Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

PHP

Randy Hoyt
STAFF
Randy Hoyt
Treehouse Guest Teacher

PHP: Integrating Validation Errors is live!

I'm happy to announce that the first stage of my new PHP project is live! In this project, I walk through taking an existing e-commerce store (the Shirts 4 Mike site we built earlier) and enhancing it with new techniques. By the end of the project, we'll have enhanced the site with clean web addresses, basic search functionality, pagination, and more. You'll also understand programming concepts like refactoring and separation of concerns. There's a lot of fun stuff in store, including a trip to Mike's warehouse to look at his new shirt designs.

Here's a link a description for the first stage:

Our contact form currently checks that the information submitted by visitors to our site is valid, but we need to improve how validation errors get displayed. We’ll enhance the flow of our code that handles form submissions, displaying error messages within the context of the form and carefully avoiding a common security vulnerability by escaping our output.

4 Answers

samiff
samiff
31,206 Points

Been looking forward to this and just started it tonight. Looks like a lot of cool things to learn about, keep them coming!

Matthew Mascioni
Matthew Mascioni
20,444 Points

Thanks a ton Randy! Can't wait to get through this. :)

Thanks Randy, I've recently done this and was doing some extra reading on sanitizing data. I just wanted to know whether the first part of the code was safe, i.e. $name = trim(...). In the name box if I type in <h1>Tom</h1> and echo out to the screen it displays the output as a header. Instead I tried, $name = trim(htmlspecialchars(...)); and it's displayed without formatting.

Is this a better way of doing it or am I missing something?

Randy Hoyt
STAFF
Randy Hoyt
Treehouse Guest Teacher

Hey @Tom,

By itself, trim() does not sanitize the data; it just removes any whitespace off the beginning and the end. The htmlspecialchars function sanitizes the data.

In your example, do you want the formatting? I can't tell which example does what you intend and which one does not? Would you mind providing the code?

Thanks, ~randy