Exercise 08 · Web Technology Lab · PahiranGo

PHP Form Processing & Validation

Server-side form validation, input sanitization using regex, and AJAX-powered submission for the PahiranGo contact and e-commerce registration forms.

Language: PHP 8.x Server: Apache / XAMPP Host: Localhost (127.0.0.1) Method: POST + AJAX fetch()

⚙️

Environment Note — Why this is a static result page: This module requires a live Apache/PHP server to execute .php scripts. GitHub Pages only serves static HTML/CSS/JS files — it cannot interpret PHP. This exercise was successfully executed and verified on a Localhost XAMPP environment. The screenshots below document the step-by-step implementation logic and confirmed results.

Form UI — Contact & Registration Forms

Frontend HTML forms styled and connected to PHP backend processors

Two forms were designed and rendered using PHP-served HTML. The Contact Form (Personal Website) captures Full Name, Email Address, 10-digit Phone Number, Subject, and Message. The E-Commerce Registration Form collects Full Name, Email, Phone, Password (with confirmation), Address, City, and Postal Code.

Both forms send data asynchronously via the browser's fetch() API to their respective PHP processors (process_contact.php and process_ecommerce_forms.php) using the POST HTTP method — meaning no page reload occurs on submission.

Screenshot — Step 1: Form Interface running on localhost

Contact Form and Registration Form UI running on localhost via XAMPP

Fig 1.0 — Both forms rendered at localhost/WebTechLab/Ex-8-PHP-Forms/index.php with XAMPP Apache server active.

Server-Side Validation — Regex & Error Handling

PHP catches invalid input and returns structured JSON error messages

When the form is submitted, the PHP processor runs a multi-stage validation pipeline before processing any data. First, sanitizeInput() trims whitespace, strips slashes, and converts HTML entities via htmlspecialchars() to neutralize XSS attacks.

Screenshot — Step 2a: Browser-level HTML5 email format check

Browser tooltip showing email format validation — missing @ symbol

Fig 2.0 — Browser catches missing '@' in email field before form even reaches PHP. "cseaaryan.com" is missing an '@'.

Step 2b — PHP Server-Side Validation

Screenshot — Step 2b: PHP regex validation — phone number error

PHP server-side validation showing phone number error — must be exactly 10 digits

Fig 2.1 — PHP's preg_match() catches that "2345678" is only 7 digits. Error returned via JSON and displayed inline: "Phone must be exactly 10 digits".

Successful AJAX Submission — JSON Success Response

Valid, sanitized data processed by PHP returns a success confirmation without page reload

Once all validations pass (name ≥ 3 letters, valid email format, 10-digit phone, message 10–500 characters), the PHP processor enters the processing block. It creates a timestamped log entry and appends it to contact_submissions.log using file_put_contents().

The PHP script then returns a JSON success response: {"success": true, "message": "Your message has been sent successfully!"}.

Screenshot — Step 3: PHP processes valid data and returns success

Fig 3.0 — Green success banner appears below submit button: "✓ Thank you! Your message has been received. We will reply shortly."

Exercise 08 verified successfully on localhost (XAMPP). Both contact and registration forms validated, processed, and responded with correct JSON payloads.