what are the mistakes in this php web page design and implementation procedure? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 6 years ago.

Improve this question

what are the mistakes in this php web page design and implementation procedure?

I have a php web page that contains some form elements like textboxes, textareas, radiobuttons, checkboxes, buttons and so on.

I would like the user to fill the form then press the action button which will save the data in the database using ODBC [using PHP ODBC Functions] then send Email to specific department email address [using PHP Mail Function] and I follow the following steps to achieve that:-

1. Design The Needed Form Elemets using HTML Tags and put them inside the .. tags in the PHP web page (file1.php).

2. Change The Layout and the Styles of the HTML tags inside the PHP web page using a CSS file (style1.css).

3. Create Validation functions for the form elements using JavaScript file (script1.js) like IsEmpty(str), IsRequired(str), IsNumeric(str), IsAlphaNumeric(str), IsBetween(num,A,B), IsGreaterThan(num,A), IsLesserThan(num,B), IsValidEmail(str), IsValidForm(frm) and so on as IsValidForm(frm) will validate one form element then the next from the first one till the last one using if .. else statements.

4. Prepare a PHP code file (database1.php) that contains a user-defines database function SaveData() that uses the PHP ODBC functions to save (insert/update) the data filled in the form and after preparing the Form parameters and the SQL Scripts needed to do that.

5. Prepare a PHP code file (开发者_StackOverflow社区mail1.php) that contains a user-defines mail function SendMail(vTo,vSubject,vMessage,vHeaders) that uses the PHP mail() function to send email and configuring the php.ini file in the web server by changing the SMTP IP Address and Port.

6. Call the validation script (script1.js) then the database script (database1.php) then the Mail Script (mail1.php) in the OnClick Event of the Save Button in the Web page. This may be done using Post to enable PHP code to run in the server side or using AJAX which will need some exmaples to achieve it.

7. The Form will have two read only textboxes () which will save the order number and the order date. The date can be filled using javascript but the number may have to be generated and got from the database to be unique and a primary key of the data. what are the required steps to do that ? how to generate these Number and Date?

Sorry for being more detailed and more informative.

Thanks in Advance and I hope to reciev your feedbacks :)

---

Overall, not a bad way to make a small application. I only see a couple things you're missing.

1. You need to perform your form validation BOTH and javascript AND PHP. Javascript validation is easily bypassed and/or tampered with, so you cannot trust it. It is necessary to provide a good user experience, but understand that it's not safeguarding anything. The true safeguard is the server-side validation.
2. For read-only text boxes, use hidden form fields. Even if you want the user to be able to see what's in them, print the information into the page, then stick it in a hidden form field so it submits with the form.