PHPprogramming~30 mins

Input validation and sanitization in PHP - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Input Validation and Sanitization

📖 Scenario: You are building a simple PHP script that accepts user input from a form. To keep the data safe and clean, you need to validate and sanitize the input before using it.

🎯 Goal: Create a PHP script that takes a user's name and email, validates the email format, sanitizes the name to remove unwanted characters, and then displays the cleaned data.

📋 What You'll Learn

Create variables to hold user input for name and email

Sanitize the name input to remove HTML tags and extra spaces

Validate the email input to ensure it is a proper email format

Display the sanitized name and validated email

💡 Why This Matters

🌍 Real World

Validating and sanitizing user input is essential to keep websites safe and data clean. It prevents errors and security problems like code injection.

💼 Career

Web developers and backend programmers regularly validate and sanitize inputs to protect applications and ensure data quality.

Progress0 / 4 steps

Create variables for user input

Create two variables called $name and $email and assign them these exact values: ' John Doe ' for $name and 'john.doe@example.com' for $email.

PHP

# Create variables $name and $email with the given values
# Your code here

Need a hint?

Use simple assignment to create variables with the exact strings given.

Sanitize the name input

Create a new variable called $clean_name that removes HTML tags from $name using strip_tags() and trims extra spaces using trim().

PHP

John Doe  ';
$email = 'john.doe@example.com';

# Sanitize $name to create $clean_name
# Your code here

Need a hint?

Use strip_tags() first to remove HTML, then trim() to remove spaces.

Validate the email input

Create a variable called $valid_email that uses filter_var() with FILTER_VALIDATE_EMAIL to check if $email is valid. If valid, assign the email to $valid_email, otherwise assign false.

PHP

John Doe  ';
$email = 'john.doe@example.com';

$clean_name = trim(strip_tags($name));

# Validate $email and assign to $valid_email or false
# Your code here

Need a hint?

Use filter_var() with FILTER_VALIDATE_EMAIL to check the email.

Display the sanitized name and validated email

Use echo to print the text: Name: followed by $clean_name and a new line, then Email: followed by $valid_email. If $valid_email is false, print Invalid email instead of the email.

PHP

John Doe  ';
$email = 'john.doe@example.com';

$clean_name = trim(strip_tags($name));

$valid_email = filter_var($email, FILTER_VALIDATE_EMAIL);

# Print the sanitized name and validated email or 'Invalid email'
# Your code here

Need a hint?

Use an if statement to check if $valid_email is false and print accordingly.