Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Randy Hoyt
Treehouse Guest TeacherPHP: Integrating Validation Errors is live!
I'm happy to announce that the first stage of my new PHP project is live! In this project, I walk through taking an existing e-commerce store (the Shirts 4 Mike site we built earlier) and enhancing it with new techniques. By the end of the project, we'll have enhanced the site with clean web addresses, basic search functionality, pagination, and more. You'll also understand programming concepts like refactoring and separation of concerns. There's a lot of fun stuff in store, including a trip to Mike's warehouse to look at his new shirt designs.
Here's a link a description for the first stage:
Our contact form currently checks that the information submitted by visitors to our site is valid, but we need to improve how validation errors get displayed. We’ll enhance the flow of our code that handles form submissions, displaying error messages within the context of the form and carefully avoiding a common security vulnerability by escaping our output.
4 Answers
samiff
31,206 PointsBeen looking forward to this and just started it tonight. Looks like a lot of cool things to learn about, keep them coming!
Matthew Mascioni
20,444 PointsThanks a ton Randy! Can't wait to get through this. :)
Tom Maddocks
4,628 PointsThanks Randy, I've recently done this and was doing some extra reading on sanitizing data. I just wanted to know whether the first part of the code was safe, i.e. $name = trim(...). In the name box if I type in <h1>Tom</h1> and echo out to the screen it displays the output as a header. Instead I tried, $name = trim(htmlspecialchars(...)); and it's displayed without formatting.
Is this a better way of doing it or am I missing something?
Randy Hoyt
Treehouse Guest TeacherHey @Tom,
By itself, trim() does not sanitize the data; it just removes any whitespace off the beginning and the end. The htmlspecialchars function sanitizes the data.
In your example, do you want the formatting? I can't tell which example does what you intend and which one does not? Would you mind providing the code?
Thanks, ~randy