Working with HTML Forms in PHP
Posted The: 20/10/2008 At: 17:24
Normal HTML Forms are used when submitting messages in guestbooks, and forums. They are also useful when creating password protected areas of a site.
Name Example
The below form is used to submit your name to a PHP Script, the script will then handle and display the name in your browser.
The name attribute on the input elements is the name of the $_POST arrays in PHP.
<form action="action.php" method="post"> <p>Your name: <input type="text" name="name"></p> <p>Your last name: <input type="text" name="last"></p> <p><input type="submit"></p> </form>
The PHP Script would then be named action.php, and its content would be:
<p>Hello <?php echo $_POST['name'] . $_POST['last']; ?></p>
Regular Expression
Of cause this wouldn't be very secure, since the user could inject JavaScript into your page. There are a number of solutions to this, the one i like the most is to use a Regular Expression to get rid of special characters. So we add the following to the code:
if ((preg_match("/^[a-zA-Z]{3,100}$/D", $_POST['name'])) && (preg_match("/^[a-zA-Z]{3,100}$/D", $_POST['last']))) {
<p>Hello <?php echo $_POST['name'] . $_POST['last']; ?></p>
}Above regular expression [a-zA-Z] allows the string to contain both the uppercase and lowercase characters A to Z, while the {3,100} part tells that the string must be between 3 to 100 characters in length.
Htmlspecialchars Function
Those who don't like regular expressions can use this function, this will automatically convert some characters with special meaning, to their HTML entities.
<p>Hello <?php echo htmlspecialchars($_POST['name']) . htmlspecialchars($_POST['last']); ?></p>
The posted data was accessed through the $_POST superglobal, which will contain all post data. You can also submit using the get method in your form, in that case you simply use the $_GET superglobal instead.
Radio Buttons
A few ways of getting the value of Radiobuttons in PHP.
Getting the value of radio buttons is actually easy, each input should have a name assigned through the name attribute, we will use this in the $_POST array of PHP. So if we got the below form:
<form action="action.php" method="post"> <div><input type="radio" name="state" value="Active" checked="checked"><label>Active</label></div> <div><input type="radio" name="state" value="Inactive"><label>Inactive/Disabled</label></div> </form>
The PHP code used to get the value of the radio buttons would be:
<?php
if ($_POST['state'] == 'Active'){
/* Do stuff Here */
} else {
/* If state was either inactive or not Selected */
}
?>We can then make a choice based opon if the radio button was checked, and/or which one that where checked.
You can also use the isset function to check if a field was left empty, this is done like below:
<?php
if (isset($_POST['state']) {
/* A Radio button was Selected */
} else {
/* A Radio button was not Selected
so we exit the script without action. */
echo 'Please make a Choice!';
exit();
}
?>If the checkbox was left empty, we simply tell the user to make a choice, and exit the script whitout action.
Comments: [0]
