??? A more thorough validation of an
email address would be to con-
fi rm that it matches a regular
expression pattern. You can do
this with email addresses more so
than names because they must
abide by strict rules.
??? You could improve the security
of this system by applying PHP??™s
strip_tags() function to the
text inputs. That function can
help prevent cross-site scripting
attacks (XSS).
??? The mysql_real_escape_
string() function provides
language-specifi c protection on
text used in queries.
adding records 57
report any errors p. 54
??? To debug any PHP??“MySQL problems,
you??™ll need to print out the
query to inspect its syntax. You
should also invoke the mysql_
error() function to see what
problems the database reports.
??? Live sites should never provide
detailed behind-the-scenes
errors, such as the queries being
run or the MySQL errors. Use this
information for debugging purposes,
and then hide that information
in the live version (which,
we hope, shouldn??™t encounter
such errors).
extra bits (cont.)
update the database p. 53
??? A more precise way to write the
INSERT query would be to use
the syntax where you specify the
columns involved.
Pages:
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68