Web forms and PHP

From Wiki @ Karl Jones dot com
Revision as of 14:32, 14 September 2016 by Karl Jones (Talk | contribs) (Create PHP to display submitted data)

Jump to: navigation, search

This article discusses web forms and PHP.

Example

The examples below are based on this page @ php.net.

The examples show excerpts, not the complete HTML.

The actual pages should contain complete and valid HTML.

Create web form

Create an HTML page (call it formpage.html, for convenience) containing this web form:

<form action="action.php" method="post">
 <p>Your name: <input type="text" name="name" /></p>
 <p>Your age: <input type="text" name="age" /></p>
 <p><input type="submit" /></p>
</form>

Note that the form's action attribute is set to action.php. When the user submits the form, the form data will be sent to a PHP page named action.php (in the same folder as the web form page). The file name action.php is arbitrary -- any valid file name will work.

The form contains two text input fields, named name and age.

In a form element, the action attribute specifies where the data will be sent when the user submits the form. In this example, the data will be sent to a PHP page named action.php.

Also note that the form element has the method attribute set to post. (There are two widely used methods: post and get.

Create PHP to display submitted data

The action.php page contains the following code (note that the code has both HTML and PHP):

Hi <?php echo htmlspecialchars($_POST['name']); ?>.
You are <?php echo (int)$_POST['age']; ?> years old.

There are two PHP code islands (blocks of PHP code), mixed with HTML.

Both code islands use the echo statement to generate ("echo") text which will be sent to the user:

The first code island looks like this:

<?php echo htmlspecialchars($_POST['name']); ?>

This PHP code refers to the data received from the web form input named "name", like this: $_POST['name']

The PHP function htmlspecialchars() converts "special characters" (preventing user from submitting HTML, which could be a security risk).

The second PHP code island looks like this:

<?php echo (int)$_POST['age']; ?>

The (int) indicates an integer (numeric value).

This PHP code refers to the data received from the web form input named "age":

$_POST['age']

Results

When the user fills out and the submits the web form, the action.php page will display something like this:

Hi Joe. You are 22 years old.

Matching web form inputs with PHP

It is critical to match up the name of the web form inputs ("name", "age") with the $_POST[] references ($_POST['name'], $_POST['age']).

Similarly, if your web form has an input named "favorite_color", your PHP page should say $_POST['favorite_color'].

Do not use spaces in the names of your inputs.

Complete web form page

The complete web form page might look something like this:

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8"/>	
		<title>Web forms and PHP</title>
	</head>
	<body>
		<h1>Web forms and PHP</h1>
		<form action="action.php" method="post">
		 <p>Your name: <input type="text" name="name" /></p>
		 <p>Your age: <input type="text" name="age" /></p>
		 <p><input type="submit" /></p>
		</form>
	</body>
</html>

Complete PHP page

The complete PHP page might look something like this:

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8"/>	
		<title>Web forms and PHP</title>
	</head>
	<body>
		<h1>Display submitted data</h1>
		Hi <?php echo htmlspecialchars($_POST['name']); ?>.
		You are <?php echo (int)$_POST['age']; ?> years old.
	</body>
</html>

See also

External links