The given code is in php. Please edit in php: Executing: Validating data submitted to the server

The given code is in php. Please edit in php:

// For security, required PHP files should "die" if SAFE_TO_RUN is not defined if (!defined('SAFE_TO_RUN')) { // Prevent direct execution - show a warning instead die(basename(__FILE__) . ' cannot be executed directly!'); } ?>

Executing:

Validating data submitted to the server

// TODO: Change these checks according to the columns/formats you expect

// Reference for preg_match: https://www.w3schools.com/php/func_regex_preg_match.asp // Reference for filter_var: https://www.w3schools.com/php/func_filter_var.asp // Note that preg_match and filter_var take different parameters // Try out regular expressions at e.g. https://regex101.com/

// If you see a "Notice: Undefined index" message, check that each name you validate // in $data has an input with that name (not id) in the HTML data form

$value = $data['firstname']; // ^$ = anchors, [a-zA-Z ] = letters/spaces, {1,30} = 1-30 characters $format = "/^[a-zA-Z ]{1,30}$/"; // If value does NOT match the format then it is invalid if (!preg_match($format, $value)) { $feedback['firstname'] = 'Server feedback: Only 1-30 letters/spaces are permitted'; $valid = false; }

$value = $data['lastname']; // ^$ = anchors, [a-zA-Z ] = letters/spaces, {1,30} = 1-30 characters $format = "/^[a-zA-Z ]{1,30}$/"; // If value does NOT match the format then it is invalid if (!preg_match($format, $value)) { $feedback['lastname'] = 'Server feedback: Only 1-30 letters/spaces are permitted'; $valid = false; }

$value = $data['email']; // If value does NOT match the filter then it is invalid if (!filter_var($value, FILTER_VALIDATE_EMAIL)) { $feedback['email'] = 'Server feedback: Only valid email addresses are permitted'; $valid = false; } // Also check the maximum length for this field as filter_var doesn't do this if (strlen($value) > 50) { $feedback['email'] = 'Server feedback: Email must be 50 characters or less'; $valid = false; }

if (!$valid) { echo '

Server message: Form data is invalid - please check and try again!

'; } v. Server-side Validation Modify tma02_validate.php to provide server-side validation for 'booking reference' field. (8 marks) Although the client-side validation checks the correct form of the booking reference, it does not actually check it is a valid booking reference. For a reference to be valid, the server-side should validate the reference to the same format as the client-side, plus the following additional constraints: the three-letter group must be one of "ABC", "ACD", "BCD". Anything else is invalid. The next character must be a hyphen. Anything else is invalid. The first digit may only be 5 or 8 . The other digits may be any value between 0 and 9 inclusive. You need to provide checks and only if all are valid, proceed to write the data to the database. If not, provide feedback to the user that the booking reference is invalid. Add a comment to your validation code explaining the meaning of each part of your booking reference validation expression. Again, examine the existing code closely, it will guide you. The easiest way to test regular expressions is using a free online tool - search the web for 'regex tester' to discover these