The form in order.php allows the user to order an item. It submits to order-submit.php. Modify order-submit.php to use regular expressions to validate the following aspects of the order:
order.php
order-submit.php
...