7.9 SummaryThis is NOT the latest copy of this book; click here for the latest version.
-
If you are using PHP to handle form input data - and let's face it, you probably will do some day if you are not already - make sure you do not make any assumptions about the reliability of the data. Remember, it came from users, and we do not trust users, now, do we?
-
If you are inserting form data into your data, make sure you have magic quotes turned on - it makes your life easier, and saves all the calls to addslashes().
-
While client-side validation is a nice addition, you must not rely upon it to produce validated data as it can easily be disabled.
-
Users already have a hard enough time before they get in contact with your forms, so do not make them more complicated than they need to be. Split forms across pages if possible, keep selections to a minimum, lay options out neatly using HTML tables, and mark required fields clearly.
|
Want to see this stuff in print? PHP in a Nutshell takes the core topics covered here, adds in thousands of edits from the editorial team and myself, and combines them to make an unbeatable reference for PHP programmers at all levels.
My latest book has hundreds more tips on how to use PHP, Apache, and MySQL, plus Perl, Python, shell scripts, performance tuning, and more!
|
