What best practices should be followed when programming a survey feature in PHP for a website?
When programming a survey feature in PHP for a website, it is important to sanitize user input to prevent SQL injection attacks and validate the data to ensure it meets the expected format. Additionally, make sure to securely store survey responses in a database to maintain data integrity and confidentiality.
// Sample PHP code snippet for processing a survey form submission
// Sanitize user input
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$rating = filter_var($_POST['rating'], FILTER_VALIDATE_INT);
// Validate data
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Handle invalid email address
}
// Store survey responses in a database
$connection = new mysqli('localhost', 'username', 'password', 'database');
$stmt = $connection->prepare("INSERT INTO survey_responses (name, email, rating) VALUES (?, ?, ?)");
$stmt->bind_param("ssi", $name, $email, $rating);
$stmt->execute();
// Close database connection
$connection->close();
Related Questions
- What is the best way to dynamically generate select options in PHP based on the current month and months until the end of the year?
- What are some common best practices for handling and modifying text data in PHP applications?
- How can different browsers display different languages for browser-generated text in PHP forms?