When ordering cookies online the other day (as I am wont to do), I realized that I hadn’t inputted my phone number correctly. And so I clicked Edit Profile, which led me to a screen like the below:

I inputted my number as 877-632-6654 and then clicked UPDATE PROFILE, at which point I immediately saw a purple alert:

Well that’s curious, I thought. I definitely inputted 10 digits. On a hunch, I then re-inputted my number as 8776326654. This time it worked! Well that’s silly, I thought. We can do better.

Answer the below in cookies.txt.


  1. (2 points.) Suppose that a JavaScript function called validate is called when this page’s form is submitted, the argument to which is the user’s inputted phone number as a String. That function returns true if a user’s input is exactly ten decimal digits, else it returns false; it does not alter the form’s value. Complete the implementation of validate below in a manner consistent with this page’s behavior. Take care to support numbers other than mine. You’re welcome but not expected to use jQuery.

    function validate(phone)
        // TODO
  2. (3 points.) Let’s now do better. Re-implement validate in such a way that it considers not only 8776326654 valid but also 877-632-6654 (and any other variants that you’d like to support). Take care to support numbers other than mine. You’re welcome but not expected to use jQuery.

  3. (4 points.) Suppose that this website’s back end is implemented in Python with Flask, among whose routes is the below.

    @app.route("/user/profile", methods=["POST"])
    def profile():
        db.execute("UPDATE users SET phone = {} WHERE id = {}".format(
            request.form.get("phone"), session["user_id"]
        return render_template("profile.html")

    Critique this implementation of profile, identifying its faults.


  1. Which resources, if any, did you find helpful in answering this problem’s questions?

  2. About how long did you spend on this problem’s questions?