califdon wrote:You're in good hands with Celauran giving you advice and instruction, but I just wanted to add a few thoughts that might be of help to you.
As Celauran said, mixing PHP and HTML in the same file is probably the most common approach for relatively small web applications. Among other advantages, it reduces the number of separate HTTP requests to the server and is thus slightly more efficient.
I suggest that you think of the file extension question in the following way, rather than as PHP being "dominant" over HTML: PHP is a language that is parsed and executed by the web server (e.g., Apache or IIS), which is configured by default to parse a file and execute any PHP code in it only if the file has a .php extension. There are ways to configure it otherwise, but rarely any reason to do so.
Thank you califdon - this information does help.
Now, about your script(s), most developers would probably advise you to do data validation BOTH in the client browser, using Javascript, AND in the server, using PHP, for best operation. The Javascript routines can require the user to complete any required fields before submitting the form to the server, thus avoiding unnecessary submissions to the server. Such routines can also check for valid ranges of values or formats in some applications. This is a first-step validation that many developers believe is best practice. You must be aware of the behavior in those cases where the user's browser has been set to disable Javascript, though.
And now ... I'm starting to see where Javascript comes into play. Actually, this point leads me to another question. While doing some research/learning on HTML, I found the following snipit of code:
Code: Select all
Email: <input type="email" name="EmailAddress" />
Specifically
input type="email" was new information. I was always using
input type = "text" or "date". So.... I tested
input type="email" and it is a way of validating data
before submitting. So... why the Javascript? Why add one more level or layer of scripting?
Finally, I personally avoid EVER using form data directly (that is, $_POST['xxx']) in a PHP script without first sanitizing the data and assigning it to a variable. Then I know that when I use those variables, they have previously been sanitized.
This makes sense. It is the way I operate in building classical databases. But... what is confusing for me (since there are multiple languages involved in web database development) is how one declares variables. In classical database development - I declare my variables within specific routines. It is rare that I have to globally declare a variable. But in this context, it almost seems to me that variables are more useful if they are defined globally.
At any rate, within this specific example.... would declaring $fname, $lname and $ email before the
IF statement be appropriate. Or ... since this statement is testing for empty posts first, is it better to declare within the
IF statement, as Celauran has done?
I hope these remarks will be of value.
Yes - your remarks are very helpful. As I mentioned earlier... I am as interested in method as I am in syntax.
Thanks Much: Pavilion