week 4

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+04/.DS_Store

03/03_make_it_maintainable/footer.php

@@ -0,0 +1,9 @@
+<?php
+// footer.php
+// Shared footer HTML (reused across pages).
+?>
+  <hr>
+  <p>&copy; 2026</p>
+</body>
+</html>
+

03/03_make_it_maintainable/header.php

@@ -0,0 +1,13 @@
+<?php
+// header.php
+// Shared page header HTML (reused across pages to avoid repetition).
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8" />
+  <title>My PHP Page</title>
+</head>
+<body>
+  <h1>Welcome</h1>
+  <hr>

03/03_make_it_maintainable/index.php

@@ -1,34 +1,30 @@
 <?php
-/* What's the Problem? 
-    - PHP logic + HTML in one file
-    - Works, but not scalable
-    - Repetition will become a problem
+// What I learned: Using arrays + loops + a single template page makes the site easier to maintain.
+// I’ll apply this in Course Project Phase One instead of duplicating pages.
 
-    How can we refactor this code so it’s easier to maintain?
-*/
+require_once __DIR__ . '/header.php';
 
-$items = ["Home", "About", "Contact"];
+$pages = [
+  'home' => ['title' => 'Home', 'content' => 'Welcome to my PHP page.'],
+  'about' => ['title' => 'About', 'content' => 'This is the About section.'],
+  'contact' => ['title' => 'Contact', 'content' => 'This is the Contact section.'],
+];
 
+$current = $_GET['page'] ?? 'home';
+if (!isset($pages[$current])) {
+  $current = 'home';
+}
 ?>
 
-<!DOCTYPE html>
-<html>
-<head>
-    <title>My PHP Page</title>
-</head>
-<body>
+<nav>
+  <ul>
+    <?php foreach ($pages as $key => $page): ?>
+      <li><a href="index.php?page=<?= $key ?>"><?= $page['title'] ?></a></li>
+    <?php endforeach; ?>
+  </ul>
+</nav>
 
-<h1>Welcome</h1>
+<h2><?= $pages[$current]['title'] ?></h2>
+<p><?= $pages[$current]['content'] ?></p>
 
-<ul>
-<?php foreach ($items as $item): ?>
-    <li><?= $item ?></li>
-<?php endforeach; ?>
-</ul>
-
-<footer>
-    <p>&copy; 2026</p>
-</footer>
-
-</body>
-</html>
+<?php require_once __DIR__ . '/footer.php'; ?>

05/includes/connect.php

@@ -0,0 +1,18 @@
+<?php 
+$host = "localhost"; //hostname
+$db = "bitumi"; //database name
+$user = "root"; //username
+$password = ""; //password
+
+//points to the database
+$dsn = "mysql:host=$host;dbname=$db";
+
+//try to connect, if connected echo a yay!
+try {
+   $pdo = new PDO ($dsn, $user, $password); 
+   $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
+}
+//what happens if there is an error connecting 
+catch(PDOException $e) {
+    die("Database connection failed: " . $e->getMessage()); 
+}

05/includes/footer.php

@@ -0,0 +1,4 @@
+<footer>
+    <p> Bake It Til You Make It - COMP1006 </p>
+    <p> Week 4 - Form Validation</p>
+  </footer>

05/includes/header.php

@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Week 4 - Form Validation </title>
+    <!--add bootstrap css -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.8/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-sRIl4kxILFvY47J16cr9ZwB07vP4J8+LH7qKQnuqkuIAvNWLzeN8tE5YBujZqJLB" crossorigin="anonymous">
+    <!-- add bootstrap js -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.8/dist/js/bootstrap.bundle.min.js" integrity="sha384-FKyoEForCGlyvwx9Hj09JcYn3nv7wiPVlz7YYwJrWVcXK/BmnVDxM+D2scQbITxI" crossorigin="anonymous"></script>
+    <link href="styles/main.css" rel="stylesheet">
+</head>
+
+<body>
+    <header>
+        <h1 class="site-title">
+            <img
+                src="assets/bitumi.png"
+                alt="Bake It Til You Make It Bakery"
+                class="logo">
+        </h1>
+        <nav>
+            <a href="/"> Home </a>
+            <a href="#"> About </a>
+            <a href="#"> Order Online </a>
+            <a href="#"> Contact </a>
+        </nav>
+    </header>

05/index.php

@@ -0,0 +1,114 @@
+<?php require "includes/header.php" ?>
+<main>
+  <h2 class="mb-4"> Order Online - Easy & Simple (And Totally Secure...) 🧁</h2>
+  <form action="process.php" method="post">
+
+    <!-- Customer Information -->
+    <!-- Step One - Add Client Side Validation with HTML Attributes -->
+    <fieldset>
+      <legend>Customer Information</legend>
+        <label for="first_name" class="form-label">First name</label>
+        <input type="text" id="first_name" name="first_name" class="form-control">
+        <label for="last_name" class="form-label">Last name</label>
+        <input type="text" id="last_name" name="last_name" class="form-control">
+        <label for="phone" class="form-label">Phone number</label>
+        <input type="tel" id="phone" name="phone" placeholder="555-123-4567" class="form-control">
+        <label for="address" class="form-label">Address</label>
+        <input type="text" id="address" name="address" class="form-control">
+        <label for="email" class="form-label">Email</label>
+        <input type="text" id="email" name="email" class="form-control">
+    </fieldset>
+
+    <!-- Order Details -->
+    <!--<fieldset>
+      <legend>Order Details</legend>
+
+      <p>
+        Enter a quantity for each item (use 0 if you don't want it).
+      </p>
+
+      <table border="1" cellpadding="8" cellspacing="0" class="table">
+        <thead>
+          <tr>
+            <th scope="col">Baked Treat</th>
+            <th scope="col">Quantity</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr>
+            <th scope="row">Chaos Croissant 🥐</th>
+            <td>
+              <label for="chaos_croissant" class="visually-hidden">Chaos Croissant quantity</label>
+              <input type="number" id="chaos_croissant" name="items[chaos_croissant]" min="0" max="24" value="0">
+            </td>
+          </tr>
+
+          <tr>
+            <th scope="row">Midnight Muffin 🌙</th>
+            <td>
+              <label for="midnight_muffin" class="visually-hidden">Midnight Muffin quantity</label>
+              <input type="number" id="midnight_muffin" name="items[midnight_muffin]" min="0" max="24" value="0">
+            </td>
+          </tr>
+
+          <tr>
+            <th scope="row">Existential Éclair 🤔</th>
+            <td>
+              <label for="existential_eclair" class="visually-hidden">Existential Éclair quantity</label>
+              <input type="number" id="existential_eclair" name="items[existential_eclair]" min="0" max="24"
+                value="0">
+            </td>
+          </tr>
+
+          <tr>
+            <th scope="row">Procrastination Cookie ⏰</th>
+            <td>
+              <label for="procrastination_cookie" class="visually-hidden">Procrastination Cookie quantity</label>
+              <input type="number" id="procrastination_cookie" name="items[procrastination_cookie]" min="0" max="24"
+                value="0">
+            </td>
+          </tr>
+
+          <tr>
+            <th scope="row">Finals Week Brownie 📚</th>
+            <td>
+              <label for="finals_week_brownie" class="visually-hidden">Finals Week Brownie quantity</label>
+              <input type="number" id="finals_week_brownie" name="items[finals_week_brownie]" min="0" max="24"
+                value="0">
+            </td>
+          </tr>
+
+          <tr>
+            <th scope="row">Victory Cinnamon Roll 🏆</th>
+            <td>
+              <label for="victory_cinnamon_roll" class="visually-hidden">Victory Cinnamon Roll quantity</label>
+              <input type="number" id="victory_cinnamon_roll" name="items[victory_cinnamon_roll]" min="0" max="24"
+                value="0">
+            </td>
+          </tr>
+        </tbody>
+      </table>
+
+    </fieldset>-->
+
+    <fieldset>
+      <legend>Additional Comments</legend>
+
+      <p>
+        <label for="comments" class="form-label">Comments (optional)</label><br>
+        <textarea id="comments" name="comments" rows="4"
+          placeholder="Allergies, delivery instructions, custom messages..." class="form-control"></textarea>
+      </p>
+    </fieldset>
+
+    <p>
+      <button type="submit" class="btn btn-primary">Place Order</button>
+    </p>
+
+  </form>
+</main>
+</body>
+
+</html>
+
+<?php require "includes/footer.php" ?>

05/orders.php

@@ -0,0 +1,24 @@
+<?php
+require "includes/header.php";
+require "includes/connect.php";
+
+?>
+
+<main class="container mt-4">
+  <h2>Orders</h2>
+
+  <?php if (count($orders) === 0): ?>
+    <p>No orders yet.</p>
+  <?php else: ?>
+    <ul>
+
+    </ul>
+
+  <?php endif; ?>
+
+  <p class="mt-3">
+    <a href="index.php">Back to Order Form</a>
+  </p>
+</main>
+
+<?php require "includes/footer.php"; ?>

05/orders.sql

@@ -0,0 +1,10 @@
+CREATE TABLE orders (
+  id INT AUTO_INCREMENT PRIMARY KEY,
+  first_name VARCHAR(100) NOT NULL,
+  last_name VARCHAR(100) NOT NULL,
+  phone INT(100) NOT NULL,
+  address VARCHAR(100) NOT NULL,
+  email VARCHAR(150) NOT NULL,
+  comments VARCHAR(200) NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);

05/process.php

@@ -0,0 +1,103 @@
+<?php
+//require database connection script 
+require "includes/connect.php";  
+
+/*1*/
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    die('Invalid request');
+}
+
+/*2* sanitize data */
+$firstName = trim(filter_input(INPUT_POST, 'first_name', FILTER_SANITIZE_SPECIAL_CHARS));
+$lastName  = trim(filter_input(INPUT_POST, 'last_name', FILTER_SANITIZE_SPECIAL_CHARS));
+$email     = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
+$phone     = trim(filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_SPECIAL_CHARS));
+$address   = trim(filter_input(INPUT_POST, 'address', FILTER_SANITIZE_SPECIAL_CHARS));
+$comments  = trim(filter_input(INPUT_POST, 'comments', FILTER_SANITIZE_SPECIAL_CHARS));
+
+/*3*/
+
+$errors = [];
+
+// Required fields
+if ($firstName === null || $firstName === '') {
+    $errors[] = "First Name is required.";
+}
+
+if ($lastName === null || $lastName === '') {
+    $errors[] = "Last Name is required.";
+}
+
+// Email: required + format check
+if ($email === null || $email === '') {
+    $errors[] = "Email is required.";
+} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+    $errors[] = "Email must be a valid email address.";
+}
+
+// Phone: required + simple regex format check
+if ($phone === null || $phone === '') {
+    $errors[] = "Phone number is required.";
+} elseif (!filter_var($phone, FILTER_VALIDATE_REGEXP, [
+    'options' => ['regexp' => '/^[0-9\-\+\(\)\s]{7,25}$/']
+])) {
+    $errors[] = "Phone number format is invalid.";
+}
+
+// Address: required
+if ($address === null || $address === '') {
+    $errors[] = "Address is required.";
+}
+
+// If there are errors, show them and stop the script before inserting to the DB
+if (!empty($errors)) {
+    require "includes/header.php";   
+    echo "<div class='alert alert-danger'>";
+    echo "<h2>Please fix the following:</h2>";
+    echo "<ul>";
+    foreach ($errors as $error) {
+        // htmlspecialchars() prevents any unexpected HTML from being rendered
+        echo "<li>" . htmlspecialchars($error) . "</li>";
+    }
+    echo "</ul>";
+    echo "</div>";
+
+    require "includes/footer.php";
+    exit;
+}
+
+/*4*/
+
+//build our query using named placeholders 
+
+$sql = "INSERT INTO orders (first_name, last_name, phone, address, email, comments) VALUES (:first_name, :last_name, :phone, :address, :email, :comments)"; 
+
+//prepare the query 
+
+$stmt = $pdo->prepare($sql); 
+
+//map the named placeholder to the user data/actual data 
+
+$stmt->bindParam(':first_name', $firstName);
+$stmt->bindParam(':last_name', $lastName); 
+$stmt->bindParam(':phone', $phone); 
+$stmt->bindParam(':email', $email); 
+$stmt->bindParam(':address', $address); 
+$stmt->bindParam(':comments', $comments); 
+
+//execute the query 
+$stmt->execute(); 
+
+//close the connection 
+$pdo = null; 
+?>
+<? require "includes/header.php"; ?> 
+<div class="alert alert-success">
+    <h1>Thank you for your order, <?= htmlspecialchars($firstName) ?>!</h1>
+    <p>
+        We’ve received your order and will contact you at
+        <strong><?= htmlspecialchars($email) ?></strong>.
+    </p>
+</div>
+
+<?php require "includes/footer.php"; ?>