Tutorial 3 - Part II -Flying into Formation - page 3

We started out assuming that we didn't have to check our inputs. But we have reached a point where we have to change our assumptions. Because we live in an imperfect world, most forms do, indeed, include checks to make sure that the input from the form is what it is supposed to be. Sometimes people make mistakes. They may give you an incorrect or invalid email. And sometimes people want to play with your site. They may enter numbers where a name is expected. And sometimes some people want to hack into your site, or disable it in some way. So most forms provide checks to make sure the information given (or inputed) is what is expected. You can't prevent everything, but there are some things you can add to your form to make it harder for things to go wrong.

For one thing, you probably don't want to waste resources saving blank forms. Someone might accidentally press your submit button. Or someone might hit your submit button tons of times - even though the form is blank. If you want to prevent this blank form from being saved or emailed to you, you can start by adding the following code to your form right after your list of variables:

Since you intend to do nothing, when a blank form is submitted, you will want to redisplay the form. So go down to the 'else' statement at the end of your beginning php and delete the 'else' and its opening bracket ('{'). This will be located right before your 'DOCTYPE.' Leave the closing bracket ('}') and add another closing bracket ( } ) on the following line to close the else statement you just added in the above code. Now go to the end of your page of code and delete your ending php code which was only a closing bracket ('}'). This is the php code located after your closing html tag ('/html'). Finally place two slashes ('// ') in front of your mail statement to prevent any emails while testing. You should already have two slashes in front of your 'fwrite' command to prevent writing to a file. To make sure your code will execute, add this code on the next line after your file close command ("fclose"):

Save your "comment.php." But before you load it to your web site, change the name of the "comment.php" you already have on your web site - call it "comment_a.php." In case your new "comment.php" has a mistake in it, you will retain your old copy. Now load the new "comment.php" to the public_html section of your web site. View "comment.php" in your web browser. If it looks O.K., hit the submit button. You should see the following two lines and your form:

Form was submitted.

The form is blank. As is, the form will be ignored.

Now fill in something on your form. Put in your email or a comment. Then resubmit the form. Now you should see these two lines and your form:

Form was submitted.

Program executed O.K.

If this didn't happen, don't get discouraged. When you write code, you may end up reversing the code to get a better result. Here you are completely reversing your code. It may seem minor, but it isn't. Anyway, you have your original form - comment_a.php. So if your code didn't work, try again. Open comment_a.php in notepad or another text editor, and redo the 6 changes you just made to your code:

1. first, right after your list of variables, the list beginning with dollar signs ('$'), add the "if-echo-else" code above.
2. second, delete the else and its opening bracket located at the bottom of your 'submit-if' php code - right before your DOCTYPE.
3. third, add another closing bracket ( } )on your next line.
4. forth, make sure your mail command and file write command (fwrite) have two slashes in front of them to turn them off.
5. fifth, add the "Program executed O.K." echo statement right after your file close command (fclose).
6. sixth, delete everything after your closing html tag ('/html').

Then try again. If it still doesn't work, double check the code. If it still doesn't work, keep on trying till it does. If you give up, then just copy this code and replace the underlined items with your own personal information: Click here to view code. Again, if you have to, you can highlight this code, copy it and change the underlined personal information. And click here to see how your form will work. To test, press the submit button while form is blank. Then press the submit button after adding a comment.

When your code works O.K., or when you're ready to go on, continue with the next step
- preventing "injection" - on page 4

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.

Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.