First Kudos to the Yahoo! team for
quickly fixing the problems identified in
yesterday's post. Now that the server is well behaved,
onto the client.
Taking the
PHP sample and running it through the
W3C validator and fixing all
the problems it reports results in the
following version. Fixes include internationalization,
avoiding a number of browser quirks, and potential security
problems from not properly escaping data from third party
sources.
I also removed one assumption that required the script to be
placed in the root directory.
The
result is being made available under the same BSD license as
the original.
I suggest you add LABEL elements and perhaps a block level element around the form controls so it validates as HTML 4.01 Strict.
Anne - I'm having a hard time justifying that - what's the payback? As you know, if I were doing this for my personal use I would use XHTML 1.1 strict.
My intent was do the minimum necessary to get this to work. Only the header line is precisely necessary to solve the immediate problem. The other changes, however, also solve real, if rare, problems.
Using the LABEL element would make the form more usable and accessible. I do not really care about the block level element, but Yahoo might want to do it entirely correct.