POTD 3: Form handling

Due 2-June-2022, 1pm EST (no late submission, no extension)

Purpose: Hands-on experience with PHP form handling and server-side input validation; get ready to work on your assignment (course project)

For this exercise, you may work alone, with your project partner(s), or with another student in this course. Write PHP program(s) to perform the following tasks. We'll stop periodically, and do exercise one step at a time with discussion between steps

  1. Create a login form to accept a username and password. You may create the form from scratch or use the provided login.php (text version) and activity-styles.css.

    [Optional] Include a header and a footer
    • Use include('destination-file') to include content from the destination-file in the current page
    • You may create a header and a footer from scratch or use the provided header.html and footer.html

  2. Perform a simple authentication. Use the following functions to handle a password
    • htmlspecialchars(incoming_password) stops script tags from being able to be executed and renders them as plaintext
    • password_hash(incoming_password, algo_to_hash) creates a password hash
    • password_verify(incoming_password, existing_password) returns true (1) if the incoming_password and existing_password match; false ('') otherwise

    Provide a proper feedback if a combination of username and password does not match the record; for example, "username and password do not match our record"

  3. If the combination matches, redirect the user to the form (let's call it form.php) allowing the user to submit his/her comment or request.

  4. Create a form to accept the user's name, email address, and comment. You may create the form from scratch or use the provided form.html or form.php (text version)

  5. On the form.php, perform a server-side input validation to ensure that all form inputs are entered. If any form input is missing, display a proper message (we will practice both non-sticky form and sticky form).

  6. If all form inputs are entered, display a confirmation message. You decide on the content and format of the confirmation, and the location where it will be displayed.

  7. [optional] If all form inputs are entered, write the user's data entry to a data file (you decide on the data format and the file format).

To deploy and test your program use one of the following options:

Grading rubric

[Total: 10 points]: Done (or provide evidence of your attempt, full or reasonable effort)


Making your submission available to instructor and course staff is your responsibility; if we cannot access or open your file, you will not get credit. Be sure to test access to your file before the due date.

Copyright © 2022 Upsorn Praphamontripong

Released under the Creative Commons License CC-BY-NC-SA 4.0 license.

Last updated 2022-05-29 13:15