HTML and CSS Reference
The new HTML controls discussed in Objective 3.1 provide some great functionality to
validate user data. However, this functionality has some limitations. This is where further vali-
that's not readily available in the core HTML controls. Although some controls aren't yet avail-
able in all browsers, you might need to validate user input such as dates, telephone numbers,
or alphanumeric postal codes. This objective demonstrates how to use regular expressions to
is the correct data type. This objective also adds a layer of security by demonstrating how to
prevent malicious code injection.
This objective covers how to:
■ Evaluate regular expressions
■ Validate data with built-in functions
■ Prevent code injection
You saw the use of regular expressions in Objective 3.1. In fact, the core HTML input controls
support a pattern attribute that allows you to apply a regular expression to validate user
inline with attributes. This section introduces regular expressions. The basic syntax of a regular
Regular expressions have a unique syntax of their own. They can be daunting to use but
can also be very powerful. Although a full instruction on regular expressions is beyond the
scope of this topic, a brief introduction is provided to support the later examples.
Regular expressions tend to make their way onto the exams. You should prepare by study-
ing them in more detail. An Internet search should yield many resources freely available
on the topic. Be familiar with how to read an expression for such things as email addresses,
URLs, and phone numbers, among other things.
Regular expressions are a mix of special characters and literal characters that make up the
pattern that someone would want to match. Table 3-1 lists the special characters and their