We will improve the error handling so that we can display a more
user-friendly message. In the
errorManager($message, $url=NULL) function,
change the code so that the user is redirected instantaneously in no
more after 5 seconds.
If the url passed in parameter is null, the user will be redirected to the page default home page.
Test your changes by directly loading the
new.php page. You should be redirected to the home page of the site.
errorManager function, instead of displaying the error message directly, we'll store it in a session variable that we'll display later.
errorManager function so that the message is stored in
Add session initialization to all of your PHP scripts except in the library.
Temporarily display the contents of the session variable on the home page and check that the message is recorded when you load directly
lib\lib.php library, add a
displayError() function. This function tests whether the
$_SESSION['errorMessage] variable is empty or not.
If the variable contains a message, it displays the error message in a Alert Bootstrap.
In the home page (
index.php) and in the shopping list page (
list/index.php), add a call to the function before the title is displayed.
Load the scripts
list/add.php, the message should appear
in accordance with the following illustration. You can add an icon before the
Based on the example of the Bootstrap documentation, add a cross so that the user can delete the message:
Make sure that when you click on the cross, the message disappears.
Reload the page, what do you see? The error message comes back because it is always stored in the session variable.
displayError() function so that the session variable
$_SESSION['errorMessage'] is deleted after the display. Test your change.
Create a shopping list and enter a few items. Enter a new item containing one or more HTML tags, for example :
<a href="http://micheletjacquie.com">I'm spamming your list with porn links</a>
What do you see?
Fix this problem with the htmlspecialchars function.
From the home page, create a new list called: "<!--".
Correct this problem using the same method as for item names.