Review

10,612 Points

Challenge Task

A visitor to our site has just performed a search for chocolate, which has returned no results. Change this code to display the search term in the search box again, making sure to protect the page against malicious code that might have been entered.

Below is the code inside the form

<form method="get" action="./"> <input type="text" name="s" value = "<?php echo htmlspecialchars($search_item); ?>"> <input type="submit" value="Go"> </form>

the bug tells me to use the value attribute to display inside the input box, but I am using the value attribute.

is it my mistake or the code challenge is not working properly?


2 Answers

Alex Heil
Alex Heil
53,547 Points

hello, unfortunately your code was stripped so I can't tell you what error you had in it. but I just re-did the challenge and it was working fine for me, so the code you want to check is this line:

<input type="text" name="s" value="<?php echo htmlspecialchars($search_term); ?>">

first thing to note is the new value attribute, this was added so that you can show the entered search text on the screen the second part is the htmlspecialchars which is handling the protection against malicious code.

hope that helps and have a nice day ;)

Thank you, Alex. It was very good explanation.