Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

HTML

User input to table, then post to MySQL database - best option.

I have a HTML form with an imbedded table set up to collect customer information for name, address (2 lines), city, state, zip, phone and email. The customer views the online form on my contact page and selectively inputs data to each field then submits via the regular submit button process when completed.

I am looking for best practices in filtering or validating and sanitizing the data before posting to the MySQL database, also - how the data would be organized when exported from the table to the MySQL input.

Also - flashing a message when the data was successfully posted to the MySQL server.

To this point I have not found a good discussion or video that would point me in the right direction, looking for assistance if possible.

Thanks in advance.

This is my current code:

// Action pending - will be PHP driven.
 <form name="signup" id="signup" method="post" action="">
      <table>
        <tr>
          <td colspan="2"><label for="name">Name</label></td>
          <td colspan="2"><input name="name" type="text" id="name" tabindex="1" size="30" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="address1">Address Line 1</label></td>
          <td colspan="2"><input name="address1" type="text" id="address1" tabindex="2" size="30" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="address2">Address Line 2</label></td>
          <td colspan="2"><input name="address2" type="text" id="address2" tabindex="3" size="30" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="city">City</label></td>
          <td colspan="2"><input name="city" type="text" id="city" tabindex="4" size="30" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="state">State</label></td>
          <td colspan="2"><select name="state" id="state" tabindex="5">
              <option value="" selected="selected">Select a State</option>
              <option value="AL">Alabama</option>
              <option value="AK">Alaska</option>
              <option value="AZ">Arizona</option>
              <option value="AR">Arkansas</option>
              <option value="CA">California</option>
              <option value="CO">Colorado</option>
              <option value="CT">Connecticut</option>
              <option value="DE">Delaware</option>
              <option value="DC">District Of Columbia</option>
              <option value="FL">Florida</option>
              <option value="GA">Georgia</option>
              <option value="HI">Hawaii</option>
              <option value="ID">Idaho</option>
              <option value="IL">Illinois</option>
              <option value="IN">Indiana</option>
              <option value="IA">Iowa</option>
              <option value="KS">Kansas</option>
              <option value="KY">Kentucky</option>
              <option value="LA">Louisiana</option>
              <option value="ME">Maine</option>
              <option value="MD">Maryland</option>
              <option value="MA">Massachusetts</option>
              <option value="MI">Michigan</option>
              <option value="MN">Minnesota</option>
              <option value="MS">Mississippi</option>
              <option value="MO">Missouri</option>
              <option value="MT">Montana</option>
              <option value="NE">Nebraska</option>
              <option value="NV">Nevada</option>
              <option value="NH">New Hampshire</option>
              <option value="NJ">New Jersey</option>
              <option value="NM">New Mexico</option>
              <option value="NY">New York</option>
              <option value="NC">North Carolina</option>
              <option value="ND">North Dakota</option>
              <option value="OH">Ohio</option>
              <option value="OK">Oklahoma</option>
              <option value="OR">Oregon</option>
              <option value="PA">Pennsylvania</option>
              <option value="RI">Rhode Island</option>
              <option value="SC">South Carolina</option>
              <option value="SD">South Dakota</option>
              <option value="TN">Tennessee</option>
              <option value="TX">Texas</option>
              <option value="UT">Utah</option>
              <option value="VT">Vermont</option>
              <option value="VA">Virginia</option>
              <option value="WA">Washington</option>
              <option value="WV">West Virginia</option>
              <option value="WI">Wisconsin</option>
              <option value="WY">Wyoming</option>
            </select></td>
            </tr>
            <tr>
          <td colspan="2"><label for="zip">Zip</label></td>
          <td colspan="2"><input name="zip" type="text" id="zip" tabindex="6" size="10" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="email">Email Address</label></td>
          <td colspan="2"><input name="email" type="text" id="email" tabindex="7" size="30" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="phone">Phone Number</label></td>
          <td colspan="2"><input name="phone" type="text" id="phone" tabindex="8" size="15" /></td>
        </tr>
        <tr>
          <td colspan="2"><label for="comments">Comments</label></td>
          <td colspan="2"><textarea name="comments" cols="30" rows="5" id="comments" tabindex="9"></textarea></td>
        </tr>
        <tr>
          <td colspan="2"></td>
          <td><input type="submit" id="submitbutton" name="Submit" value="Submit" tabindex="8" /></td>
        </tr>
      </table>
    </form>

You can use HTML attributes such as type="email" in text boxes to validate whether an email is correctly formatted. However their are some issues with this as the type attribute is not supported on a few browsers.

I think since you're using PHP your best option is to use regular expressions? Perhaps if you want to hardcode it yourself use IF statements? Ofcourse you want to validate input before inserting rows into the DB so for example, you have a drop down list called 'state' its default selected value is "" and its field to display is "Select your state" perhaps change the value to 1, then you can do something like this:

if($_POST["state"] == 1) { // Display message here }