0

So from the (very little) that I've read about Markup Validation, it's basically just a grammar/spelling check. However, I can't find any sources on how to make "good" HTML code. Is there any site in which I can learn how to write HTML properly?

Here's my code that was called horrid (specifically the HTML).

<html>
<title>MySQL Search!</title>
<body>
<p>Search Results:</p>
<table width="600" border="1" cellpadding="1" cellspacing="1">
<tr>
<th>Card Name</th>
<th>Mana Cost</th>
<th>Card Set</th>
<th>Ability</th>
<th>Image</th>
</tr>
<?php
require 'dbconnect.php';
$Checkbox = $_POST['Ability'];
$q="SELECT * FROM mtgcards WHERE Ability LIKE '%$Checkbox%'";
$r = mysqli_query($dbc, $q);
while ($row = mysqli_fetch_array($r)) {
    Echo "<td>" . $row['Name'] . "</td>";
    Echo "<td>" . $row['Mana Cost'] . "</td>";
    Echo "<td>" . $row['Colour'] . "</td>";
    Echo "<td>" . $row['Set'] . "</td>";
    Echo "<td>" . $row['Ability'] . "</td>";
    Echo "<td>" . '<img style="display:block" src="data:image/jpeg;base64,' . base64_encode($row['Image']) . '" width="100%" height="100%" /></td>';
    Echo "</tr>";
}

mysqli_close($dbc);
?>
</html>
</body>
Thomas Hutton
  • 793
  • 5
  • 15
  • 34
  • [This article](http://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags) is a good starting point. – Cosmin Ababei Mar 07 '16 at 18:43
  • It'll be hard to validate your html When it's with php. You must run your page on the server, copy the page's source code and check it in the [w3c Markup Validation Service](https://validator.w3.org/) or in a similer website. – Abozanona Mar 07 '16 at 18:49
  • @YazanWYusuf, OK, I won't ask people to validate. But I still do want to get sent in the right direction to find help with markups. – Thomas Hutton Mar 07 '16 at 18:51
  • You are open to SQL injections with this code. You should use prepared statements. – chris85 Mar 07 '16 at 18:57
  • There are a number of problems with your code: mixing logic and presentation, SQL injection vulnerability, and others. One reason your HTML doesn't validate is that you have no opening `` tag in your while loop, only a closing ``. – elixenide Mar 07 '16 at 19:46

1 Answers1

0

Basically you need look into Web template system

enter image description here

It is considered messy to mix PHP and HTML like you did in your post.

And it will get worse as your web app grows.

There are many ones for PHP, one of the most popular ones is twig and smarty.

You can also create your own.

The bigger issue here is that you are not using prepared statements, you should be using prepare() to execute your queries.

meda
  • 45,103
  • 14
  • 92
  • 122