POTD 3: Form handling

Due 3-June-2021, 10:30am EST (no late submission, no extension)

Purpose: Hands-on experience with PHP form handling and server-side input validation; get ready to work on your assignment (course project)

For this exercise, you may work alone or with another student in this course. Write PHP program(s) to perform the following tasks. We'll stop periodically, and do exercise one step at a time with discussion between steps

  1. Create a login form to accept a username and password. You may create the form from scratch or use the provided login.php (text version)

    [Optional] Include a header and a footer
    • Use include('destination-file') to include content from the destination-file in the current page
    • You may create a header and a footer from scratch or use the provided header.html and footer.html

  2. Perform a simple authentication. Use the following functions to handle a password
    • htmlspecialchars(incoming_password) stops script tags from being able to be executed and renders them as plaintext
    • password_hash(incoming_password, algo_to_hash) creates a password hash
    • password_verify(incoming_password, existing_password) returns true (1) if the incoming_password and existing_password match; false ('') otherwise

    Provide a proper feedback if a combination of username and password does not match the record; for example, "username and password do not match our record"

  3. If the combination matches, redirect the user to the form (let's call it form.php) allowing the user to submit his/her comment or request.

  4. Create a form to accept the user's name, email address, and comment. You may create the form from scratch or use the provided form.html or form.php (text version)

  5. On the form.php, perform a server-side input validation to ensure that all form inputs are entered. If any form input is missing, display a proper message (we will practice both non-sticky form and sticky form).

  6. If all form inputs are entered, display a confirmation message. You decide on the content and format of the confirmation, and the location where it will be displayed.

  7. [optional] If all form inputs are entered, write the user's data entry to a data file (you decide on the data format and the file format).

To deploy and test your program use one of the following options:

Grading rubric

[Total: 10 points]: Done (or provide evidence of your attempt, full or reasonable effort)


Submit your .php file(s) to Collab (under Assignment/POTD3). Please include all team member names.

If you have multiple files, do not zip them. Each team submits only one copy.

images showing Collab submission page