TASK # 47 – Validating Forms p

Worksho
1) Make an HTML form as given below  Set the textbox.Name
= “name”  Save it as “form.html”

2) Type the code for the PHP script given on the next slide 
Call the script from the HTML form  DISCUSS
TASK # 47 – Validating Forms p
Worksho
TASK # 48 – Validating Forms Worksho
p

1) Add another field named “email” in the Task-47

html form
2) Validate the form by checking email.  Show the
proper error message.

Hint : To check if both, name and email were properly

filled in, use the expression :
If ($name && $email) {………………..
TASK # 49 – Validating Forms p
Worksho

1) Add another field named “gender” in the form as given below

2) Validate the form by checking gender.  Show the proper error
messages.

Hints :
TASK # 50 – $_SERVER['PHP_SELF'] p
1) Type the code  Execute  Discuss Worksho
2) What does “$_SERVER['PHP_SELF']“return ?
3) Do you notice anything in URL when the script is run ?
TASK # 51 – $_SERVER['PHP_SELF'] p
Worksho
1) Add the following statements on top of the previous script
2) Execute  Discuss
TASK # 52 – A Number Guessing Game p
Worksho
1) Type the first part of the code  DO not execute discuss
TASK # 52 – A Number Guessing Game p
1) Type the statements on top of the previous script. Worksho
2) Execute  Discuss
TASK # 53 – Hidden Fields
Wo r ks h o p
1) Add some statements in the previous script at the following places
2) Execute  DISCUSS
TASK # 54 – Redirecting User p
1) Add the following in the previous script at the following places Worksho
2) Make sure the file a user is being directed to exists.
3) Execute  DISCUSS
http://www.example.com/test_form.php/%22%3E%3Cscript%3Ealert('hacked')%3C/script%3E

The above URL will end up showing a Javascript alert.

TASK # 55 – Form Security (Preventing Javacript attacks) p
Worksho

Now, accessing the “test_form.php” will not end up in the execution of

<script> code. Though the URL will still show the conversion
EXAMPLE CODE : Form Security
Objective :
Creating a form with PHP script that will sanitize all the submitted data
1. Create the first part of the HTML script given below.
EXAMPLE CODE : Form Security
1. Add the script on top of the previous page
TASK # 56 – Final FORM p
Objective : Worksho
Creating a form with PHP script that will sanitize all the submitted data
TASK # 56 – Final FORM p
Objective : Worksho
Creating a form with PHP script that will sanitize all the submitted data
TASK # 56 – Final FORM p
Objective : Worksho
Creating a form with PHP script that will sanitize all the submitted data
 p
TASK # 56 – Final FORM Worksho
TASK # 56 – Final FORM
p
Worksho
How to validate “Name” field
(using “preg_match()”)
TASK # 57 – using “preg_match()” to validate “Name”
p
1. Type the code  Execute  Discuss Worksho
2. Trying putting name with illegal characters  check result
How to validate “Email” field
(using “filter_val()”)
TASK # 58 – using “filter_var” to validate email
p
1. Type the code  Execute  Discuss Worksho
2. Trying putting the wrong mail  check result
How to validate “URL”
TASK # 59 – using “preg_match()” to validate url
p
1. Type the code  Execute  Discuss Worksho
2. Trying putting a wrong URL  check result

Copy from here

if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?
=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website))
TASK # 60 – (Combined) Name, Email, URL Sanitization
p
Worksho
1. The following script for Name, Email and URL can be replaced with the relevant
code in the previous “final form”.
TASK # 60 – (Combined) Name, Email, URL Sanitization
p
Worksho
1. The following script for Name, Email and URL can be replaced with the relevant
code in the previous “final form”.